DSU Recommended Reading List

CSC 748 – Software Exploitation

The Art of Software Security Assessment (2 Volumes)
Mark Dowd, John McDonald, Justin Schuh 978-0-321-44442-4

• 1 – Software Security Fundamentals
• 2 – Design Review
• 5 – Memory Corruption
• 6 – C Language Issues
• 8 – Strings & Metacharacters
• 11 – Windows I: Objects and the File System
• 17 – Web Applications

Inside Windows Debugging
Tarik Soulami 978-0735662780

• 6 – Code Analysis Tools

Understanding Windows Shellcode

• http://www.hick.org/code/skape/papers/win32-shellcode.pdf

The Shellcoder’s Handbook
Chris Anley 978-0470080238

• 2 – Stack Overflows
• 3 – Shellcode
• 5 – Introduction to Heap Overflows
• 7 – Windows Shellcode
• 8 – Windows Overflows
• 9 – Overcoming Filters
• 14 – Protection Mechanisms
• 16 – Fault Injection
• 17 – The Art of Fuzzing
• 18 – Source Code Auditing

Understanding Windows Shellcode

INFA 732 – Malware Analysis

Practical Malware Analysis
Mike Sikorski ISBN-13: 978-1593272906

• 0 – Malware Analysis Primer
• 1 – Basic Static Techniques
• 2 – Malware Analysis in Virtual Machines
• 3 – Basic Dynamic Analysis
• 4 – A Crash Course in x86 Disassembly
• 5 – IDA Pro
• 6 – Recognizing C Code Constructs in Assembly
• 7 – Analyzing Malicious Windows Programs
• 8 – Debugging
• 11 – Malware Behavior
• 13 – Data Encoding
• 14 – Malware Focused Network Signatures
• 18 – Packers and Unpacking
• 19 – Shellcode Analysis

INFA 754 – Intrusion Detection

• Psychology of Intelligence Analysis by Richards Heuer
• Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains by Eric Hutchins, et al
• The Diamond Model of Intrusion Analysis by Sergio Caltagirone, et al
• MITRE ATT&CK: Design and Philosophy by Blake Strom, et al
• A Brief History of Attribution Mistakes by Sarah Jones
• Threat Intelligence Naming Conventions: Threat Actors, & Other Ways of Tracking Threats by Robert M. Lee
• Does a BEAR Leak in the Woods? by Toni Gidwani
• Cyber Intelligence Tradecraft Report – The State of Cyber Intelligence Practices in the US by Jared Ettinger
• The Cuckoo’s Egg by Cliff Stoll

CSC 846 – Advanced Malware

Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9

• 4 – Management Mechanisms

The IDA Pro Book
Chris Eagle 978-1-59327-289-0

• 21 – Obfuscated Code Analysis

Understanding Windows Shellcode

• http://www.hick.org/code/skape/papers/win32-shellcode.pdf

CSC 848 – Advanced Exploit

Windows Internals – Part 1
Mark Russinovich, et al 978-0-7356-4873-9

• 5 – Processes, Threads and Jobs

The IDA Pro Book
Chris Eagle 978-1-59327-289-0

• 22 – Vulnerability Analysis

The Shellcoder’s Handbook
Chris Anley 978-0470080238

• 2 – Stack Overflows
• 3 – Shellcode
• 5 – Introduction to Heap Overflows
• 7 – Windows Shellcode
• 8 – Windows Overflows
• 9 – Overcoming Filters
• 14 – Protection Mechanisms
• 27 – Hacking the Windows Kernel

Windows Internals – Part 2
Mark Russinovich, et al

• 8 – I/O System
• 10 – Memory Management
• 14 – Crash Dump Analysis

Understanding Windows Shellcode

• http://www.hick.org/code/skape/papers/win32-shellcode.pdf