Thursday, April 16, 2009

The Rootkit Arsenal

With the growing prevalence of the Internet, rootkit technology has taken center stage in the battle between White Hats and Black Hats. Adopting an approach that favors full disclosure, The Rootkit Arsenal presents the most accessible, timely, and complete coverage of rootkit technology. This book covers more topics, in greater depth, than any other currently available. In doing so the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.

The spectrum of topics covered includes how to:

* Hook kernel structures on multi-processor systems
* Use a kernel debugger to reverse system internals
* Inject call gates to create a back door into Ring-0
* Use detour patches to sidestep group policy
* Modify privilege levels on Vista by altering kernel objects
* Utilize bootkit technology
* Defeat live incident response and post-mortem forensics
* Implement code armoring to protect your deliverables
* Establish covert channels using the WSK and NDIS 6.0


No comments: