Subjects / Malware analysis

Best books to learn Malware analysis, in order

Malware analysis sits on top of reverse engineering, so the order is strict: assembly and OS internals first, then static and dynamic analysis in a safe lab, then advanced topics like unpacking, evasion, and behavioral profiling. Skipping the fundamentals leaves you running samples you can't actually read, so a good path builds the lab discipline and low-level literacy before the adversarial cat-and-mouse that defines the field.

Build your own Malware analysis list →Browse all paths

Reading paths for malware analysis

Popular malware analysis books

Related reading

Frequently asked questions

How should I approach learning malware analysis?
Malware analysis sits on top of reverse engineering, so the order is strict: assembly and OS internals first, then static and dynamic analysis in a safe lab, then advanced topics like unpacking, evasion, and behavioral profiling. Skipping the fundamentals leaves you running samples you can't actually read, so a good path builds the lab discipline and low-level literacy before the adversarial cat-and-mouse that defines the field.
What's a good book to start malware analysis with?
A strong starting point is Rootkits by Greg Hoglund. The ordered reading paths above show exactly where it fits and what to read next.
What should I read after malware analysis?
Once you have the fundamentals, explore closely related subjects like Assembly language programming, MATLAB, Software testing and QA.

Related subjects