Reddit reviews Windows Internals, Part 1 (Developer Reference)
We found 13 Reddit comments about Windows Internals, Part 1 (Developer Reference). Here are the top ones, ranked by their Reddit score.
This book covers rootkit development, not analysis, on Windows 7 and x86/IA32. It's a must read, if you're interested in rootkits.
While not yet released, it looks very promising. Over the years, Microsoft has continually introduced better protections against rootkits and malware in Windows. Among other things, the book will cover how some of the rootkits/bootkits seen in the wild have bypassed protections such as Secure Boot, kernel-mode signing, Patch Guard and Device Guard.
I'd also recommend having a look at the following books:
Also, Windows Internals for both Windows 7 and Windows 10 is a great reference to have laying around.
Windows Internals is among, if not the best, book on the Windows OS imo.
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189/ref=asap_bc?ie=UTF8
It won't teach you explicit "hacking" procedures but it will explain details at a very low/in depth level. I have the 5th & 6th addition, need to pick up the 7th myself (they basically follow major OS releases)
It’s gonna be hard to give you much without picking a specific OS—details can vary widely even within a single OS family line—but an OS book is probably a good place to start. Tanenbaum’s book is the go-to.
Alternatively, there are books on specific techniques like garbage collection, or books more generally on programming for UNIX/POSIX/Linux or Windows (via Win16/32/64 API, not the six-mile-high shitheap piled atop), which would tell you some about how memory management works in down at least to whatever abstract hardware interface the kernel uses.
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189/
The closest book I’m aware of is the Windows Internals series. 7th edition covers windows 10 1607 and windows server 2016. Here’s a link to the book on Amazon US.
The guys writing it are a Microsoft MVP, a low level systems expert who teaches the windows internal course around the world, and the chief technology officer of Microsoft Azure.
It’s probably the most comprehensive book you’ll find on the subject.
Windows Internals Pt 1
I've not read it, but Windows Internals occasionally gets a mention. Now at 7th edition. There is a soon to be released part II.
As annoying as it is (given Windows doesn't make this completely clear), he is right. If you or anyone else wants to know more about how Windows manages memory, I'd suggest getting this: https://www.amazon.co.uk/dp/0735684189/
In that case...
You may want to wait for the 5th edition of UNIX and Linux System Administration, as it should release near the end of this year and they don't release new versions that often.
A good way to get started building a college library is to see what the curriculum for the school is and what books are required by professors. Often other colleges will list their book recommendations for the courses online to get an idea of where to start looking. (I know my school has an online bookstore that lists the books for each course and is open to the public)
At least one or two good books in each of those categories, to get a rough idea to start:
C, C++, Java, Python and Ruby are popular to start with
https://www.amazon.com/Advanced-Programming-UNIX-Environment-3rd/dp/0321637739
https://www.amazon.com/Programming-Paperback-Addison-Wesley-Microsoft-Technology/dp/0134382250
you already have a couple here
https://www.amazon.com/Artificial-Intelligence-Modern-Approach-3rd/dp/0136042597
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189 (coming soon)
Edit: On second thought, pretty much every college teaches system programming on linux - so perhaps just the linux texts would be adequate for that.
Okay so there are a couple of good places to start with malware. The first is Malware Analyst's Cookbook. It is a pretty decent beginner level resource.
From there, Practical Malware Analysis is excellent and goes a lot deeper.
For free resources I've heard good things about Dr. Fu's Malware Analysis Tutorials.
You will need to have a strong understanding of reverse engineering. I like Practical Reverse Engineering or Reverse Engineering for Beginners. The latter is free.
With RE comes assembly. I learned from the free book PC Assembly Language. The RE books should have some info on assembly as well.
You should also know the systems programming API and OS internals for whatever OS you're interested in. This is most likely Windows, so I recommend Windows System Programming and Windows Internals. You can find similar books for Linux and macOS too. Having a good understanding of C and C++ is helpful for this. Also get comfortable using your assembly level debugger on your OS of choice. WinDBG, x64dbg, and OllyDBG are all good on Windows. GDB is pretty much the default on Linux, and LLDB on macOS.
I also highly recommend some scripting language, whether it's Python, Ruby, Powershell or whatever for hacking up your own tools.
Lastly, there is a list on GitHub with a ton of helpful links.
I think that's enough for now.
As far as demand it's hard to say and probably depends a lot on where you're from. It's certainly not like the demand for webdevs but there's also not nearly as many people with the skillset. I'm not a malware analyst myself, I'm more focused on security research and embedded development.
I know those skills are especially high in demand around the Washington, DC area with defense contractors and government agencies. Especially if you can get a security clearance. Most other security firms I know of are always looking for good people with strong reversing and OS internals knowledge.
Let me know if you have any questions and I will try to answer.
The W10 kernel is proprietary, afaik there aren't any infographics that explain how it or its subsystems work.
There is a Microsoft Press book for developers that may provide some help though it does make a point to mention that Internals are subject to change without notice. The book is called Windows Internals, and the latest version, 7th Edition (Part 1) has a section on the I/O subsystem. [Amazon Link]
This really isn't a linux question though.
A+ and Net+ and all the other +-certs are entry level. CCNA is entry level, and 70-680 is entry level.
Something to consider is that everyone has certs these days, so the certs you get must make you better than "everyone".
For example, CCNP is a rather high-end cert. You don't see a lot of CVs with this on, because people with this cert only need a Linkedin page, and the offers will come in endless streams.
MCSE is absolutely good to have if you want to go anywhere in a Microsoft environment, though Microsoft doesn't really do high-end certs anymore, so the only thing you can really aim for with an MCSE is an MVP award, but that does take some serious effort.
WCNA is worth some brownie points in the right places.
You should also supplement certs with in-depth knowledge, and recommended practices, for example,
I can't really help much with regards to Linux though. It's not really my area.
I'm not too sure if this is the sort of answer you're looking for because it appears that you are pretty new to all this but...
If you read these books, then you will know everything you need (ranked by reward to required effort ratio):
https://www.amazon.com/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
https://www.amazon.com/Practical-Reverse-Engineering-Reversing-Obfuscation/dp/1118787315
https://www.amazon.com/Windows-Internals-Part-architecture-management/dp/0735684189
However, the books might be pretty difficult to understand with how much you currently know.