First off, I am not a malware reverse engineer. Yes, I do have some experience working with malware, but not to the level that reverse engineers (RE) such as the authors tend to operate. I work with some really smart folks who do malware reverse engineering all the time, and they're very, very good at it. As such, during IR or digital forensics analysis, I tend to exchange information with the RE folks, providing what I've found and then taking what they find, and performing iterative analysis. I've found over time that this approach provides a much more in-depth analysis than the sum of it's parts.
That being said, weighing in at a hefty 18 chapters, the Cookbook covers a wide range of topics specific to reverse engineering and analyzing malware, from anonymizing your research activities to honeypots to malware classification and automated analysis and beyond. Throughout the book, the authors present "recipes" for using various tools (many of which are open-source) to solve specific problems. For example, chapter 3 includes several recipes involving YARA, an open-source, Python-based tool for identifying and classifying malware. Many other popular tools are also used, including ssdeep, Didier's PDF tools, and even RegRipper. Chapter 15 goes discusses effectively using Volatility for memory analysis. Many of the examples provided in the book are based on the real-world experiences of the authors, lending considerable credence and value to the demonstrated skills and information imparted.
Chapter 10 is near and dear to my heart, not only due to the discussion of ADSs, but also due the fact that the authors wrote their own RegRipper plugins!
Much of what's in the Cookbook goes beyond commercially available applications and clearly demonstrates the use of Python- (or Perl-) based open source tools that accomplish specific objectives. The cookbook even goes so far as to explain and demonstrate how different malware-related activities are performed, as well as how they can be detected.
I have to say that reading through the Cookbook gave me a new appreciation for what malware reverse engineers do. I also walk away from the book with a better understanding, not only of how to look for malware during IR/DF activities, but also how to better provide information and data to our reverse engineer once I've found it. I also walk away from it knowing that I'll be back. With more study and practice, I'm sure I can do some modicum of malware analysis beyond what I already do, and while I know that I'll never be at the level of the authors, I thank them for a truly exemplary and valuable resource. If I didn't already have it, this Cookbook would be on my Christmas wishlist...at the very top!