||Gray Hat Hacking, 5th Edition|
Fortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 13 new chapters, Gray Hat Hacking, The Ethical Hacker's Handbook, Fifth Edition explains the enemy's current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-try testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, and cyber law are thoroughly covered in this state-of-the-art resource. And the new topic of exploiting the Internet of things is introduced in this edition.
Build and launch spoofing exploits with Ettercap; Induce error conditions and crash software using fuzzers; Use advanced reverse engineering to exploit Windows and Linux software; Bypass Windows Access Control and memory protection schemes; Exploit web applications with Padding Oracle Att ...
||Python For Offensive PenTest|
Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script.
This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment.
By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch. ...
||Learn Social Engineering|
This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates.
Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware.
By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks.
All in all, the book covers social engineering from A to Z, along with excerpts from many world wide known security experts. ...
||Attacking Network Protocols|
Attacking Network Protocols is a deep dive into network protocol security from James Forshaw, one of the world's leading bug hunters. This comprehensive guide looks at networking from an attacker's perspective to help you discover, exploit, and ultimately protect vulnerabilities.
You'll start with a rundown of networking basics and protocol traffic capture before moving on to static and dynamic protocol analysis, common protocol structures, cryptography, and protocol security. Then you'll turn your focus to finding and exploiting vulnerabilities, with an overview of common bug classes, fuzzing, debugging, and exhaustion attacks.
Learn how to: Capture, manipulate, and replay packets; Develop tools to dissect traffic and reverse engineer code to understand the inner workings of a network protocol; Discover and exploit vulnerabilities such as memory corruptions, authentication bypasses, and denials of service; Use capture and analysis tools like Wireshark and develop your ow ...
||Gray Hat C#|
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you'll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices.
After a crash course in C# and some of its advanced features, you'll learn how to: Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads; Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections; Write a .NET decompiler for OS X and Linux; Parse and read offline registry hives to dump system information; Automate the security tools Arachni and Metasploit using their MSGPACK RPCs.
Streamline and simplify your workday by making the most of C#'s extensive repertoire of powerful tools and libraries with Gray Hat C#. ...
||The Hardware Hacker|
For over a decade, Andrew "bunnie" Huang, one of the world's most esteemed hackers, has shaped the fields of hacking and hardware, from his cult-classic book Hacking the Xbox to the open-source laptop Novena and his mentorship of various hardware startups and developers. In The Hardware Hacker, Huang shares his experiences in manufacturing and open hardware, creating an illuminating and compelling career retrospective.
Huang's journey starts with his first visit to the staggering electronics markets in Shenzhen, with booths overflowing with capacitors, memory chips, voltmeters, and possibility. He shares how he navigated the overwhelming world of Chinese factories to bring chumby, Novena, and Chibitronics to life, covering everything from creating a Bill of Materials to choosing the factory to best fit his needs.
Through this collection of personal essays and interviews on topics ranging from the legality of reverse engineering to a comparison of intellectual property practices b ...
||Hacking Exposed Malware & Rootkits, 2nd Edition|
Thwart debilitating cyber-attacks and dramatically improve your organization's security posture using the proven defense strategies in this thoroughly updated guide. Hacking Exposed Malware and Rootkits: Security Secrets & Solutions, Second Edition fully explains the hacker's latest methods alongside ready-to-deploy countermeasures. Discover how to block pop-up and phishing exploits, terminate embedded code, and identify and eliminate rootkits. You will get up-to-date coverage of intrusion detection, firewall, honeynet, antivirus, and anti-rootkit technology.
Learn how malware infects, survives, and propagates across an enterprise; See how hackers develop malicious code and target vulnerable systems; Detect, neutralize, and remove user-mode and kernel-mode rootkits; Use hypervisors and honeypots to uncover and kill virtual rootkits; Defend against keylogging, redirect, click fraud, and identity theft; Block spear phishing, client-side, and embedded-code exploits; Effectively deploy ...
||Hacking Exposed Industrial Control Systems|
This hands-on guide exposes the devious methods cyber threat actors use to compromise the hardware and software central to petroleum pipelines, electrical grids, and nuclear refineries. Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets and Solutions shows, step-by-step, how to implement and maintain an ICS-focused risk mitigation framework that is targeted, efficient, and cost-effective. The book arms you with the skills necessary to defend against attacks that are debilitating? and potentially deadly. See how to assess risk, perform ICS-specific threat modeling, carry out penetration tests using "ICS safe" methods, and block malware. Throughout, the authors use case studies of notorious attacks to illustrate vulnerabilities alongside actionable, ready-to-deploy countermeasures.
Assess your exposure and develop an effective risk management plan; Adopt the latest ICS-focused threat intelligence techniques; Use threat modeling to create realistic risk scenario ...
||Foundations for Analytics with Python|
Many of Excel's 750 million users would like to do more with their data, such as repeating similar analyses over hundreds of files or combining the data in many files for analysis at one time. This practical guide shows ambitious non-programmers how to automate and scale data processing and analysis of different data formats with Python, using business-relevant examples with complete, easy-to-read code.
Beginning with the basics of Python, author Clinton Brownley shows you how to deal with Excel, CSV, and text files in Python, leading up to scheduling scripts to automatically gather and process information without human intervention. More practical than many other introductions to Python, this book gives you skills you can immediately apply in your job. ...
We're surrounded with a myriad of communication tools: email, Skype, Twitter, Facebook, and Snapchat, to name a few. Slack is a newer communication tool, borrowing IRC concepts and transcending them with an intuitive interface that allows countless customizations and integrations—from other communication tools to bots, Kayak, Google, Hacker News, and more. Slack glues together all of your favorite applications, and if there isn't something already available to fit your needs, you can hack your own solution.
This practical book provides you with hacks to use Slack efficiently and adapt it to your company and your community. It discusses Slack integrations, covering both IFTTT and Zapier. Going deeper into Slack customization, the book also shows how you can build your own applications and Slack bots by giving you some examples using different tools and frameworks to hack your custom workflow. ...