Gray hat hacking : the ethical hacker's handbook
1 online resource (1 volume) : This fourth edition explains the enemy's current weapons, skills, and tactics, and offers field-tested remedies, case studies, and ready-to-deploy testing labs. You will learn how to build and launch spoofing exploits with Ettercap and Evilgrade; induce error conditions and crash software using fuzzers; hack Cisco routers, switches, and network hardware; use advanced reverse engineering to exploit Windows and Linux software; bypass Windows Access Control and memory protection schemes; scan for flaws in Web applications; utilize use-after-free technique used in recent zero days; bypass Web authentication; inject your shellcode into a browser's memory using the latest Heap Spray techniques; hijack Web browsers with Metasploit and the BeEF Injection Framework; neutralize ransomware before it takes control of your desktop; dissect Android malware with JEB and DAD decompilers; and find one-day vulnerabilities with binary diffing. -- Description based on print version record Includes bibliographical references and index Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Preface -- Acknowledgments -- Introduction -- Part I Crash Course: Preparing for the War -- Chapter 1 Ethical Hacking and the Legal System -- Why You Need to Understand Your Enemy's Tactics -- Recognizing Trouble When It Happens -- The Ethical Hacking Process -- The Penetration Testing Process -- What Would an Unethical Hacker Do Differently? -- The Rise of Cyberlaw -- Understanding Individual Cyberlaws -- The Controversy of "Hacking" Tools -- Vulnerability Disclosure -- Different Teams and Points of View How Did We Get Here? -- CERT's Current Process -- Organization for Internet Safety -- Conflicts Will Still Exist -- "No More Free Bugs" -- Bug Bounty Programs -- Summary -- References -- For Further Reading -- Chapter 2 Programming Survival Skills -- C Programming Language -- Basic C Language Constructs -- Sample Program -- Compiling with gcc -- Computer Memory -- Random Access Memory (RAM) -- Endian -- Segmentation of Memory -- Programs in Memory -- Buffers -- Strings in Memory -- Pointers -- Putting the Pieces of Memory Together -- Intel Processors -- Registers -- Assembly Language Basics Machine vs. Assembly vs. C -- AT&T vs. NASM -- Addressing Modes -- Assembly File Structure -- Assembling -- Debugging with gdb -- gdb Basics -- Disassembly with gdb -- Python Survival Skills -- Getting Python -- Hello World in Python -- Python Objects -- Strings -- Numbers -- Lists -- Dictionaries -- Files with Python -- Sockets with Python -- Summary -- References -- For Further Reading -- Chapter 3 Static Analysis -- Ethical Reverse Engineering -- Why Bother with Reverse Engineering? -- Reverse Engineering Considerations -- Source Code Analysis -- Source Code Auditing Tools The Utility of Source Code Auditing Tools -- Manual Source Code Auditing -- Automated Source Code Analysis -- Binary Analysis -- Manual Auditing of Binary Code -- Automated Binary Analysis Tools -- Summary -- For Further Reading -- Chapter 4 Advanced Analysis with IDA Pro -- Static Analysis Challenges -- Stripped Binaries -- Statically Linked Programs and FLAIR -- Data Structure Analysis -- Quirks of Compiled C++ Code -- Extending IDA Pro -- Scripting in IDAPython -- Example 4-1: Decrypting Strings in Place -- Executing Python Code -- Summary -- For Further Reading -- Chapter 5 World of Fuzzing Introduction to Fuzzing -- Choosing a Target -- Input Types -- Ease of Automation -- Complexity -- Types of Fuzzers -- Mutation Fuzzers -- Generation Fuzzers -- Getting Started -- Finding the Fuzzing Templates -- Lab 5-1: Collecting Samples from the Internet Archive -- Choosing the Optimal Template Set with Code Coverage -- Lab 5-2: Selecting the Best Samples for Fuzzing -- Peach Fuzzing Framework -- Peach Fuzzing Strategies -- Speed Does Matter -- Crash Analysis -- Lab 5-3: Mutation Fuzzing with Peach -- Other Mutation Fuzzers -- Generation Fuzzers -- Summary -- For Further Reading
نسخة ورقية
كتب أخرى
ERIC ED396665: Recreating the Revolution. Proceedings of the Annual National Educational Computing Conference (15th, Boston, Massachusetts, June 13-15, 1994).
These conference proceedings address the capabilities of technology in education. Papers and summaries of presentations are provided on topics such as: grants for educational technologies; telecomputing and electronic...
رحلة تدبر في رحاب القرآن - مشعل عبد العزيز الفلاحي
رحلة تدبر في رحاب القرآن - مشعل عبد العزيز الفلاحي
النفيس في معاني الأسماء وبيان الأعلام بتفسير القرآن - محمد محمود سعيد
النفيس في معاني الأسماء وبيان الأعلام بتفسير القرآن - محمد محمود سعيد
مدخل إلى وسائل الإعلام الإلكتروني والفضائي
مدخل إلى وسائل الإعلام الإلكتروني والفضائيتأليف : رضوان مفلح العلي وآخرون الناشر : دار الحامد للنشروالتوزيع الطبعة الأولى سنة النشر : 2016
Robert Sedgewick Kevin Daniel Wayne Algorithms ( 2011, Addison Wesley )
This fourth edition of Robert Sedgewick and Kevin Wayne’s Algorithms
is the leading textbook on algorithms today and is widely used in
colleges and universities worldwide. This book surveys the most
important compu...
FISHERIES REVIEW VOL.39,NO2, 1994
FISHERIES REVIEW VOL.39,NO2, 1994 — U.S. FISH AND WILDLIFE SERVICE