DNS Security: Hacking and Defending the Domain Name System

Rating: 
Amazon Price: $49.95 $44.35 You save: $5.60 (11%). (as of August 22, 2017 06:45 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

DNS Security: Hacking and Defending the Domain Name System provides tactics on how to secure a Domain Name System (DNS) framework by exploring common DNS vulnerabilities using real-world examples of DNS exploits and providing step-by-step guidelines for securing the infrastructure.

The book is a timely reference as DNS is an integral part of the Internet that translates IP addresses into easily remembered domain names. The book focuses entirely on the security aspects of DNS, combining internal and external data to analyze and effectively prioritize network threats. It shows how to build a security infrastructure based around intelligence, demonstrating how theory can work in real-life situations. Presents a multi-platform approach, covering Linux, BSD, and Windows DNS security tipsDemonstrates how to implement DNS Security tools, including numerous screen shots and configuration examplesProvides a timely reference on DNS, an integral part of the Internet that translates IP addresses into easily remembered domain namesIncludes information of interest to those working in 4DNS, authoritative services, BIND files, buffer overflows, DDoS Attacks, firewalls, transaction signatures, and version control, amongst other topics

Google Hacking for Penetration Testers: 2

Rating: 
Amazon Price: N/A (as of August 23, 2017 00:39 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book helps people find sensitive information on the Web.

Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police their own organizations.
Continue reading “Google Hacking for Penetration Testers: 2”

The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws

Rating: 
Amazon Price: N/A (as of August 22, 2017 04:36 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The highly successful security book returns with a new edition, completely updated

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks
Continue reading “The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws”

Cyber Security: An Introduction for Non-Technical Managers

Amazon Price: N/A (as of March 6, 2016 22:03 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Cyber security involves protecting organisations from cyber risks, the threats to organisations caused by digital technology. These risks can cause direct damage to revenues and profits as well as indirect damage through reduced efficiency, lower employee morale, and reputational damage.
Cyber security is often thought to be the domain of specialist IT professionals however, cyber risks are found across and within organisations. Unfortunately, many managers outside IT feel they are ill equipped to deal with cyber risks and the use of jargon makes the subject especially hard to understand. For this reason cyber threats are worse than they really need to be.

The reality is that the threat from cyber risks is constantly growing, thus non-technical managers need to understand and manage it. As well as offering practical advice, the author guides readers through the processes that will enable them to manage and mitigate such threats and protect their organisations.

Cuckoo Malware Analysis

Rating: 
Amazon Price: $37.99 $34.19 You save: $3.80 (10%). (as of August 22, 2017 18:16 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Analyze malware using Cuckoo Sandbox
Overview Learn how to analyze malware in a straightforward way with minimum technical skills Understand the risk of the rise of document-based malware Enhance your malware analysis concepts through illustrations, tips and tricks, step-by-step instructions, and practical real-world scenarios
In Detail
Cuckoo Sandbox is a leading open source automated malware analysis system. This means that you can throw any suspicious file at it and, in a matter of seconds, Cuckoo will provide you with some detailed results outlining what said file did when executed inside an isolated environment.
Cuckoo Malware Analysis is a hands-on guide that will provide you with everything you need to know to use Cuckoo Sandbox with added tools like Volatility, Yara, Cuckooforcanari, Cuckoomx, Radare, and Bokken, which will help you to learn malware analysis in an easier and more efficient way.
Cuckoo Malware Analysis will cover basic theories in sandboxing, automating malware analysis, and how to prepare a safe environment lab for malware analysis. You will get acquainted with Cuckoo Sandbox architecture and learn how to install Cuckoo Sandbox, troubleshoot the problems after installation, submit malware samples, and also analyze PDF files, URLs, and binary files. This book also covers memory forensics – using the memory dump feature, additional memory forensics using Volatility, viewing result analyses using the Cuckoo analysis package, and analyzing APT attacks using Cuckoo Sandbox, Volatility, and Yara.
Finally, you will also learn how to screen Cuckoo Sandbox against VM detection and how to automate the scanning of e-mail attachments with Cuckoo.
What you will learn from this book Get started with automated malware analysis using Cuckoo Sandbox Use Cuckoo Sandbox to analyze sample malware Analyze output from Cuckoo Sandbox Report results with Cuckoo Sandbox in standard form Learn tips and tricks to get the most out of your malware analysis results
Approach
This book is a step-by-step, practical tutorial for analyzing and detecting malware and performing digital investigations. This book features clear and concise guidance in an easily accessible format.
Who this book is written for
Cuckoo Malware Analysis is great for anyone who wants to analyze malware through programming, networking, disassembling, forensics, and virtualization. Whether you are new to malware analysis or have some experience, this book will help you get started with Cuckoo Sandbox so you can start analysing malware effectively and efficiently.