Essential Skills for Hackers

Amazon Price: N/A (as of May 27, 2017 04:05 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Essential Skills for Hackers is about the skills you need to be in the elite hacker family.

The book will mainly about two things: TCP/IP 101, and Protocol Analysis. The better the hacker, the more we will be able to master TCP/IP. Once the reader understands what TCP/IP is, what it looks like, the book will go into Protocol Analysis and how analyzing the protocol or, in a more general sense, looking at packets on the wire, we will be able to determine what exactly is taking place on a network. By doing this, readers can identify when something on the network doesn’t match what it should and, more importantly, can create any type of sequence of events or packets that they want on the network and see how the defenses or the machines that we send them to react.
Continue reading “Essential Skills for Hackers”

Cyber Defense and Situational Awareness (Advances in Information Security)

Amazon Price: $179.00 $179.00 (as of May 26, 2017 22:05 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

This book is the first publication to give a comprehensive, structured treatment to the important topic of situational awareness in cyber defense. It presents the subject in a logical, consistent, continuous discourse, covering key topics such as formation of cyber situational awareness, visualization and human factors, automated learning and inference, use of ontologies and metrics, predicting and assessing impact of cyber attacks, and achieving resilience of cyber and physical mission. Chapters include case studies, recent research results and practical insights described specifically for this book. Situational awareness is exceptionally prominent in the field of cyber defense. It involves science, technology and practice of perception, comprehension and projection of events and entities in cyber space. Chapters discuss the difficulties of achieving cyber situational awareness – along with approaches to overcoming the difficulties – in the relatively young field of cyber defense where key phenomena are so unlike the more conventional physical world. Cyber Defense and Situational Awareness is designed as a reference for practitioners of cyber security and developers of technology solutions for cyber defenders. Advanced-level students and researchers focused on security of computer networks will also find this book a valuable resource.

Proactive Botnet Detection: Through Characterization of Distributed Denial of Service Attacks

Rating: 
Amazon Price: $5.90 $5.90 (as of May 27, 2017 08:13 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

In this quantitative quasi-experimental study two distributed denial of service attacks were captured and the characteristics of the attacks were used to detect botnets by identifying egressing distributed denial of service attack packets at the source of the attack. A sample Dark DDoSer botnet was constructed and used to launch a distributed denial of service attack. The characteristics of the distributed denial of service attacks were used as the independent variables in a quasi-experiment where network traffic was monitored with Snort to detect DDoS packets. The dependent variable for the experiment was false positive alerts for the DDoS packets. The findings showed that the characteristics of a distributed denial of service attack can be used to pro-actively detect botnets through egress monitoring.

Bulletproof SSL and TLS: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Rating: 
Amazon Price: $60.00 $48.00 You save: $12.00 (20%). (as of May 27, 2017 01:26 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.

In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done:
Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital versionFor IT security professionals, help to understand the risksFor system administrators, help to deploy systems securelyFor developers, help to design and implement secure web applicationsPractical and concise, with added depth when details are relevantIntroduction to cryptography and the latest TLS protocol versionDiscussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilitiesCoverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and HeartbleedThorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinningGuide to using OpenSSL to generate keys and certificates and to create and run a private certification authorityGuide to using OpenSSL to test servers for vulnerabilitiesPractical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and TomcatThis book is available in paperback and a variety of digital formats without DRM. Digital version of Bulletproof SSL and TLS can be obtained directly from the author, at feistyduck.com.

Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals: Reverse Engineering Exploits and Tool Coding for Security Professionals

Rating: 
Amazon Price: N/A (as of May 27, 2017 03:55 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:

1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.
Continue reading “Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals: Reverse Engineering Exploits and Tool Coding for Security Professionals”