Windows Registry Forensics: Advanced Digital Forensic Analysis of the Windows Registry, Second Edition, provides the most in-depth guide to forensic investigations involving Windows Registry. This book is one-of-a-kind, giving the background of the Registry to help users develop an understanding of the structure of registry hive files, as well as information stored within keys and values that can have a significant impact on forensic investigations. Tools and techniques for post mortem analysis are discussed at length to take users beyond the current use of viewers and into real analysis of data contained in the Registry. This second edition continues a ground-up approach to understanding so that the treasure trove of the Registry can be mined on a regular and continuing basis.Named a Best Digital Forensics Book by InfoSec ReviewsPacked with real-world examples using freely available open source toolsProvides a deep explanation and understanding of the Windows Registry―perhaps the least understood and employed source of information within Windows systemsIncludes a companion website that contains the code and author-created tools discussed in the bookFeatures updated, current tools and techniquesContains completely updated content throughout, with all new coverage of the latest versions of Windows
As more corporations turn to Hadoop to store and process their most valuable data, the risk of a potential breach of those systems increases exponentially. This practical book not only shows Hadoop administrators and security architects how to protect Hadoop data from unauthorized access, it also shows how to limit the ability of an attacker to corrupt or modify data in the event of a security breach.
Authors Ben Spivey and Joey Echeverria provide in-depth information about the security features available in Hadoop, and organize them according to common computer security concepts. You’ll also get real-world examples that demonstrate how you can apply these concepts to your use cases.Understand the challenges of securing distributed systems, particularly HadoopUse best practices for preparing Hadoop cluster hardware as securely as possibleGet an overview of the Kerberos network authentication protocolDelve into authorization and accounting principles as they apply to HadoopLearn how to use mechanisms to protect data in a Hadoop cluster, both in transit and at restIntegrate Hadoop data ingest into enterprise-wide security architectureEnsure that security architecture reaches all the way to end-user access
The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:
1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.
Continue reading “Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals”
Is Cryptography what you want to learn? Always wondered about its history from Modern to Traditional Cryptography? Does it interest you how Cryptosystems work?
Purchase Cryptography to discover everything you need to know about it!
Continue reading “Cryptography & Malware”
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.
Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.
Continue reading “Buffer Overflow Attacks: Detect, Exploit, Prevent”