In many penetration tests, there is a lot of useful information to be gathered from the radios used by organizations. These radios can include two-way radios used by guards, wireless headsets, cordless phones and wireless cameras. Wireless Reconnaissance in Penetration Testing describes the many ways that a penetration tester can gather and apply the information available from radio traffic. Stopping attacks means thinking like an attacker, and understanding all the ways that attackers gather information, or in industry terms profile, specific targets. With information from what equipment to use and how to find frequency information, to tips for reducing radio information leakage, to actual case studies describing how this information can be used to attack computer systems, this book is the go-to resource for penetration testing and radio profiling. Author Matthew Neely is a respected and well-known expert and speaker on radio reconnaissance and penetration testingIncludes real-world case studies of actual penetration tests using radio profilingCovers data leakage, frequency, attacks, and information gathering
Attention Business Owners, Executives, and Non-Technical Users: Cryptolocker Ransomware Guide For Safety is a book to help you learn about the Cryptolocker Ransomware virus and how it can take your business down and cost you serious money. Learn how you can keep it from ever affecting you and your business. This book is NOT written for the technical user that knows how to scour the Internet and Forums to find solutions. This book is a compilation of real-world experience along with accurate information on how to protect yourself. If you value your time and would like education on this serious threat, look no further.
The problem of modeling and detecting polymorphic engines shellcode is adressed in this book. By polymorphic engines, we mean programs having the ability to transform any piece of malware into many instances consisting of different code but having the same functionality as the original malware. Typically, polymorphic engines work by encrypting the target malware using various encryption techniques and providing a decryption module in order to execute the newly encrypted instance. Moreover, those engines have the ability to mutate their decryption routine making them unique from one instance to another and hard to detect. We propose a new concept of signatures, shape signatures, which cope with the highly mutated nature of those engines. The shape signatures try to identify the constant part as well as the mutated part of the deciphering routines. This combination is able to cope with the highly mutated nature of those engines in a much more efficient way compared to traditional signatures used in most intrusion detection systems. We also aim at modeling those polymorphic engines by showing that they exhibit a specific byte composition.
Digital Forensics with Open Source Tools is the definitive book on investigating and analyzing computer systems and media using open source tools. The book is a technical procedural guide, and explains the use of these tools on Linux and Windows systems as a platform for performing computer forensics. Both well known and novel forensic methods are demonstrated using command-line and graphical open source computer forensic tools for examining a wide range of target systems and artifacts.
Written by world-renowned forensic practitioners Details core concepts and techniques of forensic file system analysisCovers analysis of artifacts from the Windows, Mac, and Linux operating systems