Das Buch verhilft Lesern dazu, das eigene Netz mit den Augen des Angreifers zu sehen – um seine Techniken zu verstehen und um sich besser schützen zu können. Anhand von Python-Codebeispielen erläutert der Autor Themen wie Passwort Sniffing, ARP Poisoning, DNS Spoofing, SQL Injection, Google Hacking, WEP Cracking und WLAN Hacking. Zu jedem Gebiet stellt er außerdem ein Open-Source-Projekt in Python vor und behandelt darüber hinaus auch klassische Verteidigungsverfahren wie Intrusion-Detection-Systeme, Intrusion Prevention und Logfile-Analyse.
Fraud poses a significant threat to the Internet. 1.5% of all online advertisements attempt to spread malware. This lowers the willingness to view or handle advertisements, which will severely affect the structure of the web and its viability. It may also destabilize online commerce. In addition, the Internet is increasingly becoming a weapon for political targets by malicious organizations and governments. This book will examine these and related topics, such as smart phone based web security. This book describes the basic threats to the Internet (loss of trust, loss of advertising revenue, loss of security) and how they are related. It also discusses the primary countermeasures and how to implement them.
Learn everything you need to know to become a professional security and penetration tester. It simplifies hands-on security and penetration testing by breaking down each step of the process so that finding vulnerabilities and misconfigurations becomes easy. The book explains how to methodically locate, exploit, and professionally report security weaknesses using techniques such as SQL-injection, denial-of-service attacks, and password hacking.
Although From Hacking to Report Writing will give you the technical know-how needed to carry out advanced security tests, it also offers insight into crafting professional looking reports describing your work and how your customers can benefit from it. The book will give you the tools you need to clearly communicate the benefits of high-quality security and penetration testing to IT-management, executives and other stakeholders. Embedded in the book are a number of on-the-job stories that will give you a good understanding of how you can apply what you have learned to real-world situations.
Continue reading “From Hacking to Report Writing: An Introduction to Security and Penetration Testing”
Methodisch sauber eingesetztes Hacker-Wissen, das die Informationssicherheit Ihres Unternehmens erhöhen soll. So beauftragen Sie den "Hacker" Ihrer Wahl, bevor es unerlaubt jemand anderes tut. Mit diesem Buch erfahren Sie, wie es geht. Die Realisierung von Pen-Tests, die systematische Schwachstellenanalyse, die Wahl geeigneter Werkzeuge. Damit Sie im Ernstfall nicht als Verlierer dastehen: Von der Planung über die Vertragsgestaltung bis hin zur Realisierung.
Create appropriate, security-focused business propositions that consider the balance between cost, risk, and usability, while starting your journey to become an information security manager. Covering a wealth of information that explains exactly how the industry works today, this book focuses on how you can set up an effective information security practice, hire the right people, and strike the best balance between security controls, costs, and risks.
Practical Information Security Management provides a wealth of practical advice for anyone responsible for information security management in the workplace, focusing on the ‘how’ rather than the ‘what’. Together we’ll cut through the policies, regulations, and standards to expose the real inner workings of what makes a security management program effective, covering the full gamut of subject matter pertaining to security management: organizational structures, security architectures, technical controls, governance frameworks, and operational security.
Continue reading “Practical Information Security Management: A Complete Guide to Planning and Implementation”