CyberWar

Si Vis Pacem, Para Bellum

By

Penetration Tester’s Open Source Toolkit, Vol. 2

Penetration Tester's Open Source Toolkit, Vol. 2Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester’s toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

. Perform Network Reconnaissance
Master the objectives, methodology, and tools of the least understood aspect of a penetration test.
. Demystify Enumeration and Scanning
Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.
. Hack Database Services
Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.
. Test Web Servers and Applications
Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.
. Test Wireless Networks and Devices
Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.
. Examine Vulnerabilities on Network Routers and Switches
Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.
. Customize BackTrack 2
Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.
. Perform Forensic Discovery and Analysis with BackTrack 2
Use BackTrack in the field for forensic analysis, image acquisition, and file carving.
. Build Your Own PenTesting Lab
Everything you need to build your own fully functional attack lab.

Price: $59.95

Click here to buy from Amazon

By

Reverse Deception Organized Cyber Threat Counter-Exploitation

Reverse Deception Organized Cyber Threat Counter-ExploitationA complete guide to understanding and fighting advanced persistent threats—today’s most destructive risk to enterprise security

Reverse Deception: Organized Cyber Threat Counter-Exploitation explains how to identify advanced persistent threats (APTs), categorize them according to risk level, and prioritize your actions accordingly by applying expert, field-tested private- and government-sector methods (NSA, FBI, and DOD).

APTs cannot be seen, spread invisibly, and then continue to live in an enterprise network, undetected. In this one-of-a-kind book, the authors explain how to get—and stay—ahead of today’s well-organized and extremely persistent brand of network enemies. The book describes the characteristics of malware and botnets, how they can morph, evade detection, and spin off decoys that live in-network, while appearing to have been cleaned up and debugged. This detailed guide then reveals how to detect the appearance of malicious code, decode the types of enemies they originate from, and finally, how to extricate malcode and deflect its future entry into networks.

Reverse Deception: Organized Cyber Threat Counter-Exploitation features:

  • Full coverage of the #1 feared type of network attack today, the APT
  • Descriptions of cyber espionage tactics seen in the U.S. and internationally, with comparisons of the types of countermeasures permissible by law in the U.S. and Asia versus less strict countries in Europe, the Middle East, and Africa
  • Enthralling case studies and true stories from the authors’ FBI, DOD, NSA, and private sector work
  • Foreword by Fred Feer, a security professional with 40 years’ experience with the U.S. Army counterintelligence, CIA, RAND, and independent consulting
  • Complete coverage of key aspects of deception, counter-deception, behavioral profiling, and security within the cyber realm
  • Cat-and-mouse strategies from the best in the game—explains how to implement deception and disinformation techniques against a variety of incoming threats aimed at enticing adversaries out into the open
  • A fresh perspective on innovative, field-tested ideas for successfully countering current digital threats—plus expected characteristics of the next threats to come
  • Legal explanations of capabilities, limitations, and requirements for assisting law enforcement investigations

Coverage includes:
Deception Throughout History to Today; The Applications & Goals of Cyber Counterintelligence; The Missions and Outcomes of Criminal Profiling; Legal & Ethical Aspects of Deception; Attack Tradecraft; Operational Deception; Tools, Tactics & Procedures; Attack Attribution; Black Hat Motivators; Understanding Advanced Persistent Threats; When & When Not to Act; Implementation & Validation Tactics

Price: $40.00

Click here to buy from Amazon

 

By

Buffer Overflow Attacks: Detect, Exploit, Prevent

Buffer Overflow Attacks: Detect, Exploit, PreventThe SANS Institute maintains a list of the “Top 10 Software Vulnerabilities.” At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker’s perspective and defending against these attacks for the software developer.

*Over half of the “SANS TOP 10 Software Vulnerabilities” are related to buffer overflows.

*None of the current-best selling software security books focus exclusively on buffer overflows.

*This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker’s perspective and defending against these attacks for the software developer.

Price: $36.95

Click here to buy from Amazon

By

Cyber Terrorism and Information Warfare: Threats and Responses

Cyber Terrorism and Information Warfare: Threats and Responses (Terrorism library series)Cyber terrorism is an emerging new mode of information warfare underscoring the perpetrators’ deliberate exploitation of civilian and military systems’ inherent vulnerabilities, thereby affecting national and global security. This volume includes contributions made by academics, policymakers, and professionals at seminars and conferences co-sponsored by the International Center for Terrorism Studies (Potomac Institute for Policy Studies), and the Terrorism Studies Center (The George Washington University), during the past several years. It also includes statements by key government officials and industry experts at different forums in the United States dealing with both threats and responses.

Included are the statements and assessments of James Adams, Edgar A. Adamson, Madeleine Albright, Mario Balakgie, Elizabeth Banker, Bill Clinton, Fred Cohen, James X. Dempsey, Dianne Feinstein, Kenneth Flamm, Louis J. Freeh, Gideon Frieder, Tom Fuhrman, Charles Giancarlo, Eric Holder, Feisal Keblawi, Jon Kyl, Neal Lane, Joseph Lieberman, Robert T. Marsh, Paul Misener, Roger Molander, Richard Pethia, Janet Reno, Howard Schmidt, Charles Schumer, Robert Shea, David L. Sobel, John Tritak, and Michael A. Vatis.

Price: $25.00

Click here to buy from Amazon

/* */