CyberWar

Si Vis Pacem, Para Bellum

By

Anti-Hacker Tool Kit, Fourth Edition

Featuring complete details on an unparalleled number of hacking exploits, this bestselling computer security book is fully updated to cover the latest attack types—and how to proactively defend against them.

Anti-Hacker Toolkit, Fourth Edition is an essential aspect of any security professional's anti-hacking arsenal. It helps you to successfully troubleshoot the newest, toughest hacks yet seen. The book is grounded in real-world methodologies, technical rigor, and reflects the author's in-the-trenches experience in making computer technology usage and deployments safer and more secure for both businesses and consumers. The new edition covers all-new attacks and countermeasures for advanced persistent threats (APTs), infrastructure hacks, industrial automation and embedded devices, wireless security, the new SCADA protocol hacks, malware, web app security, social engineering, forensics tools, and more.
Read More

By

Advanced Malware Analysis

A one-of-a-kind guide to setting up a malware research lab, using cutting-edge analysis tools, and reporting the findings

Advanced Malware Analysis is a critical resource for every information security professional's anti-malware arsenal. The proven troubleshooting techniques will give an edge to information security professionals whose job involves detecting, decoding, and reporting on malware.
Read More

By

Anti-Hacker Tool Kit, Fourth Edition

Defend against today's most devious attacks
Fully revised to include cutting-edge new tools for your security arsenal, Anti-Hacker Tool Kit, Fourth Edition reveals how to protect your network from a wide range of nefarious exploits. You'll get detailed explanations of each tool’s function along with best practices for configuration and implementation illustrated by code samples and up-to-date, real-world case studies. This new edition includes references to short videos that demonstrate several of the tools in action. Organized by category, this practical guide makes it easy to quickly find the solution you need to safeguard your system from the latest, most devastating hacks.
Demonstrates how to configure and use these and other essential tools: Virtual machines and emulators: Oracle VirtualBox, VMware Player, VirtualPC, Parallels, and open-source options Vulnerability scanners: OpenVAS, Metasploit File system monitors: AIDE, Samhain, Tripwire Windows auditing tools: Nbtstat, Cain, MBSA, PsTools Command-line networking tools: Netcat, Cryptcat, Ncat, Socat Port forwarders and redirectors: SSH, Datapipe, FPipe, WinRelay Port scanners: Nmap, THC-Amap Network sniffers and injectors: WinDump, Wireshark, ettercap, hping, kismet, aircrack, snort Network defenses: firewalls, packet filters, and intrusion detection systems War dialers: ToneLoc, THC-Scan, WarVOX Web application hacking utilities: Nikto, HTTP utilities, ZAP, Sqlmap Password cracking and brute-force tools: John the Ripper, L0phtCrack, HashCat, pwdump, THC-Hydra Forensic utilities: dd, Sleuth Kit, Autopsy, Security Onion Privacy tools: Ghostery, Tor, GnuPG, Truecrypt, Pidgin-OTR

By

Social Engineering in IT Security: Tools, Tactics, and Techniques: Testing Tools, Tactics & Techniques

Cutting-edge social engineering testing techniques
"Provides all of the core areas and nearly everything [you] need to know about the fundamentals of the topic."–Slashdot Conduct ethical social engineering tests to identify an organization's susceptibility to attack. Written by a global expert on the topic, Social Engineering in IT Security discusses the roots and rise of social engineering and presents a proven methodology for planning a test, performing reconnaissance, developing scenarios, implementing the test, and accurately reporting the results. Specific measures you can take to defend against weaknesses a social engineer may exploit are discussed in detail. This practical guide also addresses the impact of new and emerging technologies on future trends in social engineering. Explore the evolution of social engineering, from the classic con artist to the modern social engineer Understand the legal and ethical aspects of performing a social engineering test Find out why social engineering works from a victim's point of view Plan a social engineering test–perform a threat assessment, scope the test, set goals, implement project planning, and define the rules of engagement Gather information through research and reconnaissance Create a credible social engineering scenario Execute both on-site and remote social engineering tests Write an effective social engineering report Learn about various tools, including software, hardware, and on-site tools Defend your organization against social engineering attacks

By

Computer Forensics InfoSec Pro Guide

Security Smarts for the Self-Guided IT Professional
Find out how to excel in the field of computer forensics investigations. Learn what it takes to transition from an IT professional to a computer forensic examiner in the private sector. Written by a Certified Information Systems Security Professional, Computer Forensics: InfoSec Pro Guide is filled with real-world case studies that demonstrate the concepts covered in the book.
You’ll learn how to set up a forensics lab, select hardware and software, choose forensic imaging procedures, test your tools, capture evidence from different sources, follow a sound investigative process, safely store evidence, and verify your findings. Best practices for documenting your results, preparing reports, and presenting evidence in court are also covered in this detailed resource.
Computer Forensics: InfoSec Pro Guide features: Lingo—Common security terms defined so that you’re in the know on the job IMHO—Frank and relevant opinions based on the author’s years of industry experience Budget Note—Tips for getting security technologies and processes into your organization’s budget In Actual Practice—Exceptions to the rules of security explained in real-world contexts Your Plan—Customizable checklists you can use on the job now Into Action—Tips on how, why, and when to apply new skills and techniques at work