Amazon Price: $49.95 $47.45 You save: $2.50 (5%). (as of November 24, 2017 08:24 –
The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.
Once you've built your foundation for penetration testing, you’ll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You’ll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.
Continue reading “Metasploit: The Penetration Tester's Guide”
Amazon Price: N/A (as of November 24, 2017 06:39 –
"This is one of the most interesting infosec books to come out in the last several years."
–Dino Dai Zovi, Information Security Professional
"Give a man an exploit and you make him a hacker for a day; teach a man to exploit bugs and you make him a hacker for a lifetime."
–Felix 'FX' Lindner
Continue reading “A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security”
Amazon Price: $39.95 $27.16 You save: $12.79 (32%). (as of November 24, 2017 17:58 –
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like performing vulnerability scans, malware analysis, and incident response. With some help from Mono, you can write your own practical security tools that will run on Mac, Linux, and even mobile devices.
Following a crash course in C# and some of its advanced features, you'll learn how to:Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injectionGenerate shellcode in Metasploit to create cross-platform and cross-architecture payloadsAutomate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injectionsWrite a .NET decompiler for Mac and LinuxParse and read offline registry hives to dump system informationAutomate the security tools Arachni and Metasploit using their MSGPACK RPCs
Continue reading “Gray Hat C#: Creating and Automating Security Tools”
Amazon Price: N/A (as of November 25, 2017 05:53 –
Amazon Price: $49.95 $39.96 You save: $9.99 (20%). (as of November 24, 2017 18:34 –
There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.
In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security system. Elenkov describes Android security architecture from the bottom up, delving into the implementation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.
Continue reading “Android Security Internals: An In-Depth Guide to Android's Security Architecture”