Wi-Foo: The Secrets of Wireless Hacking

Wi-Foo: The Secrets of Wireless Hacking“This is an excellent book. It contains the ‘in the trenches' coverage that the enterprise administrator needs to know to deploy wireless networks securely.” –Robert Haskins, Chief Technology Officer, ZipLink Wi-Foo: The Secrets of Wireless Hacking is the first practical and realistic book about 802.11 network penetration testing and hardening. Unlike other books, it is based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and finishing with how to choose the optimal encryption ciphers for the particular network you are trying to protect.

Price: $49.99

Click here to buy from Amazon

Penetration Testing and Network Defense

Penetration Testing and Network DefenseThe practical guide to simulating, detecting, and responding to network attacks

  • Create step-by-step testing plans
  • Learn to perform social engineering and host reconnaissance
  • Evaluate session hijacking methods
  • Exploit web server vulnerabilities
  • Detect attempts to breach database security
  • Use password crackers to obtain access information
  • Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
  • Scan and penetrate wireless networks
  • Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
  • Test UNIX, Microsoft, and Novell servers for vulnerabilities
  • Learn the root cause of buffer overflows and how to prevent them
  • Perform and prevent Denial of Service attacks

Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.

Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.

Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.

Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.

“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”

–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®

Price: $67.00

Click here to buy from Amazon

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Gray Hat Hacking The Ethical Hackers Handbook, 3rd EditionFully updated expanded to cover the latest devious hacking methods

Featuring in-depth, advanced coverage of vulnerability discovery and reverse engineering, Gray Hat Hacking, Third Edition provides eight brand-new chapters on the latest ethical hacking techniques. In addition to the new chapters, the rest of the book is updated to address current issues, threats, tools and techniques.

This one-of-a-kind guide offers a comprehensive overview of the hacking landscape and is organized in a progressive manner, first giving an update on the latest developments in hacking-related law, useful to everyone in the security field. Next, the book describes the security testing process and covers useful tools and exploit frameworks. The second section is expanded by explaining social engineering, physical, and insider attacks and the latest trends in hacking (Voice over IP and SCADA attacks). The book then explains, from both a code and machine-level perspective, how exploits work and guides you through writing simple exploits. Finally, the authors provide a comprehensive description of vulnerability research and reverse engineering.

Gray Hat Hacking, Third Edition features eight new chapters, covering:

  • Social engineering
  • Physical attacks
  • Insider attacks
  • VoIP attacks
  • SCADA attacks
  • Dradis framework and information sharing
  • Client content-based attacks
  • Web server attacks

Detailed, authoritative coverage Introduction to Ethical Disclosure; Ethics of Ethical Hacking; Ethical Hacking and the Legal System; Proper and Ethical Disclosure; Penetration Testing and Tools; Social Engineering Attacks; Physical Attacks; Insider Attacks; Using BackTrack LiveCD Linux Distribution; Using Metasploit; Dradis and Managing a Pen Test; Exploiting; Progamming SProgrammingills; Basic Linux Exploits; Advanced Linux Exploits; Shellcode Strategies; Writing Linux Shell Code; Basic Windows Exploits; Client Content Based Attacks; Web Server Attacks; VoIP Attacks; SCADA Attacks; Vulnerability Analysis; Passive Analysis; Advanced Static Analysis with IDA Pro; Advanced Reverse Engineering; Client-Side Browser Exploits; Exploiting Windows Access Control Model; Intelligent Fuzzing with Sulley; From Vulnerability to Exploit; Closing the Holes: Mitigation Techniques; Malware Analysis; Collecting Malware and Initial Analysis; Hacking Malware

Price: $60.00

Click here to buy from Amazon

Professional Pen Testing for Web Applications (Programmer to Programmer)

There is no such thing as “perfect security” when it comes to keeping all systems intact and functioning properly. Good penetration (pen) testing creates a balance that allows a system to be secure while simultaneously being fully functional. With this book, you'll learn how to become an effective penetrator (i.e., a white hat or ethical hacker) in order to circumvent the security features of a Web application so that those features can be accurately evaluated and adequate security precautions can be put in place.

After a review of the basics of web applications, you'll be introduced to web application hacking concepts and techniques such as vulnerability analysis, attack simulation, results analysis, manuals, source code, and circuit diagrams. These web application hacking concepts and techniques will prove useful information for ultimately securing the resources that need your protection.

What you will learn from this book
* Surveillance techniques that an attacker uses when targeting a system for a strike
* Various types of issues that exist within the modern day web application space
* How to audit web services in order to assess areas of risk and exposure
* How to analyze your results and translate them into documentation that is useful for remediation
* Techniques for pen-testing trials to practice before a live project

Who this book is for

This book is for programmers, developers, and information security professionals who want to become familiar with web application security and how to audit it.

Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and expert education in new technologies, all designed to help programmers do a better job.

Price: $39.99

Click here to buy from Amazon

Wireshark Network Analysis: The Official Certified Network Analyst Guide

Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study GuideWireshark is rated #2 in the Top 100 Network Security Tools by sectools.org. Wireshark is the world's most popular network analyzer tool. This book is the ultimate resource on Wireshark which is a MUST HAVE tool used by network IT professionals to troubleshoot, secure and optimize networks. Readers learn to capture wired and wireless traffic, focus on the cause of slow web browsing, identify why applications don't run properly across the network, locate the cause of poor VoIP call quality, determine why WLANs are plagued with problems and more. The author, Laura Chappell is the founder of Wireshark University and Chappell University and has been analyzing networks for over 20 years – the book is written in a clear manner with hundreds of screenshots for the visual learner. The foreword was written by Gerald Combs, creator of Wireshark. Wireshark Network Analysis covers the test objectives for the Wireshark Certified Network Analyst Exam and includes test questions and answers for all topics covered. Filled with 45 real-life case studies, Wireshark Network Analysis takes you inside small, medium and large corporations to see how they solved network problems in a more efficient, accurate way using Wireshark. Book supplements are available online at www.wiresharkbook.com.

Price: $99.95

Click here to buy from Amazon