- CyberWar: Si Vis Pacem, Para Bellum CyberWar

May
20

Gray Hat Python: Python Programming for Hackers and Reverse Engineers

Category: Books Tags: Attack, Debugger, Emulator, Exploit, Fuzzer, Fuzzing, Gray Hat, Hacker, Hacking, Hard Hooking, IDAPython, Immunity Debugger, Injection, Pentest, Programming Language, PyDBG, PyEMU, python, Reverse Engineering, Sniff, Soft Hooking, Software Tester, Sulley, Trojan 1 Comment

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it’s easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools – and how to build your own when the pre-built ones won’t cut it.

You’ll learn how to:

Automate tedious reversing and security tasks
Design and program your own debugger
Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
Sniff secure traffic out of an encrypted web browser session
Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more

The world’s best hackers are using Python to do their handiwork. Shouldn’t you?

Price: $39.95

Click here to buy from Amazon

May
19

By CyberWarrior

Mobile Malware Attacks and Defense

Category: Books Tags: A8X, ADB, Android, Attack, Cell Phone, Compiler, Dealextreme, Defense, device platform, Disassemble, Dropad, dynamic software, Examining, Exploit, Exploits, Firmware, Forensic, forensic analysis, Forensics, Froyo, GCC, Gingerbread, Google, hoaxes, Honeycomb, IDA, IDA Pro, iPad, iPhone, Kernel, Malicious Code, Malware, mitigation measures, Mobile, mobile assets, mobile device, mobile devices, MobileSandbox, os security, Payloads, PDA, PDAs, Phishing, Reverse Engineering, sandbox, security landscape, SMishing, SMS, software analysis, Symbian, Taxonomy, Threats, Virus, Vishing Leave a Comment

Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.

* Visual Payloads
View attacks as visible to the end user, including notation of variants.

* Timeline of Mobile Hoaxes and Threats
Understand the history of major attacks and horizon for emerging threates.

* Overview of Mobile Malware Families
Identify and understand groups of mobile malicious code and their variations.

* Taxonomy of Mobile Malware
Bring order to known samples based on infection, distribution, and payload strategies.

* Phishing, SMishing, and Vishing Attacks
Detect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.

* Operating System and Device Vulnerabilities
Analyze unique OS security issues and examine offensive mobile device threats.

* Analyze Mobile Malware
Design a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.

* Forensic Analysis of Mobile Malware
Conduct forensic analysis of mobile devices and learn key differences in mobile forensics.

* Debugging and Disassembling Mobile Malware
Use IDA and other tools to reverse-engineer samples of malicious code for analysis.

* Mobile Malware Mitigation Measures
Qualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.

* Understand the History and Threat Landscape of Rapidly Emerging Mobile Attacks

* Analyze Mobile Device/Platform Vulnerabilities and Exploits

* Mitigate Current and Future Mobile Malware Threats

Price: $59.95

Click here to buy from Amazon

May
18

By CyberWarrior

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Category: Books Tags: Attack, authoritative coverage, BackTrack, countermeasures, Cybercrime, Disassemble, Disassembler, Dradis, Ethical, Ethical Hack, ethical hackers, Exploiting, Exploits, Fuzzing, Gray Hat, Hack, Hackers, Hacking, Hacking Lab, Handbook, IDA, IDA Pro, Insider Attack, insider attacks, level perspective, linux distribution, linux shell, Malware, Metasploit, Oracle, Penetration, Penetration Tester, Penetration Testing, Pentest, Physical Attack, RAND, Reverse Engineering, SCADA, SCADA Attack, Shell, shell code, Shellcode, Social Engineering, Social Engineering Attack, Sulley, Underground, voice over ip, VOIP, VoIP Attack, Vulnerability, vulnerability analysis, vulnerability research, Weapon, Web server Attack, windows exploits Leave a Comment

Fully updated expanded to cover the latest devious hacking methods

Featuring in-depth, advanced coverage of vulnerability discovery and reverse engineering, Gray Hat Hacking, Third Edition provides eight brand-new chapters on the latest ethical hacking techniques. In addition to the new chapters, the rest of the book is updated to address current issues, threats, tools and techniques.

This one-of-a-kind guide offers a comprehensive overview of the hacking landscape and is organized in a progressive manner, first giving an update on the latest developments in hacking-related law, useful to everyone in the security field. Next, the book describes the security testing process and covers useful tools and exploit frameworks. The second section is expanded by explaining social engineering, physical, and insider attacks and the latest trends in hacking (Voice over IP and SCADA attacks). The book then explains, from both a code and machine-level perspective, how exploits work and guides you through writing simple exploits. Finally, the authors provide a comprehensive description of vulnerability research and reverse engineering.

Gray Hat Hacking, Third Edition features eight new chapters, covering:

Social engineering
Physical attacks
Insider attacks
VoIP attacks
SCADA attacks
Dradis framework and information sharing
Client content-based attacks
Web server attacks

Detailed, authoritative coverage Introduction to Ethical Disclosure; Ethics of Ethical Hacking; Ethical Hacking and the Legal System; Proper and Ethical Disclosure; Penetration Testing and Tools; Social Engineering Attacks; Physical Attacks; Insider Attacks; Using BackTrack LiveCD Linux Distribution; Using Metasploit; Dradis and Managing a Pen Test; Exploiting; Progamming SProgrammingills; Basic Linux Exploits; Advanced Linux Exploits; Shellcode Strategies; Writing Linux Shell Code; Basic Windows Exploits; Client Content Based Attacks; Web Server Attacks; VoIP Attacks; SCADA Attacks; Vulnerability Analysis; Passive Analysis; Advanced Static Analysis with IDA Pro; Advanced Reverse Engineering; Client-Side Browser Exploits; Exploiting Windows Access Control Model; Intelligent Fuzzing with Sulley; From Vulnerability to Exploit; Closing the Holes: Mitigation Techniques; Malware Analysis; Collecting Malware and Initial Analysis; Hacking Malware

Price: $60.00

Click here to buy from Amazon

Gray Hat Hacking, Second Edition: The Ethical Hacker’s Handbook (tobem.com)
The Ethical Hack: A Framework for Business Value Penetration Testing (tobem.com)
Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts (tobem.com)
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground (tobem.com)
Professional Penetration Testing: Creating and Operating a Formal Hacking Lab (tobem.com)
The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws (tobem.com)
The Oracle Hacker’s Handbook: Hacking and Defending Oracle (tobem.com)

May
9

By CyberWarrior

Identifying Malicious Code Through Reverse Engineering

Category: Books Tags: Exploit, Malicious Code, Malicious Pattern, Malware, Reverse Engineering, Signature, Virus, Worm 2 Comments

Attacks take place everyday with computers connected to the internet, because of worms, viruses or due to vulnerable software. These attacks result in a loss of millions of dollars to businesses across the world.

Identifying Malicious Code through Reverse Engineering provides information on reverse engineering and concepts that can be used to identify the malicious patterns in vulnerable software. The malicious patterns are used to develop signatures to prevent vulnerability and block worms or viruses. This book also includes the latest exploits through various case studies.

Identifying Malicious Code through Reverse Engineering is designed for professionals composed of practitioners and researchers writing signatures to prevent virus and software vulnerabilities. This book is also suitable for advanced-level students in computer science and engineering studying information security, as a secondary textbook or reference.

Price: $119.00

Click here to buy from Amazon

May
9

By CyberWarrior

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

Category: Books Tags: art of deception, art of intrusion, Behind, computer crackers, computer intruders, Deceivers, Deception, Exploit, Exploits, Hacker, hacker community, Hackers, Intruders, Intrusion, kevin mitnick, Las Vegas, law enforcement agencies, Lockheed, lockheed martin, malicious computer, Reverse Engineering, Robin Hood, secure computer systems, security professionals, Social Engineering, Stories, Texas, texas prison, two teenagers Leave a Comment

Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world’s most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use “social engineering” to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick’s reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including:

A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
Two convicts who joined forces to become hackers inside a Texas prison
A “Robin Hood” hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access

With riveting “you are there” descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick’s own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.

Price: $16.95

Click here to buy from Amazon

Gray Hat Python: Python Programming for Hackers and Reverse Engineers

Mobile Malware Attacks and Defense

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Related articles

Identifying Malicious Code Through Reverse Engineering

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

Amazon Cyber Tools