Amazon Price: N/A (as of July 23, 2017 19:24 –
Master the tactics and tools of the advanced persistent threat hacker
In this book, IT security expert Tyler Wrightson reveals the mindset, skills, and effective attack vectors needed to compromise any target of choice. Advanced Persistent Threat Hacking discusses the strategic issues that make all organizations vulnerable and provides noteworthy empirical evidence. You'll learn a proven APT Hacker Methodology for systematically targeting and infiltrating an organization and its IT systems. A unique, five-phased tactical approach to APT hacking is presented with real-world examples and hands-on techniques you can use immediately to execute very effective attacks. Review empirical data from actual attacks conducted by unsophisticated and elite APT hackers alike Learn the APT Hacker Methodology–a systematic approach designed to ensure success, avoid failures, and minimize the risk of being caught Perform in-depth reconnaissance to build a comprehensive understanding of the target Obtain non-technical data about the target, including open source, human, financial, and geographical intelligence Use social engineering to compromise a specific system, application, or workstation Identify and attack wireless networks and wireless client devices Spearphish with hardware-based Trojan devices Physically infiltrate target facilities to obtain access to assets and compromise digital lily pads
Amazon Price: N/A (as of July 23, 2017 22:29 –
Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems describes an approach to ensure the security of industrial networks by taking into account the unique network, protocol, and application characteristics of an industrial control system, along with various compliance controls. It offers guidance on deployment and configuration, and it explains why, where, and how security controls should be implemented.
Divided into 11 chapters, the book explains the basics of Ethernet and Transmission Control Protocol/Internet Protocol (TCP/IP) networking communications and the SCADA and field bus protocols. It also discusses industrial networks as they relate to “critical infrastructure and cyber security, potential risks and consequences of a cyber attack against an industrial control system, compliance controls in relation to network security practices, industrial network protocols, such as Modbus and DNP3, assessment of vulnerabilities and risk, how to secure enclaves, regulatory compliance standards applicable to industrial network security, and common pitfalls and mistakes, like complacency and deployment errors.
This book is a valuable resource for plant operators and information security analysts, as well as compliance officers who want to pass an audit with minimal penalties and/or fines.
Covers implementation guidelines for security measures of critical infrastructureApplies the security measures for system-specific complianceDiscusses common pitfalls and mistakes and how to avoid them
Amazon Price: N/A (as of July 23, 2017 21:19 –
Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.
– Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts.
– Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices.
– Data-mine popular social media websites and evade modern anti-virus.
Amazon Price: N/A (as of July 23, 2017 17:25 –
As part of the Syngress Basics series, The Basics of Cyber Warfare provides readers with fundamental knowledge of cyber warfare in both theoretical and practical aspects. This book explores the battlefields, participants and the tools and techniques used during today's digital conflicts. The Basics of Cyber Warfare teaches readers the principles of cyber warfare, including military doctrine, cyber doctrine, and both offensive and defensive tactics and procedures. Readers learn the basics of how to defend against:
• Insider threats
• State-sponsored attacks
• Non-state actors such as organized criminals and terrorists
The Basics of Cyber Warfare gives readers a concise overview of these threats, and outlines the ethics, laws and consequences of cyber war. This book is designed as an introductory book to give readers insight into the concepts and techniques of cyber warfare. The authors’ other title, Cyber Warfare, published by Syngress in 2011, will be mentioned in the Introduction of this book for readers who are interested in diving in to these topics and techniques in more depth.
• Provides a sound understanding of the tools and tactics used in cyber warfare.
• Describes both offensive and defensive tactics from an insider’s point of view.
• Presents doctrine and hands-on techniques you need to understand as cyber warfare evolves with technology.
Amazon Price: N/A (as of July 23, 2017 00:32 –
"What makes this book so important is that it reflects the experiences of two of the industry's most experienced hands at getting real-world engineers to understand just what they're being asked for when they're asked to write secure code. The book reflects Michael Howard's and David LeBlanc's experience in the trenches working with developers years after code was long since shipped, informing them of problems." –From the Foreword by Dan Kaminsky, Director of Penetration Testing, IOActive
Eradicate the Most Notorious Insecure Designs and Coding Vulnerabilities
Continue reading “24 Deadly Sins of Software Security: Programming Flaws and How to Fix Them”