Posted on

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Gray Hat Hacking The Ethical Hackers Handbook, 3rd EditionFully updated expanded to cover the latest devious hacking methods

Featuring in-depth, advanced coverage of vulnerability discovery and reverse engineering, Gray Hat Hacking, Third Edition provides eight brand-new chapters on the latest ethical hacking techniques. In addition to the new chapters, the rest of the book is updated to address current issues, threats, tools and techniques.

This one-of-a-kind guide offers a comprehensive overview of the hacking landscape and is organized in a progressive manner, first giving an update on the latest developments in hacking-related law, useful to everyone in the security field. Next, the book describes the security testing process and covers useful tools and exploit frameworks. The second section is expanded by explaining social engineering, physical, and insider attacks and the latest trends in hacking (Voice over IP and SCADA attacks). The book then explains, from both a code and machine-level perspective, how exploits work and guides you through writing simple exploits. Finally, the authors provide a comprehensive description of vulnerability research and reverse engineering.

Gray Hat Hacking, Third Edition features eight new chapters, covering:

  • Social engineering
  • Physical attacks
  • Insider attacks
  • VoIP attacks
  • SCADA attacks
  • Dradis framework and information sharing
  • Client content-based attacks
  • Web server attacks

Detailed, authoritative coverage Introduction to Ethical Disclosure; Ethics of Ethical Hacking; Ethical Hacking and the Legal System; Proper and Ethical Disclosure; Penetration Testing and Tools; Social Engineering Attacks; Physical Attacks; Insider Attacks; Using BackTrack LiveCD Linux Distribution; Using Metasploit; Dradis and Managing a Pen Test; Exploiting; Progamming SProgrammingills; Basic Linux Exploits; Advanced Linux Exploits; Shellcode Strategies; Writing Linux Shell Code; Basic Windows Exploits; Client Content Based Attacks; Web Server Attacks; VoIP Attacks; SCADA Attacks; Vulnerability Analysis; Passive Analysis; Advanced Static Analysis with IDA Pro; Advanced Reverse Engineering; Client-Side Browser Exploits; Exploiting Windows Access Control Model; Intelligent Fuzzing with Sulley; From Vulnerability to Exploit; Closing the Holes: Mitigation Techniques; Malware Analysis; Collecting Malware and Initial Analysis; Hacking Malware

Price: $60.00

Click here to buy from Amazon

Related articles
Posted on

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and DeceiversHacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use “social engineering” to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including:

  • A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
  • Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
  • Two convicts who joined forces to become hackers inside a Texas prison
  • A “Robin Hood” hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access

With riveting “you are there” descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.

Price: $16.95

Click here to buy from Amazon

Posted on

Penetration Testing and Network Defense

Penetration Testing and Network DefenseThe practical guide to simulating, detecting, and responding to network attacks

  • Create step-by-step testing plans
  • Learn to perform social engineering and host reconnaissance
  • Evaluate session hijacking methods
  • Exploit web server vulnerabilities
  • Detect attempts to breach database security
  • Use password crackers to obtain access information
  • Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
  • Scan and penetrate wireless networks
  • Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
  • Test UNIX, Microsoft, and Novell servers for vulnerabilities
  • Learn the root cause of buffer overflows and how to prevent them
  • Perform and prevent Denial of Service attacks

Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.

Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.

Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.

Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.

“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”

–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®

Price: $67.00

Click here to buy from Amazon

Posted on

Green Dam Youth Escort – Internet Censorship in the People’s Republic of China

Internet Censorship in the People's Republic of China, Green Dam Youth EscortChapters: Internet Censorship in the People's Republic of China, Green Dam Youth Escort (绿坝·花季护航), Blocking of Wikipedia by the People's Republic of China, List of Websites Blocked in the People's Republic of China, Golden Shield Project, War of Internet Addiction, List of Words Censored by Search Engines in the People's Republic of China, History of Internet Censorship in the People's Republic of China, Very Erotic Very Violent, 50 Cent Party, List of Internet Phenomena in the People's Republic of China, Big Mama, Elgoog. Excerpt: 50 Cent Party (Chinese : ; pinyin : W máo D ng), also called 50 Cent Army , refers to paid astroturfing internet commentators working for the People's Republic of China , whose role is posting comments favorable towards the government policies to skew the public opinion on various Internet message boards. They are named after the 50 Chinese cents, or 5 mao, they are paid per such post, other names are red vests , red vanguard and the Five Mao Party . Conservative estimates put the strength of the 50 Cents Army at tens of thousands while other estimates put their numbers as high as 280,000 300,000. Their activities were described by Chinese President Hu Jintao as “a new pattern of public-opinion guidance”. They operate primarily in Chinese, but English language posts appear as well. Their effect is most felt at the domestic Chinese-language websites, bulletin board systems , and chatrooms . Their role is to steer the discussion away from anti-party articulations, politically sensitive or “unacceptable” content and advance the party line of the Communist Party of China . It has been argued that it is not so much censorship but a public relations tactic. According to the Indian Daily News and Analysis , “to this day, anyone who posts a blatantly propagandist pro-Communist …

Price: $19.99

Click here to buy from Amazon

Related articles

Posted on

Hacktivism and Cyberwars: Rebels with a Cause?

Hacktivism and Cyberwars: Rebels with a Cause?This detailed history of hacktivism's evolution from early hacking culture to its present day status as the radical face of online politics describes the ways in which hacktivism has re-appropriated hacking techniques to create an innovative new form of political protest. The full social and historical context of Hacktivism is portrayed to take into account its position in terms of new social movements, direct action, and its contribution to the anti-globalization debate.






Price: $180.00

Click here to buy from Amazon