Penetration Tester’s Open Source Toolkit: 2

Rating: 
Amazon Price: N/A (as of September 26, 2017 02:13 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

• Perform Network Reconnaissance
Master the objectives, methodology, and tools of the least understood aspect of a penetration test.
• Demystify Enumeration and Scanning
Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.
• Hack Database Services
Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.
• Test Web Servers and Applications
Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.
• Test Wireless Networks and Devices
Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.
• Examine Vulnerabilities on Network Routers and Switches
Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.
• Customize BackTrack 2
Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.
• Perform Forensic Discovery and Analysis with BackTrack 2
Use BackTrack in the field for forensic analysis, image acquisition, and file carving.
• Build Your Own PenTesting Lab
Everything you need to build your own fully functional attack lab.

Theoretical and Experimental Methods for Defending Against DDoS Attacks

Amazon Price: $69.95 $63.89 You save: $6.06 (9%). (as of September 25, 2017 12:11 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Denial of Service (DoS) attacks are a form of attack that seeks to make a network resource unavailable due to overloading the resource or machine with an overwhelming number of packets, thereby crashing or severely slowing the performance of the resource. Distributed Denial of Service (DDoS) is a large scale DoS attack which is distributed in the Internet. Every computer which has access to the Internet can behave as an attacker. Typically bandwidth depletion can be categorized as either a flood or an amplification attack. Flood attacks can be done by generating ICMP packets or UDP packets in which it can utilize stationary or random variable ports. Smurf and Fraggle attacks are used for amplification attacks. DDoS Smurf attacks are an example of an amplification attack where the attacker sends packets to a network amplifier with the return address spoofed to the victim’s IP address. This book presents new research and methodologies along with a proposed algorithm for prevention of DoS attacks that has been written based on cryptographic concepts such as birthday attacks to estimate the rate of attacks generated and passed along the routers. Consequently, attackers would be identified and prohibited from sending spam traffic to the server which can cause DDoS attacks. Due to the prevalence of DoS attacks, there has been a lot of research conducted on how to detect them and prevent them. The authors of this short format title provide their research results on providing an effective solution to DoS attacks, including introduction of the new algorithm that can be implemented in order to deny DoS attacks.A comprehensive study on the basics of network securityProvides a wide revision on client puzzle theoryAn experimental model to mitigate distributed denial of service (DDoS) attacks

The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics

Rating: 
Amazon Price: $29.95 (as of September 25, 2017 09:30 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Also learn how to collect evidence, document the scene, and how deleted data is recovered.Learn all about what Digital Forensics entailsBuild a toolkit and prepare an investigative planUnderstand the common artifacts to look for during an exam

Hacking Web Intelligence: Open Source Intelligence and Web Reconnaissance Concepts and Techniques

Rating: 
Amazon Price: N/A (as of September 26, 2017 04:47 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals looking for the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment—that is, reconnaissance—is not given enough attention by security professionals, hackers, and penetration testers. Often, the information openly present is as critical as the confidential data.

Hacking Web Intelligence shows you how to dig into the Web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods.
Continue reading “Hacking Web Intelligence: Open Source Intelligence and Web Reconnaissance Concepts and Techniques”

Next Generation Red Teaming

Rating: 
Amazon Price: $39.95 $26.35 You save: $13.60 (34%). (as of September 25, 2017 10:20 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Red Teaming is can be described as a type of wargaming.In private business, penetration testers audit and test organization security, often in a secretive setting. The entire point of the Red Team is to see how weak or otherwise the organization’s security posture is. This course is particularly suited to CISO’s and CTO’s that need to learn how to build a successful Red Team, as well as budding cyber security professionals who would like to learn more about the world of information security.Teaches readers how to dentify systemic security issues based on the analysis of vulnerability and configuration data

Demonstrates the key differences between Red Teaming and Penetration Testing
Continue reading “Next Generation Red Teaming”