CyberWar

Si Vis Pacem, Para Bellum

By

Inside Cyber Warfare: Mapping the Cyber Underworld

Inside Cyber Warfare: Mapping the Cyber Underworld

What people are saying about Inside Cyber Warfare

“The necessary handbook for the 21st century.”

–Lewis Shepherd, Chief Tech Officer and Senior Fellow, Microsoft Institute for Advanced Technology in Governments

“A must-read for policy makers and leaders who need to understand the big-picture landscape of cyber war.”

–Jim Stogdill, CTO, Mission Services Accenture

You may have heard about “cyber warfare” in the news, but do you really know what it is? This book provides fascinating and disturbing details on how nations, groups, and individuals throughout the world are using the Internet as an attack platform to gain military, political, and economic advantages over their adversaries. You’ll learn how sophisticated hackers working on behalf of states or organized crime patiently play a high-stakes game that could target anyone, regardless of affiliation or nationality.

Inside Cyber Warfare goes beyond the headlines of attention-grabbing DDoS attacks and takes a deep look inside multiple cyber-conflicts that occurred from 2002 through summer 2009.

  • Learn how cyber attacks are waged in open conflicts, including recent hostilities between Russia and Georgia, and Israel and Palestine
  • Discover why Twitter, Facebook, LiveJournal, Vkontakte, and other sites on the social web are mined by the intelligence services of many nations
  • Read about China’s commitment to penetrate the networks of its technologically superior adversaries as a matter of national survival
  • Find out why many attacks originate from servers in the United States, and who’s responsible
  • Learn how hackers are “weaponizing” malware to attack vulnerabilities at the application level

Price: $39.99

Click here to buy from Amazon

By

National Strategy of Defense – Peace and Security for Brazil

National Strategy of Defense - Peace and Security for BrazilBrazil is a peaceful country, by tradition and conviction. It lives in peace with its neighbors. It runs its international affairs, among other things, adopting the constitutional principles of non-intervention, defense of peace and peaceful resolution of conflicts. This pacifist trait is part of the national identity, and a value that should be preserved by the Brazilian people.
Brazil – a developing country – shall rise to the first stage in the world neither promoting hegemony nor domination. The Brazilian people are not willing to exert their power on other nations. They want Brazil to grow without reigning upon others.
This is perhaps the reason why Brazil has never conducted a wide discussion about its own defense affairs throughout its history. Periodically, governments used to authorize the acquisition or production of new defense products, and introduced specific reforms in the Armed Forces. However, a national strategy of defense has never been proposed to systematically guide the reorganization and reorientation of the Armed Forces; the organization of the defense industry in order to ensure the operational autonomy of the three service branches: the Navy, the Army and the Air Force; and the policies for the composition of their troops, moreover reconsidering the Mandatory Military Service.
However, if Brazil is willing to reach its deserved spot in the world, it will have to be prepared to defend itself not only from aggressions, but equally from threats.
Intimidation overrides good faith in the world where we live. Nothing substitutes the engagement of the Brazilian people in the debate and construction of their own defense.

The 6th National Strategy of Defense guideline:

“To strengthen three strategically important sectors: cybernetics, space and nuclear. This process of strengthening will ensure the fulfillment of the concept of flexibility. As a result of their own nature, these sectors transcend the border line between development and defense, between the civilian and the military. Both space and cybernetics sectors will, together, enable that the capacity to see one’s own country do not depend on foreign technology, and that the Armed Forces, together, can network supported by a monitoring system also space-based. Brazil is committed – as per the Federal Constitution and the Treaty on the Non-Proliferation of Nuclear Weapons – to the strictly peaceful use of nuclear energy. However, Brazil also asserts its strategic need to develop and master nuclear technology. The country needs to ensure the balance and the versatility of its energy matrix and advance in areas such as agriculture and health, which may benefit from nuclear energy technology. And carry out, among other initiatives that require technological independence in terms of nuclear energy, the nuclear-propelled submarine project.”

Download Estratégia Nacional de Defesa – Paz e segurança para o Brasil
Download National Strategy of Defense – Peace and security for Brazil
Download Estrategia Nacional de Defensa – Paz y seguridad para Brasil
Download Stratégie Nationale de Défense – Paix et Sécurité au Brésil

By

Social Engineering: The Art of Human Hacking

Social Engineering: The Art of Human HackingThe first book to reveal and dissect the technical aspect of many social engineering maneuvers

From elicitation, pretexting, influence and manipulation all aspects of social engineering are picked apart, discussed and explained by using real world examples, personal experience and the science behind them to unraveled the mystery in social engineering.

Kevin Mitnick—one of the most famous social engineers in the world—popularized the term “social engineering.” He explained that it is much easier to trick someone into revealing a password for a system than to exert the effort of hacking into the system. Mitnick claims that this social engineering tactic was the single-most effective method in his arsenal. This indispensable book examines a variety of maneuvers that are aimed at deceiving unsuspecting victims, while it also addresses ways to prevent social engineering threats.

  • Examines social engineering, the science of influencing a target to perform a desired task or divulge information
  • Arms you with invaluable information about the many methods of trickery that hackers use in order to gather information with the intent of executing identity theft, fraud, or gaining computer system access
  • Reveals vital steps for preventing social engineering threats
  • Includes a direct URL to a free download of the world’s premiere penetration-testing distribution, BackTrack 4 SE Edition – geared towards Social Engineering Tools

Social Engineering: The Art of Human Hacking does its part to prepare you against nefarious hackers—now you can do your part by putting to good use the critical information within its pages.

Price: $34.99

Click here to buy from Amazon

By

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the SystemWith the growing prevalence of the Internet, rootkit technology has taken center stage in the battle between White Hats and Black Hats. Adopting an approach that favors full disclosure, The Rootkit Arsenal presents the most accessible, timely, and complete coverage of rootkit technology. This book covers more topics, in greater depth, than any other currently available. In doing so, the author forges through the murky back alleys of the Internet, shedding light on material that has traditionally been poorly documented, partially documented, or intentionally undocumented.




Price: $49.95

Click here to buy from Amazon

By

Fuzzing: Brute Force Vulnerability Discovery

Fuzzing: Brute Force Vulnerability DiscoveryFUZZING

Master One of Today’s Most Powerful Techniques for Revealing Security Flaws!

Fuzzing has evolved into one of today’s most effective approaches to test software security. To “fuzz,” you attach a program’s inputs to a source of random data, and then systematically identify the failures that arise. Hackers have relied on fuzzing for years: Now, it’s your turn. In this book, renowned fuzzing experts show you how to use fuzzing to reveal weaknesses in your software before someone else does.

Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally. The authors begin by reviewing how fuzzing works and outlining its crucial advantages over other security testing methods. Next, they introduce state-of-the-art fuzzing techniques for finding vulnerabilities in network protocols, file formats, and web applications; demonstrate the use of automated fuzzing tools; and present several insightful case histories showing fuzzing at work. Coverage includes:

• Why fuzzing simplifies test design and catches flaws other methods miss

• The fuzzing process: from identifying inputs to assessing “exploitability”

• Understanding the requirements for effective fuzzing

• Comparing mutation-based and generation-based fuzzers

• Using and automating environment variable and argument fuzzing

• Mastering in-memory fuzzing techniques

• Constructing custom fuzzing frameworks and tools

• Implementing intelligent fault detection

Attackers are already using fuzzing. You should, too. Whether you’re a developer, security engineer, tester, or QA specialist, this book teaches you how to build secure software.

Foreword     xix

Preface        xxi

Acknowledgments  xxv

About the Author   xxvii

PARTI         BACKGROUND     1

Chapter 1    Vulnerability Discovery Methodologies  3

Chapter 2    What Is Fuzzing?   21

Chapter 3    Fuzzing Methods and Fuzzer Types     33

Chapter 4    Data Representation and Analysis        45

Chapter 5    Requirements for Effective Fuzzing      61

PART II      TARGETS AND AUTOMATION          71

Chapter 6    Automation and Data Generation        73

Chapter 7    Environment Variable and Argument Fuzzing 89

Chapter 8    Environment Variable and Argument Fuzzing: Automation 103

Chapter 9    Web Application and Server Fuzzing     113

Chapter 10  Web Application and Server Fuzzing: Automation    137

Chapter 11  File Format Fuzzing         169

Chapter 12  File Format Fuzzing: Automation on UNIX     181

Chapter 13  File Format Fuzzing: Automation on Windows         197

Chapter 14  Network Protocol Fuzzing         223

Chapter 15  Network Protocol Fuzzing: Automation on UNIX     235

Chapter 16  Network Protocol Fuzzing: Automation on Windows         249

Chapter 17  Web Browser Fuzzing      267

Chapter 18  Web Browser Fuzzing: Automation     283

Chapter 19  In-Memory Fuzzing         301

Chapter 20  In-Memory Fuzzing: Automation         315

PART III    ADVANCED FUZZING TECHNOLOGIES      349

Chapter 21  Fuzzing Frameworks       351

Chapter 22  Automated Protocol Dissection  419

Chapter 23  Fuzzer Tracking     437

Chapter 24  Intelligent Fault Detection 471

PART IV     LOOKING FORWARD    495

Chapter 25  Lessons Learned    497

Chapter 26  Looking Forward    507

Index 519

Price: $54.99

Click here to buy from Amazon

/* */