Book description
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you'll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices.
After a crash course in C# and some of its advanced features, you'll learn how to:
- Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injections
- Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads
- Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections
- Write a .NET decompiler for OS X and Linux
- Parse and read offline registry hives to dump system information
- Automate the security tools Arachni and Metasploit using their MSGPACK RPCs
Publisher resources
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Brief Contents
- Contents in Detail
- Foreword by Matt Graeber
- Preface
- Chapter 1: C# Crash Course
- Chapter 2: Fuzzing and Exploiting XSS and SQL Injection
-
Chapter 3: Fuzzing SOAP Endpoints
- Setting Up the Vulnerable Endpoint
-
Parsing the WSDL
- Creating a Class for the WSDL Document
- Writing the Initial Parsing Methods
- Writing a Class for the SOAP Type and Parameters
- Creating the SoapMessage Class to Define Sent Data
- Implementing a Class for Message Parts
- Defining Port Operations with the SoapPortType Class
- Implementing a Class for Port Operations
- Defining Protocols Used in SOAP Bindings
- Compiling a List of Operation Child Nodes
- Finding the SOAP Services on Ports
- Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities
- Conclusion
- Chapter 4: Writing Connect-Back, Binding, and Metasploit Payloads
- Chapter 5: Automating Nessus
- Chapter 6: Automating Nexpose
- Chapter 7: Automating OpenVAS
- Chapter 8: Automating Cuckoo Sandbox
- Chapter 9: Automating Sqlmap
- Chapter 10: Automating ClamAV
- Chapter 11: Automating Metasploit
- Chapter 12: Automating Arachni
- Chapter 13: Decompiling and Reversing Managed Assemblies
- Chapter 14: Reading Offline Registry Hives
- Index
- Resources
- The Electronic Frontier Foundation (EFF)
- Footnote
Product information
- Title: Gray Hat C#
- Author(s):
- Release date: June 2017
- Publisher(s): No Starch Press
- ISBN: 9781593277598
You might also like
book
C# 5.0 Unleashed
Buy the print and get the eBook version for free! See inside the book for access …
book
Improving your C# Skills
Conquer complex and interesting programming challenges by building robust and concurrent applications with caches, cryptography, and …
book
ASP.NET Core 5 Secure Coding Cookbook
Learn how to secure your ASP.NET Core web app through robust and secure code Key Features …
book
Enterprise Application Development with C# 9 and .NET 5
Become a professional .NET developer by learning expert techniques for building enterprise-grade applications Key Features Explore …