Book description
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you'll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices.
After a crash course in C# and some of its advanced features, you'll learn how to:
- Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injections
- Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads
- Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections
- Write a .NET decompiler for OS X and Linux
- Parse and read offline registry hives to dump system information
- Automate the security tools Arachni and Metasploit using their MSGPACK RPCs
Publisher resources
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Brief Contents
- Contents in Detail
- Foreword by Matt Graeber
- Preface
- Chapter 1: C# Crash Course
- Chapter 2: Fuzzing and Exploiting XSS and SQL Injection
-
Chapter 3: Fuzzing SOAP Endpoints
- Setting Up the Vulnerable Endpoint
-
Parsing the WSDL
- Creating a Class for the WSDL Document
- Writing the Initial Parsing Methods
- Writing a Class for the SOAP Type and Parameters
- Creating the SoapMessage Class to Define Sent Data
- Implementing a Class for Message Parts
- Defining Port Operations with the SoapPortType Class
- Implementing a Class for Port Operations
- Defining Protocols Used in SOAP Bindings
- Compiling a List of Operation Child Nodes
- Finding the SOAP Services on Ports
- Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities
- Conclusion
- Chapter 4: Writing Connect-Back, Binding, and Metasploit Payloads
- Chapter 5: Automating Nessus
- Chapter 6: Automating Nexpose
- Chapter 7: Automating OpenVAS
- Chapter 8: Automating Cuckoo Sandbox
- Chapter 9: Automating Sqlmap
- Chapter 10: Automating ClamAV
- Chapter 11: Automating Metasploit
- Chapter 12: Automating Arachni
- Chapter 13: Decompiling and Reversing Managed Assemblies
- Chapter 14: Reading Offline Registry Hives
- Index
- Resources
- The Electronic Frontier Foundation (EFF)
- Footnote
Product information
- Title: Gray Hat C#
- Author(s):
- Release date: June 2017
- Publisher(s): No Starch Press
- ISBN: 9781593277598
You might also like
book
Go H*ck Yourself
Go H*ck Yourself is an eye-opening, hands-on introduction to the world of hacking, from an award-winning …
book
Skills of a Successful Software Engineer
Skills to grow from a solo coder into a productive member of a software development team, …
book
Effective C
The world runs on code written in the C programming language, yet most schools begin the …
book
The Art of 64-Bit Assembly, Volume 1
Randall Hyde's The Art of Assembly Language has long been the go-to guide for learning assembly …