Book description
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you'll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices.
After a crash course in C# and some of its advanced features, you'll learn how to:
- Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injections
- Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads
- Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections
- Write a .NET decompiler for OS X and Linux
- Parse and read offline registry hives to dump system information
- Automate the security tools Arachni and Metasploit using their MSGPACK RPCs
Publisher resources
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Brief Contents
- Contents in Detail
- Foreword by Matt Graeber
- Preface
- Chapter 1: C# Crash Course
- Chapter 2: Fuzzing and Exploiting XSS and SQL Injection
-
Chapter 3: Fuzzing SOAP Endpoints
- Setting Up the Vulnerable Endpoint
-
Parsing the WSDL
- Creating a Class for the WSDL Document
- Writing the Initial Parsing Methods
- Writing a Class for the SOAP Type and Parameters
- Creating the SoapMessage Class to Define Sent Data
- Implementing a Class for Message Parts
- Defining Port Operations with the SoapPortType Class
- Implementing a Class for Port Operations
- Defining Protocols Used in SOAP Bindings
- Compiling a List of Operation Child Nodes
- Finding the SOAP Services on Ports
- Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities
- Conclusion
- Chapter 4: Writing Connect-Back, Binding, and Metasploit Payloads
- Chapter 5: Automating Nessus
- Chapter 6: Automating Nexpose
- Chapter 7: Automating OpenVAS
- Chapter 8: Automating Cuckoo Sandbox
- Chapter 9: Automating Sqlmap
- Chapter 10: Automating ClamAV
- Chapter 11: Automating Metasploit
- Chapter 12: Automating Arachni
- Chapter 13: Decompiling and Reversing Managed Assemblies
- Chapter 14: Reading Offline Registry Hives
- Index
- Resources
- The Electronic Frontier Foundation (EFF)
- Footnote
Product information
- Title: Gray Hat C#
- Author(s):
- Release date: June 2017
- Publisher(s): No Starch Press
- ISBN: 9781593277598
You might also like
book
C# 5.0 Unleashed
Buy the print and get the eBook version for free! See inside the book for access …
book
Professional C# 7 and .NET Core 2.0, 7th Edition
The professional’s guide to C# 7, with expert guidance on the newest features Professional C# 7 …
book
Beginning C# Object-Oriented Programming, Second Edition
Learn C# with Beginning C# Object-Oriented Programming and you'll be thinking about program design in the …
video
Visual Studio Code for C# Developers
Visual Studio Code is the #1 IDE among the programmers’ community. The usage of VS Code …