Book description
THE LATEST STRATEGIES FOR UNCOVERING TODAY'S MOST DEVASTATING ATTACKS
Thwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource.
- Develop and launch exploits using BackTrack and Metasploit
- Employ physical, social engineering, and insider attack techniques
- Build Perl, Python, and Ruby scripts that initiate stack buffer overflows
- Understand and prevent malicious content in Adobe, Office, and multimedia files
- Detect and block client-side, Web server, VoIP, and SCADA attacks
- Reverse engineer, fuzz, and decompile Windows and Linux software
- Develop SQL injection, cross-site scripting, and forgery exploits
- Trap malware and rootkits using honeypots and SandBoxes
Table of contents
- Cover Page
- Gray Hat Hacking the Ethical Hacker’s Handbook
- Copyright Page
- Contents
- Preface
- Acknowledgments
- Introduction
-
Part I Introduction to Ethical Disclosure
- Chapter 1 Ethics of Ethical Hacking
- Where Do Attackers Have Most of Their Fun?
-
Chapter 2 Ethical Hacking and the Legal System
- The Rise of Cyberlaw
-
Understanding Individual Cyberlaws
- 18 USC Section 1029: The Access Device Statute
- 18 USC Section 1030 of the Computer Fraud and Abuse Act
- 18 USC Sections 2510, et. Seq., and 2701, et. Seq., of the Electronic Communication Privacy Act
- Digital Millennium Copyright Act (DMCA)
- Cyber Security Enhancement Act of 2002
- Securely Protect Yourself Against Cyber Trespass Act (SPY Act)
- Chapter 3 Proper and Ethical Disclosure
-
Part II Penetration Testing and Tools
- Chapter 4 Social Engineering Attacks
- Chapter 5 Physical Penetration Attacks
- Chapter 6 Insider Attacks
- Chapter 7 Using the BackTrack Linux Distribution
- Chapter 8 Using Metasploit
- Chapter 9 Managing a Penetration Test
-
Part III Exploiting
- Chapter 10 Programming Survival Skills
- Chapter 11 Basic Linux Exploits
- Chapter 12 Advanced Linux Exploits
- Chapter 13 Shellcode Strategies
- Chapter 14 Writing Linux Shellcode
- Chapter 15 Windows Exploits
- Chapter 16 Understanding and Detecting Content-Type Attacks
- Chapter 17 Web Application Security Vulnerabilities
- Chapter 18 VoIP Attacks
- Chapter 19 SCADA Attacks
-
Part IV Vulnerability Analysis
- Chapter 20 Passive Analysis
- Chapter 21 Advanced Static Analysis with IDA Pro
- Chapter 22 Advanced Reverse Engineering
- Chapter 23 Client-Side Browser Exploits
-
Chapter 24 Exploiting the Windows Access Control Model
- Why Access Control Is Interesting to a Hacker
- How Windows Access Control Works
- Tools for Analyzing Access Control Configurations
- Special SIDs, Special Access, and “Access Denied”
- Analyzing Access Control for Elevation of Privilege
- Attack Patterns for Each Interesting Object Type
- What Other Object Types Are Out There?
- Chapter 25 Intelligent Fuzzing with Sulley
- Chapter 26 From Vulnerability to Exploit
- Chapter 27 Closing the Holes: Mitigation
- Part V Malware Analysis
- Index
Product information
- Title: Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition, 3rd Edition
- Author(s):
- Release date: February 2011
- Publisher(s): McGraw-Hill
- ISBN: 9780071742566
You might also like
book
Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition
Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe …
book
Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition, 4th Edition
Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe …
book
Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition
Up-to-date strategies for thwarting the latest, most insidious network attacks This fully updated, industry-standard security resource …
book
Hacking Exposed 7, 7th Edition
The latest tactics for thwarting digital attacks “Our new reality is zero-day, APT, and state-sponsored attacks. …