Book description
Cutting-edge techniques for finding and fixing critical security flaws
Fortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 12 new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Fourth Edition explains the enemy’s current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-deploy testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, and cyber law are thoroughly covered in this state-of-the-art resource.
- Build and launch spoofing exploits with Ettercap and Evilgrade
- Induce error conditions and crash software using fuzzers
- Hack Cisco routers, switches, and network hardware
- Use advanced reverse engineering to exploit Windows and Linux software
- Bypass Windows Access Control and memory protection schemes
- Scan for flaws in Web applications using Fiddler and the x5 plugin
- Learn the use-after-free technique used in recent zero days
- Bypass Web authentication via MySQL type conversion and MD5 injection attacks
- Inject your shellcode into a browser's memory using the latest Heap Spray techniques
- Hijack Web browsers with Metasploit and the BeEF Injection Framework
- Neutralize ransomware before it takes control of your desktop
- Dissect Android malware with JEB and DAD decompilers
- Find one-day vulnerabilities with binary diffing
Table of contents
- Cover
- Title Page
- Copyright Page
- Dedication
- Contents
- Preface
- Acknowledgments
- Introduction
-
Part I Crash Course: Preparing for the War
- Chapter 1 Ethical Hacking and the Legal System
- Chapter 2 Programming Survival Skills
- Chapter 3 Static Analysis
- Chapter 4 Advanced Analysis with IDA Pro
- Chapter 5 World of Fuzzing
- Chapter 6 Shellcode Strategies
- Chapter 7 Writing Linux Shellcode
-
Part II From Vulnerability to Exploit
- Chapter 8 Spoofing-Based Attacks
- Chapter 9 Exploiting Cisco Routers
- Chapter 10 Basic Linux Exploits
- Chapter 11 Advanced Linux Exploits
- Chapter 12 Windows Exploits
- Chapter 13 Bypassing Windows Memory Protections
-
Chapter 14 Exploiting the Windows Access Control Model
- Why Access Control Is Interesting to a Hacker
- How Windows Access Control Works
- Tools for Analyzing Access Control Configurations
- Special SIDs, Special Access, and “Access Denied”
- Analyzing Access Control for Elevation of Privilege
- Attack Patterns for Each Interesting Object Type
- What Other Object Types Are Out There?
- Summary
- For Further Reading
- Chapter 15 Exploiting Web Applications
- Chapter 16 Exploiting IE: Smashing the Heap
- Chapter 17 Exploiting IE: Use-After-Free Technique
- Chapter 18 Advanced Client-Side Exploitation with BeEF
- Chapter 19 One-Day Exploitation with Patch Diffing
- Part III Advanced Malware Analysis
- Appendix About the Download
- Index
Product information
- Title: Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition, 4th Edition
- Author(s):
- Release date: January 2015
- Publisher(s): McGraw-Hill
- ISBN: 9780071838504
You might also like
book
Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition
Up-to-date strategies for thwarting the latest, most insidious network attacks This fully updated, industry-standard security resource …
book
Gray Hat Hacking The Ethical Hacker's Handbook, Fifth Edition, 5th Edition
Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe …
video
Certified Ethical Hacker (CEH), 2nd Edition
An updated edition of this video title is available. Please go to Certified Ethical Hacker, Version …
book
Ethical Hacking
A crash course in modern hacking techniques, Ethical Hacking is already being used to prepare the …