Cargando…
Gray hat hacking : the ethical hacker's handbook /
A thorough revision of the bestselling guide to the tools and tricks of the hybrid hacker. Written by seasoned security authors and instructors, this fully updated volume offers a comprehensive overview of today's hacking and computer security landscape.
| Clasificación: | Libro Electrónico |
|---|---|
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
New York :
McGraw-Hill,
©2008.
|
| Edición: | 2nd ed. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Cover
- Contents
- Preface
- Acknowledgments
- Introduction
- Part I: Introduction to Ethical Disclosure
- Chapter 1 Ethics of Ethical Hacking
- How Does This Stuff Relate to an Ethical Hacking Book?
- Security Does Not Like Complexity
- Chapter 2 Ethical Hacking and the Legal System
- Addressing Individual Laws
- Chapter 3 Proper and Ethical Disclosure
- You Were Vulnerable for How Long?
- Different Teams and Points of View
- CERT's Current Process
- Full Disclosure Policy (RainForest Puppy Policy)
- Organization for Internet Safety (OIS)
- Conflicts Will Still Exist
- Case Studies
- Zero Day Initiative
- So What Should We Do from Here on Out?
- Part II: Penetration Testing and Tools
- Chapter 4 Using Metasploit
- Metasploit: The Big Picture
- Getting Metasploit
- Exploiting Client-Side Vulnerabilities with Metasploit
- Using Metasploit as a Man-in-the-Middle Password Stealer
- Using Metasploit to Auto-Attack
- Inside Metasploit Modules
- Chapter 5 Using the BackTrack LiveCD Linux Distribution
- BackTrack: The Big Picture
- Creating the BackTrack CD
- Booting BackTrack
- Exploring the BackTrack X-Windows Environment
- Writing BackTrack to Your USB Memory Stick
- Saving Your BackTrack Configurations
- Creating a Directory-Based or File-Based Module with dir2lzm
- Creating a New Base Module with All the Desired Directory Contents
- Cheat Codes and Selectively Loading Modules
- Metasploit db_autopwn
- Tools
- Part III: Exploits 101
- Chapter 6 Programming Survival Skills
- C Programming Language
- Computer Memory
- Intel Processors
- Assembly Language Basics
- Debugging with gdb
- Python Survival Skills
- Chapter 7 Basic Linux Exploits
- Stack Operations
- Buffer Overflows
- Local Buffer Overflow Exploits
- Exploit Development Process
- Chapter 8 Advanced Linux Exploits
- Format String Exploits
- Heap Overflow Exploits
- Memory Protection Schemes
- Chapter 9 Shellcode Strategies
- User Space Shellcode
- Other Shellcode Considerations
- Kernel Space Shellcode
- Chapter 10 Writing Linux Shellcode
- Basic Linux Shellcode
- Implementing Port-Binding Shellcode
- Implementing Reverse Connecting Shellcode
- Encoding Shellcode
- Automating Shellcode Generation with Metasploit
- Chapter 11 Basic Windows Exploits
- Compiling and Debugging Windows Programs
- Windows Exploits
- Part IV: Vulnerability Analysis
- Chapter 12 Passive Analysis
- Ethical Reverse Engineering
- Why Reverse Engineering?
- Source Code Analysis
- Binary Analysis
- Chapter 13 Advanced Static Analysis with IDA Pro
- Static Analysis Challenges
- Extending IDA
- Chapter 14 Advanced Reverse Engineering
- Why Try to Break Software?
- The Software Development Process
- Instrumentation Tools
- Fuzzing
- Instrumented Fuzzing Tools and Techniques
- Chapter 15 Client-Side Browser Exploits
- Why Client-Side Vulnerabilities Are Interesting
- Internet Explorer Security Concepts
- History of Client-Side Exploits and Latest Trends
- Finding New Browser-Based Vulnerabilities
- Heap Spray to Exploit
- Protecting Yourself from Client-Side Exp.