Cargando…

Gray hat hacking : the ethical hacker's handbook /

This fourth edition explains the enemy's current weapons, skills, and tactics, and offers field-tested remedies, case studies, and ready-to-deploy testing labs. You will learn how to build and launch spoofing exploits with Ettercap and Evilgrade; induce error conditions and crash software using...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Regalado, Daniel (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: New York : McGraw-Hill Education, [2015]
Edición:Fourth edition.
Temas:
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • Dedication
  • Contents
  • Preface
  • Acknowledgments
  • Introduction
  • Part I Crash Course: Preparing for the War
  • Chapter 1 Ethical Hacking and the Legal System
  • Why You Need to Understand Your Enemy's Tactics
  • Recognizing Trouble When It Happens
  • The Ethical Hacking Process
  • The Penetration Testing Process
  • What Would an Unethical Hacker Do Differently?
  • The Rise of Cyberlaw
  • Understanding Individual Cyberlaws
  • The Controversy of "Hacking" Tools
  • Vulnerability Disclosure
  • Different Teams and Points of View
  • How Did We Get Here?
  • CERT's Current Process
  • Organization for Internet Safety
  • Conflicts Will Still Exist
  • "No More Free Bugs"
  • Bug Bounty Programs
  • Summary
  • References
  • For Further Reading
  • Chapter 2 Programming Survival Skills
  • C Programming Language
  • Basic C Language Constructs
  • Sample Program
  • Compiling with gcc
  • Computer Memory
  • Random Access Memory (RAM)
  • Endian
  • Segmentation of Memory
  • Programs in Memory
  • Buffers
  • Strings in Memory
  • Pointers
  • Putting the Pieces of Memory Together
  • Intel Processors
  • Registers
  • Assembly Language Basics
  • Machine vs. Assembly vs. C
  • AT&T vs. NASM
  • Addressing Modes
  • Assembly File Structure
  • Assembling
  • Debugging with gdb
  • gdb Basics
  • Disassembly with gdb
  • Python Survival Skills
  • Getting Python
  • Hello World in Python
  • Python Objects
  • Strings
  • Numbers
  • Lists
  • Dictionaries
  • Files with Python
  • Sockets with Python
  • Summary
  • References
  • For Further Reading
  • Chapter 3 Static Analysis
  • Ethical Reverse Engineering
  • Why Bother with Reverse Engineering?
  • Reverse Engineering Considerations
  • Source Code Analysis
  • Source Code Auditing Tools
  • The Utility of Source Code Auditing Tools
  • Manual Source Code Auditing
  • Automated Source Code Analysis
  • Binary Analysis
  • Manual Auditing of Binary Code
  • Automated Binary Analysis Tools
  • Summary
  • For Further Reading
  • Chapter 4 Advanced Analysis with IDA Pro
  • Static Analysis Challenges
  • Stripped Binaries
  • Statically Linked Programs and FLAIR
  • Data Structure Analysis
  • Quirks of Compiled C++ Code
  • Extending IDA Pro
  • Scripting in IDAPython
  • Example 4-1: Decrypting Strings in Place
  • Executing Python Code
  • Summary
  • For Further Reading
  • Chapter 5 World of Fuzzing
  • Introduction to Fuzzing
  • Choosing a Target
  • Input Types
  • Ease of Automation
  • Complexity
  • Types of Fuzzers
  • Mutation Fuzzers
  • Generation Fuzzers
  • Getting Started
  • Finding the Fuzzing Templates
  • Lab 5-1: Collecting Samples from the Internet Archive
  • Choosing the Optimal Template Set with Code Coverage
  • Lab 5-2: Selecting the Best Samples for Fuzzing
  • Peach Fuzzing Framework
  • Peach Fuzzing Strategies
  • Speed Does Matter
  • Crash Analysis
  • Lab 5-3: Mutation Fuzzing with Peach
  • Other Mutation Fuzzers
  • Generation Fuzzers
  • Summary
  • For Further Reading