Gray Hat Hacking: The Ethical Hacker's Handbook - Second Edition
Prevent catastrophic network attacks by exposing security flaws, fixing them, and ethically reporting them to the software author. Fully expanded to cover the hacker's latest devious methods, Gray Hat Hacking: The Ethical Hacker's Handbook - Second Edition lays out each exploit alongside line-by-line code samples, detailed countermeasures, and moral disclosure procedures. Find out how to execute effective penetration tests, use fuzzers and sniffers, perform reverse engineering, and find security holes in Windows and Linux applications. You'll also learn how to trap and autopsy stealth worms, viruses, rootkits, adware, and malware. - Implement vulnerability testing, discovery, and reporting procedures that comply with applicable laws
- Learn the basics of programming, stack operations, buffer overflow and heap vulnerabilities, and exploit development
- Test and exploit systems using Metasploit and other tools
- Break in to Windows and Linux systems with perl scripts, Python scripts, and customized C programs
- Analyze source code using ITS4, RATS, FlawFinder, PREfast, Splint, and decompilers
- Understand the role of IDA Pro scripts, FLAIR tools, and third-party plug-ins in discovering software vulnerabilities
- Reverse-engineer software using decompiling, profiling, memory monitoring, and data flow analysis tools
- Reveal client-side web browser vulnerabilities with MangleMe, AxEnum, and AxMan
- Probe Windows Access Controls to discover insecure access tokens, security descriptors, DACLs, and ACEs
- Find and examine malware and rootkits using honeypots, honeynets, and Norman SandBox technology
Book Details Paperback:
| 550 pages
| Dimensions (in inches):
| 2.25 x 9.25 x 7.50
| Publisher:
| McGraw-Hill Osborne Media; 2 edition (December 20, 2007)
| Language:
| English
| ISBN -10:
| 0071495681
| ISBN -13:
| 978-0071495684
|
 Shon Harris, CISSP, MCSE, is a security consultant, a former engineer in the Air Force Information Warfare Unit, an instructor, an author, and President of Logical Security.
She has written two best selling CISSP books, and co-authored Hacker's Challenge and Gray Hat Hacking. Shon has developed a new security book series, being published by McGraw-Hill, which will be sold to corporations, universities, colleges, and professionals throughout the world. This series will set new standards in security training, education, and industry practices.
She is an active contributor for Information Security Magazine and Windows 2000 Magazine. Shon has taught computer and information security to a wide range of clients including RSA, Department of Defense, Department of Energy, National Security Agency (NSA), Bank of America, Defense Information Systems Agency (DISA), BMC, and more.
Shon was recently recognized by Information Security Magazine as one of the top 25 women technologists, researchers and executives reshaping information security today.
Co-authors: Allen Harper, Chris Eagle and Jonathan Ness
Part I - Introduction to Ethical Disclosure Chapter 1 - Ethics of Ethical Hacking
Chapter 2 - Ethical Hacking and the Legal System
Chapter 3 - Proper and Ethical Disclosure Part II - Introduction to Ethical Disclosure Chapter 4 - Using Metasploit
Chapter 5 - Using the Back Track LiveCD Linux Distribution Part III - Exploits 101 Chapter 6 - Programming Survival Skills
Chapter 7 - Basic Linux Exploits
Chapter 8 - Advanced Linux Exploits
Chapter 9 - Shellcode Strategies
Chapter 10 - Writing Linux Shellcode
Chapter 11 - Basic Windows Exploits Part IV - Vulnerability Analysis Chapter 12 - Passive Analysis
Chapter 13 - Advanced Static Analysis with IDA Pro
Chapter 14 - Advanced Reverse Engineering
Chapter 15 - Client-Side Browser Exploits
Chapter 16 - Exploiting Windows Access Control Model for Local Elevation of Privilege
Chapter 17 - Intelligent Fuzzing with Sulley
Chapter 18 - From Vulnerability to Exploit
Chapter 19 - Closing the Holes: Mitigation Part V - Malware Analysis Chapter 20 - Collecting Malware and Initial Analysis
Chapter 21 - Hacking Malware
|
