This fourth edition explains the enemy's current weapons, skills, and tactics, and offers field-tested remedies, case studies, and ready-to-deploy testing labs. You will learn how to build and launch spoofing exploits with Ettercap and Evilgrade; induce error conditions and crash software using fuzzers; hack Cisco routers, switches, and network hardware; use advanced reverse engineering to exploit Windows and Linux software; bypass Windows Access Control and memory protection schemes; scan for flaws in Web applications; utilize use-after-free technique used in recent zero days; bypass Web authentication; inject your shellcode into a browser's memory using the latest Heap Spray techniques; hijack Web browsers with Metasploit and the BeEF Injection Framework; neutralize ransomware before it takes control of your desktop; dissect Android malware with JEB and DAD decompilers; and find one-day vulnerabilities with binary diffing. --
Description based on print version record
Includes bibliographical references and index
Cover -- Title Page -- Copyright Page -- Dedication -- Contents -- Preface -- Acknowledgments -- Introduction -- Part I Crash Course: Preparing for the War -- Chapter 1 Ethical Hacking and the Legal System -- Why You Need to Understand Your Enemy's Tactics -- Recognizing Trouble When It Happens -- The Ethical Hacking Process -- The Penetration Testing Process -- What Would an Unethical Hacker Do Differently? -- The Rise of Cyberlaw -- Understanding Individual Cyberlaws -- The Controversy of "Hacking" Tools -- Vulnerability Disclosure -- Different Teams and Points of View
How Did We Get Here? -- CERT's Current Process -- Organization for Internet Safety -- Conflicts Will Still Exist -- "No More Free Bugs" -- Bug Bounty Programs -- Summary -- References -- For Further Reading -- Chapter 2 Programming Survival Skills -- C Programming Language -- Basic C Language Constructs -- Sample Program -- Compiling with gcc -- Computer Memory -- Random Access Memory (RAM) -- Endian -- Segmentation of Memory -- Programs in Memory -- Buffers -- Strings in Memory -- Pointers -- Putting the Pieces of Memory Together -- Intel Processors -- Registers -- Assembly Language Basics
Machine vs. Assembly vs. C -- AT&T vs. NASM -- Addressing Modes -- Assembly File Structure -- Assembling -- Debugging with gdb -- gdb Basics -- Disassembly with gdb -- Python Survival Skills -- Getting Python -- Hello World in Python -- Python Objects -- Strings -- Numbers -- Lists -- Dictionaries -- Files with Python -- Sockets with Python -- Summary -- References -- For Further Reading -- Chapter 3 Static Analysis -- Ethical Reverse Engineering -- Why Bother with Reverse Engineering? -- Reverse Engineering Considerations -- Source Code Analysis -- Source Code Auditing Tools
The Utility of Source Code Auditing Tools -- Manual Source Code Auditing -- Automated Source Code Analysis -- Binary Analysis -- Manual Auditing of Binary Code -- Automated Binary Analysis Tools -- Summary -- For Further Reading -- Chapter 4 Advanced Analysis with IDA Pro -- Static Analysis Challenges -- Stripped Binaries -- Statically Linked Programs and FLAIR -- Data Structure Analysis -- Quirks of Compiled C++ Code -- Extending IDA Pro -- Scripting in IDAPython -- Example 4-1: Decrypting Strings in Place -- Executing Python Code -- Summary -- For Further Reading -- Chapter 5 World of Fuzzing
Introduction to Fuzzing -- Choosing a Target -- Input Types -- Ease of Automation -- Complexity -- Types of Fuzzers -- Mutation Fuzzers -- Generation Fuzzers -- Getting Started -- Finding the Fuzzing Templates -- Lab 5-1: Collecting Samples from the Internet Archive -- Choosing the Optimal Template Set with Code Coverage -- Lab 5-2: Selecting the Best Samples for Fuzzing -- Peach Fuzzing Framework -- Peach Fuzzing Strategies -- Speed Does Matter -- Crash Analysis -- Lab 5-3: Mutation Fuzzing with Peach -- Other Mutation Fuzzers -- Generation Fuzzers -- Summary -- For Further Reading
Access-restricted-item true Addeddate 2021-10-13 20:08:42 Boxid IA40259309 Camera USB PTP Class Camera Collection_set printdisabled External-identifier urn:oclc:record:904597568
urn:lcp:grayhathackinget0000rega:lcpdf:1d773f90-96d7-4bb6-adc2-a0c70b5b9582
urn:lcp:grayhathackinget0000rega:epub:72c9fb15-9a02-417b-aa03-26fcac5ad94f Foldoutcount 0 Identifier grayhathackinget0000rega Identifier-ark ark:/13960/t41s9db00 Invoice 1652 Isbn 9780071838504
0071838503
9780071832380 Ocr tesseract 5.0.0-beta-20210815 Ocr_detected_lang en Ocr_detected_lang_conf 1.0000 Ocr_detected_script Latin Ocr_detected_script_conf 0.9791 Ocr_module_version 0.0.13 Ocr_parameters -l eng Old_pallet IA-WL-0000329 Openlibrary_edition OL26837931M Openlibrary_work OL15111477W Page_number_confidence 96 Page_number_module_version 1.0.5 Pages 662 Pdf_module_version 0.0.15 Ppi 360 Rcs_key 24143 Republisher_date 20211013165806 Republisher_operator associate-paola-pacana@archive.org Republisher_time 785 Scandate 20211012044630 Scanner station37.cebu.archive.org Scanningcenter cebu Scribe3_search_catalog isbn Scribe3_search_id 9780071832380 Tts_version 4.5-initial-80-gce32ee1e Worldcat (source edition) 904597568