Book picks similar to
Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr
cyber
tech
security
non-fiction
Hackers: Heroes of the Computer Revolution
Steven Levy - 1984
That was before one pioneering work documented the underground computer revolution that was about to change our world forever. With groundbreaking profiles of Bill Gates, Steve Wozniak, MIT's Tech Model Railroad Club, and more, Steven Levy's Hackers brilliantly captured a seminal moment when the risk-takers and explorers were poised to conquer twentieth-century America's last great frontier. And in the Internet age, the hacker ethic-first espoused here-is alive and well.
The Best of 2600: A Hacker Odyssey
Emmanuel Goldstein - 2008
Find the best of the magazine's writing in Best of 2600: A Hacker Odyssey, a collection of the strongest, most interesting, and often most controversial articles covering 24 years of changes in technology, all from a hacker's perspective. Included are stories about the creation of the infamous tone dialer "red box" that allowed hackers to make free phone calls from payphones, the founding of the Electronic Frontier Foundation, and the insecurity of modern locks.
Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World
Marcus J. Carey - 2019
Tribe of Hackers wants to change that. We asked for industry, career, and personal advice from 70 cybersecurity luminaries who are ready to break down barriers and shatter ceilings. It's about time.This book can be a catalyst for change for anyone, from beginners trying to enter the industry, to practitioners looking to start their own firms. What tips do the founders of Dragos, Inc. and Duo Security have on starting a company? Do you need a college degree or certification to be a cybersecurity professional? What is the biggest bang-for-the-buck action your organization can take to improve its cybersecurity posture? What "life hacks" to real hackers use to make their own lives easier? What resources can women in cybersecurity utilize to maximize their potential?All proceeds from the book will go towards: Bunker Labs, Sickle Cell Disease Association of America, Rainforest Partnership, and Start-Up! Kid's Club.We can't wait to show you the most epic cybersecurity thought leadership collaborative effort, ever.(Source: Amazon.com)
The Internet Police: How Crime Went Online, and the Cops Followed
Nate Anderson - 2013
It’s not just computer hackers and cyber crooks who lurk in the dark corners of the Web—the cops are there, too.In The Internet Police, Ars Technica deputy editor Nate Anderson takes readers on a behind-the-screens tour of landmark cybercrime cases, revealing how criminals continue to find digital and legal loopholes even as police hurry to cinch them closed. From the Cleveland man whose "natural male enhancement" pill inadvertently protected the privacy of your e-mail to the Russian spam king who ended up in a Milwaukee jail to the Australian arrest that ultimately led to the breakup of the largest child pornography ring in the United States, Anderson draws on interviews, court documents, and law-enforcement reports to reconstruct accounts of how online policing actually works. Questions of online crime are as complex and interconnected as the Internet itself. With each episode in The Internet Police, Anderson shows the dark side of online spaces—but also how dystopian a fully "ordered" alternative would be.Includes an afterword that details law enforcement's dramatic seizure of the online black market Silk Road.
Future Crimes
Marc Goodman - 2015
Hackers can activate baby monitors to spy on families, thieves are analyzing social media posts to plot home invasions, and stalkers are exploiting the GPS on smart phones to track their victims’ every move. We all know today’s criminals can steal identities, drain online bank accounts, and wipe out computer servers, but that’s just the beginning. To date, no computer has been created that could not be hacked—a sobering fact given our radical dependence on these machines for everything from our nation’s power grid to air traffic control to financial services. Yet, as ubiquitous as technology seems today, just over the horizon is a tidal wave of scientific progress that will leave our heads spinning. If today’s Internet is the size of a golf ball, tomorrow’s will be the size of the sun. Welcome to the Internet of Things, a living, breathing, global information grid where every physical object will be online. But with greater connections come greater risks. Implantable medical devices such as pacemakers can be hacked to deliver a lethal jolt of electricity and a car’s brakes can be disabled at high speed from miles away. Meanwhile, 3-D printers can produce AK-47s, bioterrorists can download the recipe for Spanish flu, and cartels are using fleets of drones to ferry drugs across borders. With explosive insights based upon a career in law enforcement and counterterrorism, Marc Goodman takes readers on a vivid journey through the darkest recesses of the Internet. Reading like science fiction, but based in science fact, Future Crimes explores how bad actors are primed to hijack the technologies of tomorrow, including robotics, synthetic biology, nanotechnology, virtual reality, and artificial intelligence. These fields hold the power to create a world of unprecedented abundance and prosperity. But the technological bedrock upon which we are building our common future is deeply unstable and, like a house of cards, can come crashing down at any moment. Future Crimes provides a mind-blowing glimpse into the dark side of technological innovation and the unintended consequences of our connected world. Goodman offers a way out with clear steps we must take to survive the progress unfolding before us. Provocative, thrilling, and ultimately empowering, Future Crimes will serve as an urgent call to action that shows how we can take back control over our own devices and harness technology’s tremendous power for the betterment of humanity—before it’s too late.From the Hardcover edition.
Penetration Testing: A Hands-On Introduction to Hacking
Georgia Weidman - 2014
This beginner-friendly book opens with some basics of programming and helps you navigate Kali Linux, an operating system that comes preloaded with useful computer security tools like Wireshark and Metasploit. You'll learn about gathering information on a target, social engineering, capturing network traffic, analyzing vulnerabilities, developing exploits, and more. Hands-on examples discuss even advanced topics like mobile device security and bypassing anti-virus software.
Android Hacker's Handbook
Joshua J. Drake - 2013
Written by experts who rank among the world's foremost Android security researchers, this book presents vulnerability discovery, analysis, and exploitation tools for the good guys. Following a detailed explanation of how the Android OS works and its overall security architecture, the authors examine how vulnerabilities can be discovered and exploits developed for various system components, preparing you to defend against them.If you are a mobile device administrator, security researcher, Android app developer, or consultant responsible for evaluating Android security, you will find this guide is essential to your toolbox.A crack team of leading Android security researchers explain Android security risks, security design and architecture, rooting, fuzz testing, and vulnerability analysis Covers Android application building blocks and security as well as debugging and auditing Android apps Prepares mobile device administrators, security researchers, Android app developers, and security consultants to defend Android systems against attack Android Hacker's Handbook is the first comprehensive resource for IT professionals charged with smartphone security.
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Bruce Dang - 2014
Reverse engineering is not about reading assembly code, but actually understanding how different pieces/components in a system work. To reverse engineer a system is to understand how it is constructed and how it works. The book provides: Coverage of x86, x64, and ARM. In the past x86 was the most common architecture on the PC; however, times have changed and x64 is becoming the dominant architecture. It brings new complexity and constructs previously not present in x86. ARM ("Advanced RISC Machine) "is very common in embedded / consumer electronic devices; for example, most if not all cell phones run on ARM. All of apple's i-devices run on ARM. This book will be the first book to cover all three.Discussion of Windows kernel-mode code (rootkits/drivers). This topic has a steep learning curve so most practitioners stay away from this area because it is highly complex. However, this book will provide a concise treatment of this topic and explain how to analyze drivers step-by-step.The book uses real world examples from the public domain. The best way to learn is through a combination of concept discussions, examples, and exercises. This book uses real-world trojans / rootkits as examples congruent with real-life scenariosHands-on exercises. End-of-chapter exercises in the form of conceptual questions and hands-on analysis so so readers can solidify their understanding of the concepts and build confidence. The exercises are also meant to teach readers about topics not covered in the book.
Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks
Michal Zalewski - 2005
Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems.Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.
Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous
Gabriella Coleman - 2014
She ended up becoming so closely connected to Anonymous that the tricky story of her inside–outside status as Anon confidante, interpreter, and erstwhile mouthpiece forms one of the themes of this witty and entirely engrossing book.The narrative brims with details unearthed from within a notoriously mysterious subculture, whose semi-legendary tricksters—such as Topiary, tflow, Anachaos, and Sabu—emerge as complex, diverse, politically and culturally sophisticated people. Propelled by years of chats and encounters with a multitude of hackers, including imprisoned activist Jeremy Hammond and the double agent who helped put him away, Hector Monsegur, Hacker, Hoaxer, Whistleblower, Spy is filled with insights into the meaning of digital activism and little understood facets of culture in the Internet age, including the history of “trolling,” the ethics and metaphysics of hacking, and the origins and manifold meanings of “the lulz.”
Hacking: The Art of Exploitation
Jon Erickson - 2003
This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.
Hacking Exposed: Network Security Secrets & Solutions
Joel Scambray - 2003
Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc."For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." Patrick Heim, CISO, Kaiser Permanente"The definitive resource to understanding the hacking mindset and the defenses against it." Vince Rossi, CEO & President, St. Bernard Software"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." Bill Loesch, CTO, Guard ID Systems"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." Kip Boyle, CISO, PEMCO Mutual Insurance Company"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," Jeff Moss, Founder of the popular Black Hat Security ConferenceMeet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.New and updated material:
New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits
New wireless and RFID security tools, including multilayered encryption and gateways
All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices
Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage
VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking
Fully updated chapters on hacking the Internet user, web hacking, and securing code
The Hacker Playbook: Practical Guide To Penetration Testing
Peter Kim - 2014
The Hacker Playbook provides them their own game plans. Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field. Through a series of football-style “plays,” this straightforward guide gets to the root of many of the roadblocks people may face while penetration testing—including attacking different types of networks, pivoting through security controls, and evading antivirus software. From “Pregame” research to “The Drive” and “The Lateral Pass,” the practical plays listed can be read in order or referenced as needed. Either way, the valuable advice within will put you in the mindset of a penetration tester of a Fortune 500 company, regardless of your career or level of experience. Whether you’re downing energy drinks while desperately looking for an exploit, or preparing for an exciting new job in IT security, this guide is an essential part of any ethical hacker’s library—so there’s no reason not to get in the game.
The Perfect Weapon: How the Cyber Arms Race Set the World Afire
David E. Sanger - 2018
The Perfect Weapon is the riveting story of how, in less than a decade, cyberwarfare displaced terrorism and nuclear attacks as the greatest threat to American national security. Cheap to acquire, difficult to defend against, and designed to shield their user's identities so as to complicate retaliation, these weapons are capable of an unprecedented range of offensive tactics; they can take us just short of war, allowing for everything from disruption to theft to the cause of widespread damage of essential infrastructure systems. And the vulnerability of those systems has created a related but equally urgent conflict: American companies like Apple and Cisco must claim allegiance to no government in the name of selling secure products around the globe yet the US intelligence agencies want the help of such companies in defending against future cyberattacks. Reported and written with unprecedented access by New York Times chief Washington correspondent and bestselling author David Sanger, The Perfect Weapon takes readers inside war rooms and boardrooms, into the secret cyberdens of American and Chinese military, to give the deep-background story of the increasingly pitched battle between nations, their governments, their cyberwarriors, and their corporations.
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
Dafydd Stuttard - 2007
The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.