Dissecting The Hack: The F0rb1dd3n Network


Jayson E. Street - 2009
    One half massive case study, one half technical manual, Dissecting the Hack has it all - learn all about hacking tools and techniques and how to defend your network against threats. Yes, the security threats are real - read more about the tactics that you see executed throughout the story in the second half of the book where you will learn to recon, scan, explore, exploit and expunge with the tools and techniques shown in the story. Every hack is real and can be used by you once you have the knowledge within this book! Utilizes actual hacking and security tools in its story- helps to familiarize a newbie with the many devices and their codeIntroduces basic hacking techniques in real life context for ease of learningPresented in the words of the hacker/security pro, effortlessly envelops the beginner in the language of the hack

Backtrack 5 Wireless Penetration Testing Beginner's Guide


Vivek Ramachandran - 2011
    Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along. If you are an IT security professional or a security consultant who wants to get started with wireless testing with Backtrack, or just plain inquisitive about wireless security and hacking, then this book is for you. The book assumes that you have familiarity with Backtrack and basic wireless concepts.

Hacking: The Art of Exploitation


Jon Erickson - 2003
    This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.

Node.Js the Right Way: Practical, Server-Side JavaScript That Scales


Jim R. Wilson - 2013
    Ready to take JavaScript beyond the browser, explore dynamic languages features and embrace evented programming? Explore the fun, growing repository of Node modules provided by npm. Work with multiple protocols, load-balanced RESTful web services, express, 0MQ, Redis, CouchDB, and more. Develop production-grade Node applications fast. JavaScript is the backbone of the modern web, powering nearly every web app's user interface. Node.js is JavaScript for the server. This book shows you how to develop small, fast, low-profile, useful, networked applications. You'll write asynchronous, non-blocking code using Node's style and patterns. You'll cluster and load balance your services with Node core features and third-party tools. You'll work with many protocols, creating RESTful web services, TCP socket clients and servers, and more. This short book packs a hefty dose of Node.js. You'll test your code's functionality and performance under load. You'll learn important aspects of Node development--from its architecture and core, to its ecosystem of third-party modules. You'll discover how Node pairs a server-side event loop with a JavaScript runtime to produce screaming fast, non-blocking concurrency. Through a series of practical programming domains, you'll use the latest available ECMAScript Harmony features and harness key Node classes such as EventEmitter and Stream. Throughout the book, you'll develop real programs that are small, fast, low-profile, and useful. Get ready to join a smart community that's rapidly advancing the state of the art in web development.What You Need: Latest stable release of Node.js, this book was written with 0.12.x in mind. The 0MQ (ZeroMQ) library, version 3.2 or higher.

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing


Johnny Long - 2007
    Kevin Mitnick's last book sold 40,000 units in North America.As the clich� goes, information is power. In this age of technology, an increasing majority of the world's information is stored electronically. It makes sense then that we rely on high-tech electronic protection systems to guard that information. As professional hackers, Johnny Long and Kevin Mitnick get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, their goal has always been the same: extract the information using any means necessary. After hundreds of jobs, they have discovered the secrets to bypassing every conceivable high-tech security system. This book reveals those secrets; as the title suggests, it has nothing to do with high technology.

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws


Dafydd Stuttard - 2007
    The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.

React: Up and Running


Stoyan Stefanov - 2015
    With "React: Up and Running" you'll learn how to get off the ground with React, with no prior knowledge.This book teaches you how to build components, the building blocks of your apps, as well as how to organize the components into large-scale apps. In addition, you ll learn about unit testing and optimizing performance, while focusing on the application s data (and letting the UI take care of itself)."

Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali


OccupyTheWeb - 2018
    Topics include Linux command line basics, filesystems, networking, BASH basics, package management, logging, and the Linux kernel and drivers.If you're getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you'll learn the basics of using the Linux operating system and acquire the tools and techniques you'll need to take control of a Linux environment.First, you'll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you'll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You'll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to: - Cover your tracks by changing your network information and manipulating the rsyslog logging utility - Write a tool to scan for network connections, and connect and listen to wireless networks - Keep your internet activity stealthy using Tor, proxy servers, VPNs, and encrypted email - Write a bash script to scan open ports for potential targets - Use and abuse services like MySQL, Apache web server, and OpenSSH - Build your own hacking tools, such as a remote video spy camera and a password crackerHacking is complex, and there is no single way in. Why not start at the beginning with Linux Basics for Hackers?

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning


Gordon Fyodor Lyon - 2009
    From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire. Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine. Hints and instructions are provided for common uses such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks. Nmap runs on Windows, Linux, and Mac OS X.Nmap's original author, Gordon "Fyodor" Lyon, wrote this book to share everything he has learned about network scanning during more than 11 years of Nmap development. Visit http: //nmap.org/book for more information and sample chapters.

Red Team Field Manual


Ben Clark - 2014
    The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.

Hacking Exposed: Network Security Secrets and Solutions


Joel Scambray - 2000
    This text provides network administrators with a reference for implementing and maintaining sound security policies

Professional Test Driven Development with C#: Developing Real World Applications with Tdd


James Bender - 2011
    This hands-on guide provides invaluable insight for creating successful test-driven development processes. With source code and examples featured in both C# and .NET, the book walks you through the TDD methodology and shows how it is applied to a real-world application. You'll witness the application built from scratch and details each step that is involved in the development, as well as any problems that were encountered and the solutions that were applied.Clarifies the motivation behind test-driven development (TDD), what it is, and how it works Reviews the various steps involved in developing an application and the testing that is involved prior to implementing the functionality Discusses unit testing and refactoring Professional Test-Driven Development with C# shows you how to create great TDD processes right away.

Networking for Systems Administrators (IT Mastery Book 5)


Michael W. Lucas - 2015
    Servers give sysadmins a incredible visibility into the network—once they know how to unlock it. Most sysadmins don’t need to understand window scaling, or the differences between IPv4 and IPv6 echo requests, or other intricacies of the TCP/IP protocols. You need only enough to deploy your own applications and get easy support from the network team.This book teaches you:•How modern networks really work•The essentials of TCP/IP•The next-generation protocol, IPv6•The right tools to diagnose network problems, and how to use them•Troubleshooting everything from the physical wire to DNS•How to see the traffic you send and receive•Connectivity testing•How to communicate with your network team to quickly resolve problemsA systems administrator doesn’t need to know the innards of TCP/IP, but knowing enough to diagnose your own network issues transforms a good sysadmin into a great one.

Rootkits: Subverting the Windows Kernel


Greg Hoglund - 2005
    It is truly cutting-edge. As the only book on the subject, Rootkits will be of interest to any Windows security researcher or security programmer. It's detailed, well researched and the technical information is excellent. The level of technical detail, research, and time invested in developing relevant examples is impressive. In one word: Outstanding."--Tony Bautts, Security Consultant; CEO, Xtivix, Inc. "This book is an essential read for anyone responsible for Windows security. Security professionals, Windows system administrators, and programmers in general will want to understand the techniques used by rootkit authors. At a time when many IT and security professionals are still worrying about the latest e-mail virus or how to get all of this month's security patches installed, Mr. Hoglund and Mr. Butler open your eyes to some of the most stealthy and significant threats to the Windows operating system. Only by understanding these offensive techniques can you properly defend the networks and systems for which you are responsible."--Jennifer Kolde, Security Consultant, Author, and Instructor "What's worse than being owned? Not knowing it. Find out what it means to be owned by reading Hoglund and Butler's first-of-a-kind book on rootkits. At the apex the malicious hacker toolset--which includes decompilers, disassemblers, fault-injection engines, kernel debuggers, payload collections, coverage tools, and flow analysis tools--is the rootkit. Beginning where Exploiting Software left off, this book shows how attackers hide in plain sight."Rootkits are extremely powerful and are the next wave of attack technology. Like other types of malicious code, rootkits thrive on stealthiness. They hide away from standard system observers, employing hooks, trampolines, and patches to get their work done. Sophisticated rootkits run in such a way that other programs that usually monitor machine behavior can't easily detect them. A rootkit thus provides insider access only to people who know that it is running and available to accept commands. Kernel rootkits can hide files and running processes to provide a backdoor into the target machine."Understanding the ultimate attacker's tool provides an important motivator for those of us trying to defend systems. No authors are better suited to give you a detailed hands-on understanding of rootkits than Hoglund and Butler. Better to own this book than to be owned."--Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting Software (2004) and Building Secure Software (2002), both from Addison-Wesley "Greg and Jamie are unquestionably the go-to experts when it comes to subverting the Windows API and creating rootkits. These two masters come together to pierce the veil of mystery surrounding rootkits, bringing this information out of the shadows. Anyone even remotely interested in security for Windows systems, including forensic analysis, should include this book very high on their must-read list."--Harlan Carvey, author of Windows Forensics and Incident Recovery (Addison-Wesley, 2005) Rootkits are the ultimate backdoor, giving hackers ongoing and virtually undetectable access to the systems they exploit. Now, two of the world's leading experts have written the first comprehensive guide to rootkits: what they are, how they work, how to build them, and how to detect them. Rootkit.com's Greg Hoglund and James Butler created and teach Black Hat's legendary course in rootkits. In this book, they reveal never-before-told offensive aspects of rootkit technology--learn how attackers can get in and stay in for years, without detection. Hoglund and Butler show exactly how to subvert the Windows XP and Windows 2000 kernels, teaching concepts that are easily applied to virtually any modern operating system, from Windows Server 2003 to Linux and UNIX. They teach rootkit programming techniques that can be used for a wide range of software, from white hat security tools to operating system drivers and debuggers. After reading this book, readers will be able to Understand the role of rootkits in remote command/control and software eavesdropping Build kernel rootkits that can make processes, files, and directories invisible Master key rootkit programming techniques, including hooking, runtime patching, and directly manipulating kernel objects Work with layered drivers to implement keyboard sniffers and file filters Detect rootkits and build host-based intrusion prevention software that resists rootkit attacks

Ruby for Rails: Ruby Techniques for Rails Developers


David A. Black - 2006
    That means you can't tap into the full power of Rails unless you master the Ruby language. ""Ruby for Rails,"" written by Ruby expert David Black (with a forward by David Heinemeier Hansson), helps Rails developers achieve Ruby mastery. Each chapter deepens your Ruby knowledge and shows you how it connects to Rails. You'll gain confidence working with objects and classes and learn how to leverage Ruby's elegant, expressive syntax for Rails application power. And you'll become a better Rails developer through a deep understanding of the design of Rails itself and how to take advantage of it.Newcomers to Ruby will find a Rails-oriented Ruby introduction that's easy to read and that includes dynamic programming techniques, an exploration of Ruby objects, classes, and data structures, and many neat examples of Ruby and Rails code in action. ""Ruby for Rails"": the Ruby guide for Rails developers!What's Inside Classes, modules, and objects Collection handling and filtering String and regular expression manipulation Exploration of the Rails source code Ruby dynamics Many more programming concepts and techniques!