Join Books.org — it's free
Home > Books > Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook

Terrorism - General & Miscellaneous, Security - Computer Networks, Computer Crime, Computer Security
Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook by Shon Harris — book cover

Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook

by Shon Harris, Jonathan Ness, Allen Harper, Chris Eagle
Write a review
Log in to track your reading progress.

Overview

"A fantastic book for anyone looking to learn the tools and techniques needed to break in and stay in." —Bruce Potter, Founder, The Shmoo Group

"Very highly recommended whether you are a seasoned professional or just starting out in the security business." —Simple Nomad, Hacker

Synopsis

Uncover, plug, and ethically disclose security flaws

Prevent catastrophic network attacks by exposing security flaws, fixing them, and ethically reporting them to the software author. Fully expanded to cover the hacker's latest devious methods, Gray Hat Hacking: The Ethical Hacker's Handbook, Second Edition lays out each exploit alongside line-by-line code samples, detailed countermeasures, and moral disclosure procedures. Find out how to execute effective penetration tests, use fuzzers and sniffers, perform reverse engineering, and find security holes in Windows and Linux applications. You'll also learn how to trap and autopsy stealth worms, viruses, rootkits, adware, and malware.

  • Implement vulnerability testing, discovery, and reporting procedures that comply with applicable laws
  • Learn the basics of programming, stack operations, buffer overflow and heap vulnerabilities, and exploit development
  • Test and exploit systems using Metasploit and other tools
  • Break in to Windows and Linux systems with perl scripts, Python scripts, and customized C programs
  • Analyze source code using ITS4, RATS, FlawFinder, PREfast, Splint, and decompilers
  • Understand the role of IDA Pro scripts, FLAIR tools, and third-party plug-ins in discovering software vulnerabilities
  • Reverse-engineer software using decompiling, profiling, memory monitoring, and data flow analysis tools
  • Reveal client-side web browser vulnerabilities with MangleMe, AxEnum, and AxMan
  • Probe Windows Access Controls to discover insecure access tokens, security descriptors, DACLs, and ACEs
  • Find and examine malware and rootkits using honeypots, honeynets, and Norman SandBox technology

Shon Harris, MCSE, CISSP, is the president of Logical Security, an educator, and a security consultant.

Allen Harper, CISSP, is the president and owner of n2netsecurity, Inc., in North Carolina.

Chris Eagle is the associate chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California.

Jonathan Ness, CHFI, is a lead software security engineer at Microsoft.

About the Author, Shon Harris

Shon Harris, MCSE, CISSP, is the president of Logical Security, an educator, and a security consultant.

Allen Harper, CISSP, is the president and owner of n2netsecurity, Inc., in North Carolina.

Chris Eagle is the associate chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California.

Jonathan Ness, CHFI, is a lead software security engineer at Microsoft.

Reviews

There are no reviews yet. Log in to write one.

Book Details

Published
December 1, 2007
Publisher
McGraw-Hill Companies, The
Pages
578
Format
Paperback
ISBN
9780071495684

More by Shon Harris

CISSP All-in-One Exam Guide, Fifth Edition
CISSP All-in-One Exam Guide, Fifth Edition
CISSP Video Mentor
CISSP Video Mentor
CISSP (Cert Flash Cards Online Series)
CISSP (Cert Flash Cards Online Series)
CompTIA Security+ SY0-201 Video Course
CompTIA Security+ SY0-201 Video Course
CISSP(R) All-in-One Exam Guide
CISSP(R) All-in-One Exam Guide
CISSP Certification Exam Guide
CISSP Certification Exam Guide
CISSP Exam Guide
CISSP Exam Guide
Hacking etico / Gray Hat Hacking
Hacking etico / Gray Hat Hacking
CISSP All-in-One Exam Guide (All-in-one S.)
CISSP All-in-One Exam Guide (All-in-one S.)
CISSP Practice Exams
CISSP Practice Exams

Similar books

Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Hacker's Challenge 2: Test Your Network Security & Forensic Skills
Hacker's Challenge 2: Test Your Network Security & Forensic Skills
Internet Security: Hacking, Counterhacking, and Society
Internet Security: Hacking, Counterhacking, and Society
Art of Deception: Controlling the Human Element of Security
Art of Deception: Controlling the Human Element of Security
Hacker's Challenge
Hacker's Challenge
Cybershock: Surviving Hackers, Phreakers, Identity Thieves, Internet Terrorists and Weapons of Mass Disruption
Cybershock: Surviving Hackers, Phreakers, Identity Thieves, Internet Terrorists and Weapons of Mass Disruption
Cyberwarfare : Terror at a Click
Cyberwarfare : Terror at a Click
Information Security Policies Made Easy: A Comprehensive Set of Information Security Policies Version 7
Information Security Policies Made Easy: A Comprehensive Set of Information Security Policies Version 7
Approaching Zero : The Extraordinary Underworld of Hackers, Phreakers, Virus Writers, and Keyboard Criminals
Approaching Zero : The Extraordinary Underworld of Hackers, Phreakers, Virus Writers, and Keyboard Criminals
Dear Hacker: Letters to the Editor of 2600
Dear Hacker: Letters to the Editor of 2600