jump to navigation

Book of Month: July July 1, 2008

Posted by y2h4ck in security books.
Tags: , , , , , ,
add a comment

Network Security Assessment: Know Your Network
Author: Chris McNab
Publisher: O’Reilly Media
Year: 2007
Pages: 504
Amazon’s book description: How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.

Book of Month: June June 2, 2008

Posted by y2h4ck in security books.
Tags: , , , , , ,
add a comment

The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws
Author: Dafydd Stuttard, Marcus Pinto
Publisher: Wiley
Year: 2007
Pages: 736
Amazon’s book description: This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

Book of Month: May May 2, 2008

Posted by y2h4ck in Pentesting, security books.
Tags: , , ,
add a comment

Hacking Exposed Windows Server 2003
Author: Joel Scambray, Stuart McClure
Publisher: McGraw-Hill Osborne Media
Year: 2006
Pages: 628
Amazon’s book description: Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true Hacking Exposed way. You’ll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders every time.

Book of Month: April April 3, 2008

Posted by y2h4ck in security books.
Tags: , , , , , ,
add a comment

rootkits.jpg

Rootkits: Subverting the Windows Kernel
Author: Greg Hoglund, Jamie Butler
Publisher: Addison-Wesley Professional
Year: 2005
Pages: 352
Amazon’s book description: Rootkits are the ultimate backdoor, giving hackers ongoing and virtually undetectable access to the systems they exploit. Now, two of the world’s leading experts have written the first comprehensive guide to rootkits: what they are, how they work, how to build them, and how to detect them. Rootkit.com’s Greg Hoglund and James Butler created and teach Black Hat’s legendary course in rootkits. In this book, they reveal never-before-told offensive aspects of rootkit technology–learn how attackers can get in and stay in for years, without detection.

Book of Month - March March 7, 2008

Posted by y2h4ck in security books.
add a comment

001.jpg

Hacking: The Art of Exploitation
Author: Jon Erickson
Publisher: No Starch Press
Year: 2007
Pages: 504
Amazon’s book description: Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope. Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker’s perspective.

Book of Month: February/2008 February 18, 2008

Posted by y2h4ck in security books.
Tags: , , , ,
add a comment

Windows Hacking Exposed

Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions
Author: Joel Scambray
Publisher: McGraw-Hill Osborne Media
Year: 2007
Pages: 480
Descrição: Meet the challenges of Windows security with the exclusive Hacking Exposed “attack-countermeasure” approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors’ and contributors’ many years as security professionals hired to break into the world’s largest IT infrastructures.