Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
010-4731397
Allen Harper Meer over de auteurs
, , , , , , e.a.

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition

 Paperback Engels 2022 6e druk 9781264268948
64,64
In winkelwagen
Verwachte levertijd ongeveer 11 werkdagen

Samenvatting

Up-to-date strategies for thwarting the latest, most insidious network attacks

This fully updated, industry-standard security resource shows, step by step, how to fortify computer networks by learning and applying effective ethical hacking techniques. Based on curricula developed by the authors at major security conferences and colleges, the book features actionable planning and analysis methods as well as practical steps for identifying and combating both targeted and opportunistic attacks.

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition clearly explains the enemy’s devious weapons, skills, and tactics and offers field-tested remedies, case studies, and testing labs. You will get complete coverage of Internet of Things, mobile, and Cloud security along with penetration testing, malware analysis, and reverse engineering techniques. State-of-the-art malware, ransomware, and system exploits are thoroughly explained.Fully revised content includes 7 new chapters covering the latest threatsIncludes proof-of-concept code stored on the GitHub repositoryAuthors train attendees at major security conferences, including RSA, Black Hat, Defcon, and B-Sides

Specificaties

ISBN13:9781264268948
Taal:Engels
Bindwijze:paperback
Uitgever:McGraw-Hill Education
Druk:6

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!
Uw cijfer
?

Inhoudsopgave

<p>Preface<br>Acknowledgments<br>Introduction</p><p><strong>Part I. Preparation</strong></p><p><strong>Chapter 1. Gray Hat Hacking</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Gray Hat Hacking Overview<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;History of Hacking<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Ethics and Hacking<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Definition of Gray Hat Hacking<br>&nbsp;&nbsp;&nbsp;&nbsp;History of Ethical Hacking<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;History of Vulnerability Disclosure<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Bug Bounty Programs<br>&nbsp;&nbsp;&nbsp;&nbsp;Know the Enemy: Black Hat Hacking<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Advanced Persistent Threats<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Lockheed Martin Cyber Kill Chain<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Courses of Action for the Cyber Kill Chain<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;MITRE ATT&amp;CK Framework<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 2. Programming Survival Skills</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;C Programming Language<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Basic C Language Constructs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-1:</strong> Format Strings<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-2:</strong> Loops<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-3:</strong> if/else<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sample Programs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-4:</strong> hello.c<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-5:</strong> meet.c<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Compiling with gcc<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-6:</strong> Compiling meet.c<br>&nbsp;&nbsp;&nbsp;&nbsp;Computer Memory<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Random Access Memory<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Endian<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Segmentation of Memory<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Programs in Memory<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Buffers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Strings in Memory<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Pointers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Putting the Pieces of Memory Together<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-7:</strong> memory.c<br>&nbsp;&nbsp;&nbsp;&nbsp;Intel Processors<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Registers<br>&nbsp;&nbsp;&nbsp;&nbsp;Assembly Language Basics<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Machine vs. Assembly vs. C<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;AT&amp;T vs. NASM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Addressing Modes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Assembly File Structure<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-8:</strong> Simple Assembly Program<br>&nbsp;&nbsp;&nbsp;&nbsp;Debugging with gdb<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;gdb Basics<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-9:</strong> Debugging<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-10:</strong> Disassembly with gdb<br>&nbsp;&nbsp;&nbsp;&nbsp;Python Survival Skills<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Getting Python<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-11:</strong> Launching Python<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-12:</strong> “Hello, World!” in Python<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Python Objects<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-13:</strong> Strings<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-14:</strong> Numbers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-15:</strong> Lists<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-16:</strong> Dictionaries<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-17:</strong> Files with Python<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 2-18:</strong> Sockets with Python<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 3. Linux Exploit Development Tools</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Binary, Dynamic Information-Gathering Tools<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-1:</strong> Hello.c<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-2:</strong> ldd<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-3:</strong> objdump<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-4:</strong> strace<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-5:</strong> ltrace<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-6:</strong> checksec<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-7:</strong> libc-database<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-8:</strong> patchelf<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-9:</strong> one_gadget<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-10:</strong> Ropper<br>&nbsp;&nbsp;&nbsp;&nbsp;Extending gdb with Python<br>&nbsp;&nbsp;&nbsp;&nbsp;Pwntools CTF Framework and Exploit Development Library<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Summary of Features<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-11:</strong> leak-bof.c<br>&nbsp;&nbsp;&nbsp;&nbsp;HeapME (Heap Made Easy) Heap Analysis and Collaboration Tool<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Installing HeapME<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 3-12:</strong> heapme_demo.c<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 4. Introduction to Ghidra</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Creating Our First Project<br>&nbsp;&nbsp;&nbsp;&nbsp;Installation and QuickStart<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Setting the Project Workspace<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Functionality Overview<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 4-1:</strong> Improving Readability with Annotations<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 4-2:</strong> Binary Diffing and Patch Analysis<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 5. IDA Pro</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Introduction to IDA Pro for Reverse Engineering<br>&nbsp;&nbsp;&nbsp;&nbsp;What Is Disassembly?<br>&nbsp;&nbsp;&nbsp;&nbsp;Navigating IDA Pro<br>&nbsp;&nbsp;&nbsp;&nbsp;IDA Pro Features and Functionality<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cross-References (Xrefs)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Function Calls<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Proximity Browser<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Opcodes and Addressing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Shortcuts<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Comments<br>&nbsp;&nbsp;&nbsp;&nbsp;Debugging with IDA Pro<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Part II. Ethical Hacking</strong></p><p><strong>Chapter 6. Red and Purple Teams</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Introduction to Red Teams<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Vulnerability Scanning<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Validated Vulnerability Scanning<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Penetration Testing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Threat Simulation and Emulation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Purple Team<br>&nbsp;&nbsp;&nbsp;&nbsp;Making Money with Red Teaming<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Corporate Red Teaming<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Consultant Red Teaming<br>&nbsp;&nbsp;&nbsp;&nbsp;Purple Team Basics<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Purple Team Skills<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Purple Team Activities<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 7. Command and Control (C2)</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Command and Control Systems<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Metasploit<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 7-1:</strong> Creating a Shell with Metasploit<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PowerShell Empire<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Covenant<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 7-2:</strong> Using Covenant C2<br>&nbsp;&nbsp;&nbsp;&nbsp;Payload Obfuscation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;msfvenom and Obfuscation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 7-3:</strong> Obfuscating Payloads with msfvenom<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Creating C# Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 7-4:</strong> Compiling and Testing C# Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Creating Go Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 7-5:</strong> Compiling and Testing Go Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Creating Nim Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n
bsp;&nbsp;&nbsp;<strong>Lab 7-6:</strong> Compiling and Testing Nim Launchers<br>&nbsp;&nbsp;&nbsp;&nbsp;Network Evasion<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Encryption<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Alternate Protocols<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;C2 Templates<br>&nbsp;&nbsp;&nbsp;&nbsp;EDR Evasion<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Killing EDR Products<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Bypassing Hooks<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading</p><p><strong>Chapter 8. Building a Threat Hunting Lab</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Threat Hunting and Labs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Options of Threat Hunting Labs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Method for the Rest of this Chapter<br>&nbsp;&nbsp;&nbsp;&nbsp;Basic Threat Hunting Lab: DetectionLab<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Prerequisites<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-1:</strong> Install the Lab on Your Host<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-2:</strong> Install the Lab in the Cloud<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-3:</strong> Looking Around the Lab<br>&nbsp;&nbsp;&nbsp;&nbsp;Extending Your Lab<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;HELK<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-4:</strong> Install HELK<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-5:</strong> Install Winlogbeat<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-6:</strong> Kibana Basics<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 8-7:</strong> Mordor<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 9. Introduction to Threat Hunting</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Threat Hunting Basics<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Types of Threat Hunting<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Workflow of a Threat Hunt<br>&nbsp;&nbsp;&nbsp;&nbsp;Normalizing Data Sources with OSSEM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Data Sources<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;OSSEM to the Rescue<br>&nbsp;&nbsp;&nbsp;&nbsp;Data-Driven Hunts Using OSSEM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;MITRE ATT&amp;CK Framework Refresher: T1003.002<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 9-1:</strong> Visualizing Data Sources with OSSEM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 9-2:</strong> AtomicRedTeam Attacker Emulation<br>&nbsp;&nbsp;&nbsp;&nbsp;Exploring Hypothesis-Driven Hunts<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 9-3:</strong> Hypothesis that Someone Copied a SAM File<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Crawl, Walk, Run<br>&nbsp;&nbsp;&nbsp;&nbsp;Enter Mordor<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 9-4:</strong> Hypothesis that Someone Other than an Admin Launched PowerShell<br>&nbsp;&nbsp;&nbsp;&nbsp;Threat Hunter Playbook<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Departure from HELK for Now<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Spark and Jupyter<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 9-5:</strong> Automated Playbooks and Sharing of Analytics<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Part III. Hacking Systems</strong></p><p><strong>Chapter 10. Basic Linux Exploits</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Stack Operations and Function-Calling Procedures<br>&nbsp;&nbsp;&nbsp;&nbsp;Buffer Overflows<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-1:</strong> Overflowing meet.c<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Ramifications of Buffer Overflows<br>&nbsp;&nbsp;&nbsp;&nbsp;Local Buffer Overflow Exploits<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-2:</strong> Components of the Exploit<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-3:</strong> Exploiting Stack Overflows from the Command Line<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-4:</strong> Writing the Exploit with Pwntools<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-5:</strong> Exploiting Small Buffers<br>&nbsp;&nbsp;&nbsp;&nbsp;Exploit Development Process<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 10-6:</strong> Building Custom Exploits<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading</p><p><strong>Chapter 11. Advanced Linux Exploits</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 11-1:</strong> Vulnerable Program and Environment Setup<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 11-2:</strong> Bypassing Non-Executable Stack (NX) with Return-Oriented Programming (ROP)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 11-3:</strong> Defeating Stack Canaries<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 11-4:</strong> ASLR Bypass with an Information Leak<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 11-5:</strong> PIE Bypass with an Information Leak<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 12. Linux Kernel Exploits</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-1:</strong> Environment Setup and Vulnerable procfs Module<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-2:</strong> ret2usr<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-3:</strong> Defeating Stack Canaries<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-4:</strong> Bypassing Supervisor Mode Execution Protection (SMEP) and Kernel Page-Table Isolation (KPTI)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-5:</strong> Bypassing Supervisor Mode Access Prevention (SMAP)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 12-6:</strong> Defeating Kernel Address Space Layout Randomization (KASLR)<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 13. Basic Windows Exploitation</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Compiling and Debugging Windows Programs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 13-1:</strong> Compiling on Windows<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Debugging on Windows with Immunity Debugger<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 13-2:</strong> Crashing the Program<br>&nbsp;&nbsp;&nbsp;&nbsp;Writing Windows Exploits<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Exploit Development Process Review<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 13-3:</strong> Exploiting ProSSHD Server<br>&nbsp;&nbsp;&nbsp;&nbsp;Understanding Structured Exception Handling<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Understanding and Bypassing Common Windows Memory Protections<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Safe Structured Exception Handling<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Bypassing SafeSEH<br>&nbsp;&nbsp;&nbsp;&nbsp;Data Execution Prevention<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Return-Oriented Programming<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Gadgets<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Building the ROP Chain<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 14. Windows Kernel Exploitation</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;The Windows Kernel<br>&nbsp;&nbsp;&nbsp;&nbsp;Kernel Drivers<br>&nbsp;&nbsp;&nbsp;&nbsp;Kernel Debugging<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-1:</strong> Setting Up Kernel Debugging<br>&nbsp;&nbsp;&nbsp;&nbsp;Picking a Target<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-2:</strong> Obtaining the Target Driver<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-3:</strong> Reverse Engineering the Driver<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-4:</strong> Interacting with the Driver<br>&nbsp;&nbsp;&nbsp;&nbsp;Token Stealing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-5:</strong> Arbitrary Pointer Read/Write<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 14-6:</strong> Writing a Kernel Exploit<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 15. PowerShell Exploitation</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Why PowerShell<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Living off the Land<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PowerShell Logging<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;PowerShell Portability<br>&nbsp;&nbsp;&nbsp;&nbsp;Loading PowerShell Scripts<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-1:</strong> The Failure Condition<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-2:</strong> Passing Commands on the Command Line<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-3:</strong> Encoded Commands<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-4:</strong> Bootstrapping via the Web<br>&nbsp;&nbsp;&nbsp;&nbsp;Exploitation and Post-Exploitation with PowerSploit<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-5:</strong> Setting Up PowerSploit<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-6:</strong> Running Mimikatz Through PowerShell<br>&nbsp;&nbsp;&nbsp;&nbsp;Using
PowerShell Empire for C2<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-7:</strong> Setting Up Empire<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-8:</strong> Staging an Empire C2<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-9:</strong> Using Empire to Own the System<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 15-10:</strong> Using WinRM to Launch Empire<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;Reference</p><p><strong>Chapter 16. Getting Shells Without Exploits</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Capturing Password Hashes<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Understanding LLMNR and NBNS<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Understanding Windows NTLMv1 and NTLMv2 Authentication<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Using Responder<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-1:</strong> Getting Passwords with Responder<br>&nbsp;&nbsp;&nbsp;&nbsp;Using Winexe<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-2:</strong> Using Winexe to Access Remote Systems<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-3:</strong> Using Winexe to Gain Elevated Privileges<br>&nbsp;&nbsp;&nbsp;&nbsp;Using WMI<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-4:</strong> Querying System Information with WMI<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-5:</strong> Executing Commands with WMI<br>&nbsp;&nbsp;&nbsp;&nbsp;Taking Advantage of WinRM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-6:</strong> Executing Commands with WinRM<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 16-7:</strong> Using Evil-WinRM to Execute Code<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;Reference</p><p><strong>Chapter 17. Post-Exploitation in Modern Windows Environments</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Post-Exploitation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Host Recon<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-1:</strong> Using whoami to Identify Privileges<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-2:</strong> Using Seatbelt to Find User Information<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-3:</strong> System Recon with PowerShell<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-4:</strong> System Recon with Seatbelt<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-5:</strong> Getting Domain Information with PowerShell<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-6:</strong> Using PowerView for AD Recon<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-7:</strong> Gathering AD Data with SharpHound<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Escalation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-8:</strong> Profiling Systems with winPEAS<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-9:</strong> Using SharpUp to Escalate Privileges<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-10:</strong> Searching for Passwords in User Objects<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-11:</strong> Abusing Kerberos to Gather Credentials<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-12:</strong> Abusing Kerberos to Escalate Privileges<br>&nbsp;&nbsp;&nbsp;&nbsp;Active Directory Persistence<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-13:</strong> Abusing AdminSDHolder<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 17-14:</strong> Abusing SIDHistory<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading</p><p><strong>Chapter 18. Next-Generation Patch Exploitation</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Introduction to Binary Diffing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Application Diffing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Patch Diffing<br>&nbsp;&nbsp;&nbsp;&nbsp;Binary Diffing Tools<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;BinDiff<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;turbodiff<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 18-1:</strong> Our First Diff<br>&nbsp;&nbsp;&nbsp;&nbsp;Patch Management Process<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Microsoft Patch Tuesday<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Obtaining and Extracting Microsoft Patches<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Part IV. Hacking IoT</strong></p><p><strong>Chapter 19. Internet of Things to Be Hacked</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Internet of Things (IoT)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Types of Connected Things<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Wireless Protocols<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Communication Protocols<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Security Concerns<br>&nbsp;&nbsp;&nbsp;&nbsp;Shodan IoT Search Engine<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Web Interface<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Shodan Command-Line Interface<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 19-1:</strong> Using the Shodan Command Line<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Shodan API<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 19-2:</strong> Testing the Shodan API<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 19-3:</strong> Playing with MQTT<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Implications of this Unauthenticated Access to MQTT<br>&nbsp;&nbsp;&nbsp;&nbsp;IoT Worms: It Was a Matter of Time<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Prevention<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 20. Dissecting Embedded Devices</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;CPU<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Microprocessor<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Microcontrollers<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;System on Chip<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Common Processor Architectures<br>&nbsp;&nbsp;&nbsp;&nbsp;Serial Interfaces<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;UART<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SPI<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;I<sup>2</sup>C<br>&nbsp;&nbsp;&nbsp;&nbsp;Debug Interfaces<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;JTAG<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;SWD<br>&nbsp;&nbsp;&nbsp;&nbsp;Software<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Bootloader<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;No Operating System<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Real-Time Operating System<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;General Operating System<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 21. Exploiting Embedded Devices</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Static Analysis of Vulnerabilities in Embedded Devices<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 21-1:</strong> Analyzing the Update Package<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 21-2:</strong> Performing Vulnerability Analysis<br>&nbsp;&nbsp;&nbsp;&nbsp;Dynamic Analysis with Hardware<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The Test Environment Setup<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Ettercap<br>&nbsp;&nbsp;&nbsp;&nbsp;Dynamic Analysis with Emulation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;FirmAE<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 21-3:</strong> Setting Up FirmAE<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 21-4:</strong> Emulating Firmware<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 21-5:</strong> Exploiting Firmware<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 22. Software-Defined Radio</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Getting Started with SDR<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;What to Buy<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Not So Quick: Know the Rules<br>&nbsp;&nbsp;&nbsp;&nbsp;Learn by Example<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Search<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Capture<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Replay<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Analyze<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Preview<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Execute<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;For Further Reading</p><p><strong>Part V. Hacking Hypervisors</strong></p><p><strong>Chapter 23. Hypervisors 101</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;What Is a Hypervisor?<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Popek and Goldberg Virtualization Theorems<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Goldberg’s Hardware Virtualizer<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Type-1 and Type-2 VMMs<br>&nbsp;&nbsp;&nbsp;&nbsp;x86 Virtualization<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Dynamic Binary Translation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Ring Compression<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Shadow Paging<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Paravirtualization<br>&nbsp;&nbsp;&nbsp;&nbsp;Hardware Assisted Virtualization<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&nbsp;VMX<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;EPT<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 24. Creating a Research Framework</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Hypervisor Attack Surface<br>&nbsp;&nbsp;&nbsp;&nbsp;The Unikernel<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-1:</strong> Booting and Communication<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-2:</strong> Communication Protocol<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Boot Message Implementation<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Handling Requests<br>&nbsp;&nbsp;&nbsp;&nbsp;The Client (Python)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Communication Protocol (Python)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-3:</strong> Running the Guest (Python)<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-4:</strong> Code Injection (Python)<br>&nbsp;&nbsp;&nbsp;&nbsp;Fuzzing<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;The Fuzzer Base Class<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-5:</strong> IO-Ports Fuzzer<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-6:</strong> MSR Fuzzer<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 24-7:</strong> Exception Handling<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Fuzzing Tips and Improvements<br>&nbsp;&nbsp;&nbsp;&nbsp;Summary<br>&nbsp;&nbsp;&nbsp;&nbsp;References</p><p><strong>Chapter 25. Inside Hyper-V</strong><br>&nbsp;&nbsp;&nbsp;&nbsp;Environment Setup<br>&nbsp;&nbsp;&nbsp;&nbsp;Hyper-V Architecture<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Hyper-V Components<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Virtual Trust Levels<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Generation-1 VMs<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<strong>Lab 25-1:</strong> Scanning PCI Devices in a Generation-1 V

Managementboek Top 100

Bekijk de volledige Managementboek Top 100

Rubrieken

Uw cookie-instellingen
Deze website maakt gebruik van verschillende soorten cookies. Sommige cookies worden geplaatst door diensten van derden die op onze pagina's worden weergegeven. Om deze externe content te kunnen tonen is nodig dat u toestemming geeft voor het zetten van persoonlijke en marketingcookies. U kunt uw toestemming op elk moment wijzigen of intrekken. In onze cookieverklaring vindt u meer informatie.

    Personen

      Trefwoorden

        Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition

        Recensiebeleid
        AI-book

        Wat is een AI-book?

        Een AI-book is niet een boek dat geschreven is door AI maar een boek dat verrijkt is met AI. Het maakt de inhoud van een boek interactief via WhatsApp, zodat je ermee kunt chatten. Zie het als een razend slimme assistent die het boek perfect begrijpt en er alles uit onthouden heeft. Jij kunt deze assistent alles vragen. Vraag bijvoorbeeld hoe je iets kunt toepassen op jouw persoonlijke situatie, om een korte samenvatting, of wat de belangrijkste inzichten zijn. AI-books zijn alleen te gebruiken via WhatsApp, je hoeft er geen aparte app voor te installeren.
        Meer informatie over AI-books

        ?

        Geef uw beoordeling

        Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition

        Verwijder uw beoordeling