Network Security Tools. Writing, Hacking, and Modifying Security Tools Nitesh Dhanjani, Justin Clarke

Network Security Tools. Writing, Hacking, and Modifying Security Tools Nitesh Dhanjani, Justin Clarke - okladka książki

Autorzy:: Nitesh Dhanjani, Justin Clarke
Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 344
Dostępne formaty:: ePub

Mobi

Ebook

92,65 zł ~~109,00 zł~~ (-15%)

29,90 zł najniższa cena z 30 dni

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

Poleć tę książkę znajomemu Poleć tę książkę znajomemu!!

Przenieś na półkę

Do przechowalni

Zostało Ci na świąteczne zamówienie

opcje wysyłki »

Najczęściej kupowane razem

Network Security Tools. Writing, Hacking, and Modifying Security Tools Nitesh Dhanjani, Justin Clarke

Hacking: The Next Generation. The Next Generation Nitesh Dhanjani, Billy Rios, Brett Hardin

Abusing the Internet of Things. Blackouts, Freakouts, and Stakeouts Nitesh Dhanjani

Cena zestawu: 345.95 zł

Zyskujesz: 61.05 zł (-15%)

Dodaj do koszyka

If you're an advanced security professional, then you know that the battle to protect online privacy continues to rage on. Security chat rooms, especially, are resounding with calls for vendors to take more responsibility to release products that are more secure. In fact, with all the information and code that is passed on a daily basis, it's a fight that may never end. Fortunately, there are a number of open source security tools that give you a leg up in the battle.Often a security tool does exactly what you want, right out of the box. More frequently, you need to customize the tool to fit the needs of your network structure. Network Security Tools shows experienced administrators how to modify, customize, and extend popular open source security tools such as Nikto, Ettercap, and Nessus.This concise, high-end guide discusses the common customizations and extensions for these tools, then shows you how to write even more specialized attack and penetration reviews that are suited to your unique network environment. It also explains how tools like port scanners, packet injectors, network sniffers, and web assessment tools function.Some of the topics covered include:

Writing your own network sniffers and packet injection tools
Writing plugins for Nessus, Ettercap, and Nikto
Developing exploits for Metasploit
Code analysis for web applications
Writing kernel modules for security applications, and understanding rootkits

While many books on security are either tediously academic or overly sensational, Network Security Tools takes an even-handed and accessible approach that will let you quickly review the problem and implement new, practical solutions--without reinventing the wheel. In an age when security is critical, Network Security Tools is the resource you want at your side when locking down your network.

Wybrane bestsellery

Ebooka "Network Security Tools. Writing, Hacking, and Modifying Security Tools" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Oceny i opinie klientów: Network Security Tools. Writing, Hacking, and Modifying Security Tools Nitesh Dhanjani, Justin Clarke

(0)

Szczegóły książki

ISBN Ebooka:: 978-14-919-4741-8, 9781491947418
Data wydania ebooka :: 2005-04-04 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: angielski
Rozmiar pliku ePub:: 2MB
Rozmiar pliku Mobi:: 4.9MB

Zgłoś erratę

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Hacking » Inne
Informatyka » Hacking » Bezpieczeństwo sieci
Informatyka » Sieci komputerowe » Budowa sieci
Informatyka » Sieci komputerowe » Konfiguracja sieci

Dostępność produktu

Produkt nie został jeszcze oceniony pod kątem ułatwień dostępu lub nie podano żadnych informacji o ułatwieniach dostępu lub są one niewystarczające. Prawdopodobnie Wydawca/Dostawca jeszcze nie umożliwił dokonania walidacji produktu lub nie przekazał odpowiednich informacji na temat jego dostępności.

Spis treści książki

Network Security Tools
A Note Regarding Supplemental Files
Preface
- Audience
- Assumptions This Book Makes
- Contents of This Book
- Conventions Used in This Book
- Using Code Examples
- Wed Like to Hear from You
- Safari Enabled
- Acknowledgments
I. Modifying and Hacking Security Tools
- 1. Writing Plug-ins for Nessus
  - The Nessus Architecture
  - Installing Nessus
  - Using Nessus
  - The NASL Interpreter
  - Hello World
  - Datatypes and Variables
    - Numbers
    - Strings
    - Arrays and Hashes
    - Local and Global Variables
  - Operators
    - Arithmetic Operators
    - Comparison Operators
    - Assignment Operators
  - if...else
  - Loops
    - for
    - foreach
    - repeat...until
    - while
  - Functions
  - Predefined Global Variables
    - TRUE and FALSE
    - NULL
    - Script Categories
    - Network Encapsulation
  - Important NASL Functions
    - Strings
      - Simple string manipulation functions
      - Finding and replacing strings
      - Conversions
    - Plug-in Descriptions
    - Knowledge Base
    - Reporting Functions
  - Nessus Plug-ins
    - Probing for Anonymous FTP Access
    - Using Packet Forgery to Perform a Teardrop Attack
    - Scanning for CGI Vulnerabilities
    - Probing for VNC Servers
    - Installing Your Own Plug-in
- 2. Developing Dissectors and Plug-ins for the Ettercap Network Sniffer
  - Installing and Using Ettercap
  - Writing an Ettercap Dissector
    - Overview of FTP Authentication
    - The FTP Password Dissector
  - Writing an Ettercap Plug-in
    - The find_tcp_conn Plug-in
    - find_tcp_conn.c
- 3. Extending Hydra and Nmap
  - Extending Hydra
    - Overview of Hydra
    - Overview of SMTP Authentication
    - Adding Additional Protocols to Hydra
    - Implementing SMTP-AUTH in Hydra
    - Complete Source to hydra-smtpauth.c
    - Quick Reference to Hydra Functions
      - void hydra_child_exit(int code)
      - void hydra_register_socket(int sock)
      - char *hydra_get_next_pair( )
      - char *hydra_get_next_login( )
      - char *hydra_get_next_password( )
      - void hydra_completed_pair( )
      - void hydra_completed_pair_found( )
      - void hydra_report_found(int port, char *svc, FILE *fp)
      - void hydra_report_found_host (int port, unsigned int ip, char *svc, FILE *fp)
      - void hydra_report_found_host_msg (int port, unsigned int ip, char *svc, FILE *fp, char *msg)
      - int hydra_connect_tcp(unsigned long int host, int port)
      - int hydra_connect_ssl(unsigned long int host, int port)
      - int hydra_connect_udp(unsigned long int host, int port)
      - int hydra_disconnect(int socket)
      - int hydra_data_ready_writing_timed(int socket, long sec, long usec)
      - int hydra_data_ready_writing(int socket)
      - int hydra_data_ready_timed(int socket, long sec, long usec)
      - int hydra_data_ready(int socket)
      - int hydra_recv(int socket, char *buf, int length)
      - char *hydra_receive_line(int socket)
      - int hydra_send(int socket, char *buf, int size, int options)
      - int make_to_lower(char *buf)
      - unsigned char hydra_conv64(unsigned char in)
      - void hydra_tobase64(unsigned char *buf)
      - void hydra_dump_asciihex(unsigned char *string, int length)
  - Adding Service Signatures to Nmap
    - The nmap-service-probes File
      - Probes
      - Matches
      - Soft matches
      - ports
      - sslports
      - totalwaitms
- 4. Writing Plug-ins for the Nikto Vulnerability Scanner
  - Installing Nikto
  - Using Nikto
  - Nikto Under the Hood
    - Niktos Program Flow
    - Niktos Plug-in Interface
  - Existing Nikto Plug-ins
  - Adding Custom Entries to the Plug-in Databases
    - .db Files Associated with the nikto_core Plug-in
    - outdated.db for the nikto_outdated Plug-in
    - realms.db for the nikto_realms Plug-in
    - server_msgs.db for the nikto_msgs Plug-in
  - Using LibWhisker
  - Writing an NTLM Plug-in for Brute-Force Testing
  - Writing a Standalone Plug-in to Attack Lotus Domino
- 5. Writing Modules for the Metasploit Framework
  - Introduction to MSF
  - Overview of Stack Buffer Overflows
    - Memory Segments and Layout
    - How a Buffer Overflows and Why It Matters
    - Shellcode
    - Putting It All Together: Exploiting a Program
  - Writing Exploits for MSF
  - Writing a Module for the MnoGoSearch Overflow
    - Setting Up the Bug
    - The Evolution of a Working Exploit Module
  - Writing an Operating System Fingerprinting Module for MSF
    - Operating System Fingerprinting and p0f
    - Setting Up and Modifying p0f
    - Writing the p0f_socket Module
- 6. Extending Code Analysis to the Webroot
  - Attacking Web Applications at the Source
    - Scope of a Web Application
    - Symptomatic Code Approach
    - Symptom Code
    - User-Controllable Input
  - Toolkit 101
    - Symptom Code Databases
  - PMD
    - PMD Rulesets
    - Installing and Running PMD
  - Extending PMD
    - Objectives
    - Code Walkthrough
      - ASTCompilationUnit
      - ASTClassBodyDeclaration
      - ASTMethodDeclaration
      - ASTMethodDeclarator
      - ASTAdditiveExpression
      - Data tracing
    - SqlInjectionExample.java
    - DynSqlSelectStmts.java
    - dynamicsql.xml
II. Modifying and Hacking Security Tools
- 7. Fun with Linux Kernel Modules
  - Hello World
    - hello_world.c
    - Compiling and Testing hello_world
  - Intercepting System Calls
    - The System Call Table
    - strace Is Your Friend
    - Forcing Access to sys_call_table
      - intercept_open.c
      - Compiling and testing intercept_open
    - Intercepting sys_unlink( ) Using System.map
      - intercept_unlink.c
      - Compiling and testing intercept_unlink
    - Intercepting sys_exit( ) in 2.4 Kernels
      - intercept_exit.c
      - Compiling and testing intercept_exit
  - Hiding Processes
    - hidepid.c
    - Compiling and Testing hidepid
  - Hiding from netstat
    - hide_sshd.c
    - Compiling and Testing hide_sshd
- 8. Developing Web Assessment Tools and Scripts
  - Web Application Environment
    - HTTP
    - SSL
    - Perl and LWP
    - Web Application Vulnerabilities
  - Designing the Scanner
    - Functional Requirements
    - Scanner Design
      - parseLog.pl
      - simpleScanner.pl
    - Generating Test Data
  - Building the Log Parser
  - Building the Scanner
    - Printing Output
      - printReport subroutine
    - Parsing the Input File
    - Making an HTTP Request
      - makeRequest subroutine
    - Parameter-Based Testing
      - sqlTest subroutine
      - xssTest subroutine
    - Directory-Based Testing
      - dirList subroutine
      - dirPut subroutine
  - Using the Scanner
  - Complete Source Code
    - simpleScanner.pl
    - parseLog.pl
- 9. Automated Exploit Tools
  - SQL Injection Exploits
    - Exploit Categories
    - Exploit Techniques
      - Error-based SQL injection
      - Blind SQL injection
  - The Exploit Scanner
    - Exploit Logic
    - The Code
      - sqlOrTest subroutine
      - sqlBlindColumnTest subroutine
      - sqlBlindDataTypeTest subroutine
      - sqlUnionTest subroutine
      - sqlColumnTest subroutine
      - sqlDataTypeTest subroutine
  - Using the Scanner
- 10. Writing Network Sniffers
  - Introduction to libpcap
    - Why Use libpcap?
    - Installing libpcap
  - Getting Started with libpcap
    - Overview of Arpsniff
    - Identify the Network Interface
    - Open the Network Interface
    - Configure Packet-Capture Options
    - Capture and Process Packets
    - Close Down
    - Arpsniff
  - libpcap and 802.11 Wireless Networks
    - 802.11 Monitor Mode
    - Adapting Arpsniff to 802.11
  - libpcap and Perl
    - Arpsniff in Perl
  - libpcap Library Reference
    - Lookup Functions
      - pcap_lookupdev
      - pcap_findalldevs
      - pcap_lookupnet
      - pcap_freealldevs
    - Packet-Capture Functions
      - pcap_open_live
      - pcap_next
      - pcap_next_ex
      - pcap_loop
      - pcap_dispatch
      - pcap_setnonblock
      - pcap_getnonblock
      - pcap_set_datalink
      - pcap_compile
      - pcap_compile_nopcap
      - pcap_setfilter
      - pcap_freecode
      - pcap_breakloop
      - pcap_fileno
      - pcap_close
      - pcap_open_dead
    - Save and Dump File Functions
      - pcap_open_offline
      - pcap_dump_open
      - pcap_dump
      - pcap_dump_close
      - pcap_dump_flush
      - pcap_major_version
      - pcap_minor_version
      - pcap_file
      - pcap_is_swapped
    - Status Functions
      - pcap_datalink
      - pcap_list_datalinks
      - pcap_snapshot
      - pcap_stats
      - pcap_lib_version
      - pcap_datalink_name_to_val
      - pcap_datalink_val_to_name
      - pcap_datalink_val_to_description
    - Error-Handling Functions
      - pcap_geterr
      - pcap_strerror
      - pcap_perror
- 11. Writing Packet-Injection Tools
  - Introduction to libnet
    - Installing libnet
  - Getting Started with libnet
    - Writing the I am Tool
    - Initializing the Session
    - Building the Protocol Blocks
    - Sending the Packet
    - Cleaning Up
    - The I am Tool Source Code
  - Advanced libnet Functions
    - Accessing Raw Packet Data
    - Context Queues
  - Combining libnet and libpcap
    - Overview of SYNplescan
    - Creating the SYN Packet
    - Capturing the Responses
    - The SYNplescan Tool Source Code
  - Introducing AirJack
    - Installing AirJack
    - Using AirJack
      - Overview of reinject
      - Using sockets with AirJack
    - The reinject Tool Source Code
Index
About the Authors
Colophon
Copyright

pokaż cały spis treści

O'Reilly Media - inne książki

Promocja

The potential of machine learning today is extraordinary, yet many aspiring developers and tech professionals find themselves daunted by its complexity. Whether you're looking to enhance your skill set and apply machine learning to real-world projects or are simply curious about how AI systems function, this book is your jumping-off place. With an
- ePub + Mobi
Hands-On Machine Learning with Scikit-Learn and PyTorch. Concepts, Tools, and Techniques to Build Intelligent Systems

Aurélien Géron

(245,65 zł najniższa cena z 30 dni)

254.15 zł ~~299.00 zł (-15%)~~
Promocja

Stuck in a coding conundrum? Whether you're an advanced beginner, an intermediate developer, or a curious newcomer, the complexities of coding can often feel like a labyrinth with no exit. With Python, however, you can start writing real code quickly—but where should you start? In this updated third edition, Bill Lubanovic acts as your personal gu
- ePub + Mobi
Introducing Python. 3rd Edition

Bill Lubanovic

(29,90 zł najniższa cena z 30 dni)

143.65 zł ~~169.00 zł (-15%)~~
Promocja

AI-assisted coding and cloud-based tools are already transforming how modern applications are built. Bolt.new, a powerful in-browser AI agent from StackBlitz, streamlines the development process, allowing you to prototype quickly, debug intelligently, and launch confidently—no local setup required. Whether you're new to full stack development or lo
- ePub + Mobi
Building Web Apps with Bolt. Unlock the Future of AI-First Development

Addy Osmani

(29,90 zł najniższa cena z 30 dni)

169.14 zł ~~199.00 zł (-15%)~~
Promocja

AI is transforming software development, shifting programmers from writing code to collaborating with AI in an intent-driven workflow. Vibe coding—a prompt-first, exploratory approach where you describe what you want in natural language and let a large language model fill in the blanks—represents a radical shift in the developer's role from writing
- ePub + Mobi
Beyond Vibe Coding. From Coder to AI-Era Developer

Addy Osmani

(29,90 zł najniższa cena z 30 dni)

203.15 zł ~~239.00 zł (-15%)~~
Promocja

Whether it's to adhere to regulations, access markets by meeting specific standards, or devise data analytics and AI strategies, companies today are busy implementing metadata repositories—metadata tools about the data, information, and knowledge in your company. Until now, most of these repositories have been implemented in isolation from one anot
- ePub + Mobi
Fundamentals of Metadata Management. Uncover the Meta Grid and Unlock IT, Data, Information, and Knowledge Management

Ole Olesen-Bagneux

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

In today's environment of partial attention and isolating remote work, few things are more satisfying than group experiences that produce powerful, meaningful connections and output. But this kind of enlivening, collective work doesn't happen by chance. It must be consciously designed and purposefully activated--;in a team, an organization, and a c
- ePub + Mobi
Gamestorming 2.0. An Updated Playbook for Innovators, Rule Breakers, and Changemakers

Dave Gray, Sunni Brown

(29,90 zł najniższa cena z 30 dni)

143.65 zł ~~169.00 zł (-15%)~~
Promocja

Feeling overwhelmed by the volume of data in your research? Sifting through massive amounts of data to find useful insights is becoming increasingly difficult in drug discovery, genetics, and healthcare. Enter the era of generative AI with LangChain, whose groundbreaking tools are changing the way life scientists and researchers operate. In this g
- ePub + Mobi
LangChain for Life Sciences and Healthcare. Innovation Through LLMs and Generative AI Agents

Ivan Reznikov

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

An application programming interface (API) enables data exchange in systems such as web applications, microservices, and IoT devices. In this hands-on book, authors Lukasz Dynowski and Marcin Dulak show software developers and architects how to design and implement REST, GraphQL, gRPC, webhooks, WebSocket, messaging APIs, and more. This book look
- ePub + Mobi
Learning API Styles. Understanding the Trade-Offs of Common APIs and Choosing the Correct Solutions

Lukasz Dynowski, Marcin Dulak

(29,90 zł najniższa cena z 30 dni)

203.15 zł ~~239.00 zł (-15%)~~
Promocja

Here's the thing about large language models: they don't play by the old rules. Traditional MLOps completely falls apart when you're dealing with GenAI. The model hallucinates, security assumptions crumble, monitoring breaks, and agents can't operate. Suddenly you're in uncharted territory. That's exactly why LLMOps has emerged as its own disciplin
- ePub + Mobi
LLMOps. Managing Large Language Models in Production

Abi Aryan

(29,90 zł najniższa cena z 30 dni)

228.65 zł ~~269.00 zł (-15%)~~
Promocja

The CEH exam is not an enjoyable undertaking. This grueling, exhaustive, challenging, and taxing exam will either leave you better prepared to be the best cyber security professional you can be. But preparing for the exam itself needn't be that way. In this book, IT security and education professional Matt Walker will not only guide you through ev
- ePub + Mobi
Certified Ethical Hacker (CEH) Study Guide. In-Depth Guidance and Practice

Matt Walker

(29,90 zł najniższa cena z 30 dni)

186.15 zł ~~219.00 zł (-15%)~~

Zamknij