Writing Security Tools and Exploits
Learn to Write the Security Tools the Other Books Only Teach You to Use
Samenvatting
Exploits. In information technology circles, the term exploits has become synonymous with vulnerabilities. It is a scary word that can keep you up at night wondering if you have purchased the best firewalls configured your new host-based intrusion prevention system correctly, and patched your entire environment. It's also a topic that can enter the security water-cooler discussions faster than McAfee's new wicked antivirus software or Symantec's latest acquisition. Exploits are proof that the computer science or software programming community still does not have an understanding of how to design, create, and implement secure code.
1. Write solid Shellcode
Learn the techniques used to make the most out of vulnerabilities by employing the correct Shellcode
2. Reverse Connection Shellcode
See how reserve connection Shellcode makes a connection from a hacked system to a different system where it can be caught using network tools such as netcat
3. Buffer overflow Exploits
Find techniques to protect against buffer overflows such as allocating buffers for string operations dynamically on the heap
4. Heap Overflows
Heap overflows have become the most prominent software security bugs. See how they can have varying exploitation techniques and consequences
5. Format Strings
format string vulnerabilities occur when programmers externally supplied data to a printf function (or similar) as part of the format string
6. Race Conditions
Nearly all race condition exploits are written from a local attacker's perspective and have the potential to escalate privileges, overwrite files, or compromise protected data
7. Exploitable integer bugs
See how integer bugs are harder for a researcher to spot than stack overflow vulnerabilities and learn why the implications of integer calculation errors are less understood by developers as a whole
8. Code for Nessus
Use MASLs to check for security vulnerabilities or misconfigurations
9. Metasploit Framework (MSF)
Use MSF and its components, msfweb, msfconsole, and msfcli, as an exploitation platform
10. Meterpreter Extensions
Use the power of the Meterpreter payload system to load custom-written DLLs into an exploited process's address space
Specificaties
Inhoudsopgave
2. Assembly and Shellcode
3. Exploits: Stacks
4. Exploits: Heap
5. Exploits : Format strings
6. Writing Exploits I
7. Writing Exploits II
8. Coding for Ethernal
9. Coding for Nessus
10. Extending Metasploit I
11. Extending Metasploit II
12. Extending Metasploit III
Appendix A: Data Conversion Reference
Appendix B: Syscall Reference
Appendix C: Taps currently embedded within Ethereal
Appendix D: Glossary
Index
Anderen die dit boek kochten, kochten ook
-
Dieter Möckelmann€ 16,95 -
Erdinç Saçan€ 34,99
-
Willem Leijnse€ 72,95
-
The Open Group€ 49,00
-
Job van den Berg€ 34,95
-
Taco Oosterkamp€ 24,95
Net verschenen
Rubrieken
- aanbestedingsrecht
- aansprakelijkheids- en verzekeringsrecht
- accountancy
- algemeen juridisch
- arbeidsrecht
- bank- en effectenrecht
- bestuursrecht
- bouwrecht
- burgerlijk recht en procesrecht
- europees-internationaal recht
- fiscaal recht
- gezondheidsrecht
- insolventierecht
- intellectuele eigendom en ict-recht
- management
- mens en maatschappij
- milieu- en omgevingsrecht
- notarieel recht
- ondernemingsrecht
- pensioenrecht
- personen- en familierecht
- sociale zekerheidsrecht
- staatsrecht
- strafrecht en criminologie
- vastgoed- en huurrecht
- vreemdelingenrecht
