--------------------------------------------------------------------------------------------------------------
Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions
The latest strategies for investigating cyber-crime
Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wireless activity, and recover obscured documents. Learn how to re-create an attacker's footsteps, communicate with counsel, prepare court-ready reports, and work through legal and organizational challenges. Case studies straight from today's headlines cover IP theft, mortgage fraud, employee misconduct, securities fraud, embezzlement, organized crime, and consumer fraud cases.
* Effectively uncover, capture, and prepare evidence for investigation
* Store and process collected data in a highly secure digital forensic lab
* Restore deleted documents, partitions, user activities, and file systems
* Analyze evidence gathered from Windows, Linux, and Macintosh systems
* Use the latest Web and client-based e-mail tools to extract relevant artifacts
* Overcome the hacker's anti-forensic, encryption, and obscurity techniques
* Unlock clues stored in cell phones, PDAs, and Windows Mobile devices
* Prepare legal documents that will hold up to judicial and defense scrutiny
-----------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions
# Establish business relevance and context for security by highlighting real-world risks
# Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided
# Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries,
and Google searches to locate vulnerable Windows systems
# Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques
# Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing,
rogue server/man-in-the-middle attacks, and cracking vulnerable services
# See up close how professional hackers reverse engineer and develop new Windows exploits
# Identify and eliminate rootkits, malware, and stealth software
# Fortify SQL Server against external and insider attacks
# Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats
# Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control,
the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
-----------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed: Web Applications, 3rd Edition By Joel Scambray, Vincent Liu, Caleb Sima MG-H, 3rd Edition 2011 | 482 Pages | ISBN: 0071740643 | PDF | 7 MB
The latest Web app attacks and countermeasures from world-renowned practitioners Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource.
* Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster * See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation * Understand how attackers defeat commonly used Web authentication technologies * See how real-world session attacks leak sensitive data and how to fortify your applications * Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques * Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments * Safety deploy XML, social networking, cloud computing, and Web 2.0 services * Defend against RIA, Ajax, UGC, and browser-based, client-side exploits * Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures
------------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed: Network Security Secrets and Solutions
Publisher: McGraw-Hill Osborne Media | ISBN: 0071613749 | edition 2009 | PDF | 720 pages | 14,8 mb
Meet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal. New and updated material:
- New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
- Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
- The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits...
-------------------------------------------------------------------------------------------------------------------------------
SIZE 4.9 Mb
Number Of Pages: 400
Publication Date: 2010
ISBN-10 / ASIN: 0071591184
ISBN-13 / EAN: 9780071591188
Publisher:McGraw-Hill Osborne Media
"A harrowing guide to where the bad guys hide, and how you can find them." --Dan Kaminsky, Director of Penetration Testing, IOActive
"An amazing resource. It is timely, focused, and what we need to better understand and defend against one of the greatest cyber threats we face." --From the Foreword by Lance Spitzner, President of the Honeynet Project
Don't let another machine become a zombie in the malware army
Defend against the ongoing wave of malware and rootkit assaults the failsafe Hacking Exposed way. Real-world case studies and examples reveal how today's hackers use readily available tools to infiltrate and hijack systems. Step-by-step countermeasures provide proven prevention techniques. Find out how to detect and eliminate malicious embedded code, block pop-ups and websites, prevent keylogging, and terminate rootkits. The latest intrusion detection, firewall, honeynet, antivirus, anti-rootkit, and anti-spyware technologies are covered in detail.
• Understand how malware infects, survives, and propagates across an enterprise
• Learn how hackers use archivers, encryptors, and packers to obfuscate code
• Implement effective intrusion detection and prevention procedures
• Defend against keylogging, redirect, click fraud, and identity theft threats
• Detect, kill, and remove virtual, user-mode, and kernel-mode rootkits
• Prevent malicious website, phishing, client-side, and embedded-code exploits
• Protect hosts using the latest antivirus, pop-up blocker, and firewall software
• Identify and terminate malicious processes using HIPS and NIPS
-------------------------------------------------------------------------------------------------------------------------------------
This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook
• Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
• Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
• Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
• Circumvent XXE, directory traversal, and buffer overflow exploits
• Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
• Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
• Use input validators and XML classes to reinforce ASP and .NET security
• Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
• Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
• Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks