Penetration Testing with Shellcode: Detect, exploit, and secure network-level and operating system vulnerabilities

Penetration Testing with Shellcode: Detect, exploit, and secure network-level and operating system vulnerabilities

作者: Hamza Megahed
出版社: Packt Publishing
出版在: 2018-02-15
ISBN-13: 9781788473736
ISBN-10: 1788473736
裝訂格式: Paperback
總頁數: 346 頁





內容描述


Master Shellcode to leverage the buffer overflow conceptKey FeaturesUnderstand how systems can be bypassed both at the operating system and network level with shellcode, assembly, and MetasploitLearn to write and modify 64-bit shellcode along with kernel-level shellcode conceptsA step-by-step guide that will take you from low-level security skills to covering loops with shellcodeBook DescriptionSecurity has always been a major concern for your application, your system, or your environment. This book's main goal is to build your skills for low-level security exploits, finding vulnerabilities and covering loopholes with shellcode, assembly, and Metasploit.This book will teach you topics ranging from memory management and assembly to compiling and extracting shellcode and using syscalls and dynamically locating functions in memory. This book also covers techniques to compile 64-bit shellcode for Linux and Windows along with Metasploit shellcode tools. Lastly, this book will also show you to how to write your own exploits with intermediate techniques, using real-world scenarios.By the end of this book, you will have become an expert in shellcode and will understand how systems are compromised both at the operating system and network level.What you will learnCreate an isolated lab to test and inject shellcodes (Windows and Linux).Understand both Windows and Linux behavior.Learn the assembly programming language.Create shellcode using assembly and Metasploit.Detect buffer overflows.Debug and reverse-engineer using tools such as GDB, edb, and Immunity (Windows and Linux).Exploit development and shellcodes injections (Windows & Linux).Prevent and protect against buffer overflows and heap corruption.Who This Book Is ForThis book is intended to be read by penetration testers, malware analysts, security researchers, forensic practitioners, exploit developers, C language programmers, software testers, and students in the security field.Readers should have a basic understanding of OS internals (Windows and Linux). Some knowledge of the C programming language is essential, and a familiarity with the Python language would be helpful.Table of ContentsIntroductionLab SetupAssembly Language in LinuxReverse EngineeringCreating ShellcodeBuffer Overflow AttacksExploit Development - Part 1Exploit Development - Part 2Real World scenarios part 1Real World scenarios part 2Real World scenarios part 3Detection and Prevention




相關書籍

資訊與網路安全實務

作者 黃明祥 林詠章 周永振

2018-02-15

The Hacker Playbook: Practical Guide To Penetration Testing (Paperback)

作者 Peter Kim

2018-02-15

Enterprise Software Security: A Confluence of Disciplines (Paperback)

作者 Kenneth R. van Wyk Mark G. Graff Dan S. Peters Diana L. Burley Ph.D.

2018-02-15