A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
TJ O’Connor
Purchase Now !
Just with Paypal
Just with Paypal
Book Details
Price
|
2.00 |
|---|---|
Pages
| 377 p |
File Size
|
1,529 KB |
File Type
|
PDF format |
ISBN
| 978-1-59749-957-6 |
Copyright©
| 2013 Elsevier, Inc |
TJ O’Connor is a Department of Defense expert on information security
and a US Army paratrooper. While assigned as an assistant professor at
the US Military Academy, TJ taught undergraduate courses on forensics,
exploitation and information assurance. He twice co-coached the
winning team at the National Security Agency’s annual Cyber Defense
Exercise and won the National Defense University’s first annual Cyber
Challenge. He has served on multiple red teams, including twice on the
Northeast Regional Team for the National Collegiate Cyber Defense Competition.
TJ holds a Master of Science degree in Computer Science from
North Carolina State, a Master of Science degree in Information Security
Engineering from the SANS Technical Institute, and a Bachelor of
Science degree in Computer Science from the US Military Academy. He
has published technical research at USENIX workshops, ACM
conferences, security conferences, the SANS Reading Room, the Internet
Storm Center, the Army Magazine, and the Armed Forces Journal. He
holds expert cyber security credentials, including the prestigious GIAC
Security Expert (GSE) and Offensive Security Certified Expert (OSCE). TJ
is a member of the elite SANS Red and Blue Team Cyber Guardians.
Contributing Author Bio – Rob Frost
Robert Frost graduated from the United States Military Academy in
2011, commissioning into the Army Signal Corps. He holds a Bachelor of
Science degree in Computer Science with honors, with his thesis work
focusing on open-source information-gathering. Rob was individually
recognized as one of the top two members of the national championship
team for the 2011 Cyber Defense Exercise due to his ability to circumvent rules.
Rob has participated in and won several cyber security competitions.
Technical Editor Bio – Mark Baggett
Mark Baggett is a Certified SANS Instructor, where he teaches several
courses in SANS penetration-testing curriculum. Mark is the primary
consultant and founder of In Depth Defense, Inc., which provides
incident-response and penetration-testing services. Today, in his role as
the technical advisor to the Department of Defense for SANS, Mark is
focused on the practical application of SANS resources in the
development of military capabilities.
Mark has held a variety of positions in information security for large
international and Fortune 1000 companies. He has been a software
developer, a network and systems engineer, a security manager, and a
CISO. As a CISO, Mark was responsible for policy, compliance, incident
response, and all other aspects of information security operations. Mark
knows firsthand the challenges that information security professionals
face today in selling, implementing, and supporting information security.
Mark is an active member of the information security community and
the founding president of the Greater Augusta ISSA. He holds several
certifications, including SANS’ prestigious GSE. Mark blogs about various
security topics at http://www.pauldotcom.com.
Introduction
Python is a hacker’s language. With its decreased complexity, increased
efficiency, limitless third-party libraries, and low bar to entry, Python
provides an excellent development platform to build your own offensive
tools. If you are running Mac OS X or Linux, odds are it is already
installed on your system. While a wealth of offensive tools already exist,
learning Python can help you with the difficult cases where those tools fail.
Table of Contents
Cover image
Title page
Copyright
Trade marks
Acknowledgements
Dedication
Lead Author – TJ O’Connor
Contributing Author Bio – Rob Frost
Technical Editor Bio – Mark Baggett
Introduction
TARGET AUDIENCE
ORGANIZATION OF THE BOOK
COMPANION WEB SITE
Chapter 1. Introduction
Introduction: A Penetration Test with Python
Setting Up Your Development Environment
The Python Language
Your First Python Programs
Chapter Wrap-Up
References
Chapter 2. Penetration Testing with Python
Introduction: The Morris Worm—Would it Work Today?
Building a Port Scanner
Building an SSH BotNet with Python
Mass Compromise by Bridging FTP and Web
Conficker, Why Trying Hard is Always Good Enough
Writing Your Own Zero-Day Proof of Concept Code
Chapter Wrap Up
References
Chapter 3. Forensic Investigations with Python
Introduction: How Forensics Solved the BTK Murders
Where Have You Been?—Analysis of Wireless Access Points in
the Registry
Using Python to Recover Deleted Items in the Recycle Bin
Metadata
Investigating Application Artifacts with Python
Investigating iTunes Mobile Backups with Python
Chapter Wrap-Up
References
Chapter 4. Network Traffic Analysis with Python
Introduction: Operation Aurora and How the Obvious was
Missed
Where is that IP Traffic Headed?—A Python Answer
Is Anonymous Really Anonymous? Analyzing LOIC Traffic
How H D Moore Solved the Pentagon’s Dilemma
Storm’s Fast-Flux and Conficker’s Domain-Flux
Kevin Mitnick and TCP Sequence Prediction
Foiling Intrusion Detection Systems with Scapy
Chapter Wrap Up
References
Chapter 5. Wireless Mayhem with Python
Introduction: Wireless (IN)Security and the Iceman
Setting up Your Wireless Attack Environment
The Wall of Sheep—Passively Listening to Wireless Secrets
Where Has Your Laptop Been? Python Answers
Intercepting and Spying on UAVs with Python
Detecting FireSheep
Stalking with Bluetooth and Python
Chapter Wrap Up
References
Chapter 6. Web Recon with Python
Introduction: Social Engineering Today
Using the Mechanize Library to Browse the Internet
Scraping Web Pages with AnonBrowser
Research, Investigate, Discovery
Anonymous Email
Mass Social Engineering
Chapter Wrap-Up
References
Chapter 7. Antivirus Evasion with Python
Introduction: Flame On!
Evading Antivirus Programs
Verifying Evasion
Wrap Up
References
Index
Bookscreen
TARGET AUDIENCE
Everyone learns differently. However, whether you are a beginner who
wants to learn how to write Python, or an advanced programmer who
wants to learn how to apply your skills in penetration testing, this book is for you.