CITATION

Harper, Allen; Harris, Shon; Ness, Jonathan; Eagle, Chris; Lenkey, Gideon; and Williams, Terron. Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition. US: McGraw-Hill Osborne Media, 2011.

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

Published:  January 2011

eISBN: 9780071742566 0071742565 | ISBN: 9780071742559

Book description:

THE LATEST STRATEGIES FOR UNCOVERING TODAY'S MOST DEVASTATING ATTACKS

Thwart malicious network intrusion by using cutting-edge techniques for finding and fixing security flaws. Fully updated and expanded with nine new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Third Edition details the most recent vulnerabilities and remedies along with legal disclosure methods. Learn from the experts how hackers target systems, defeat production schemes, write malicious code, and exploit flaws in Windows and Linux systems. Malware analysis, penetration testing, SCADA, VoIP, and Web security are also covered in this comprehensive resource.

  • Develop and launch exploits using BackTrack and Metasploit

  • Employ physical, social engineering, and insider attack techniques

  • Build Perl, Python, and Ruby scripts that initiate stack buffer overflows

  • Understand and prevent malicious content in Adobe, Office, and multimedia files

  • Detect and block client-side, Web server, VoIP, and SCADA attacks

  • Reverse engineer, fuzz, and decompile Windows and Linux software

  • Develop SQL injection, cross-site scripting, and forgery exploits

  • Trap malware and rootkits using honeypots and SandBoxes

Allen Harper, CISSP, a retired Marine Corps Major, is the president and founder of N2NetSecurity, Inc., and a faculty member for the Institute for Applied Network Security, He has worked as a security consultant for the Internal Revenue Service and for Logical Security, LLC.

Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and a bestselling author. She was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Jonathan Ness is a software security engineer at Microsoft. He is a member of an Air National Guard unit where he leads network penetration tests against military facilities across the country and helps define the information warfare aggressor mission for the Air Force.

Chris Eagle is a senior lecturer in the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California. A computer engineer/scientist for 25 years, his research interests include computer network attack and defense, computer forensics, and reverse/anti-reverse engineering. He can often be found teaching at Black Hat or spending late nights working on capture the flag at Defcon

Gideon J. Lenkey, CISSP co-founded Ra Security Systems, a network security monitoring and consultancy. He has provided advanced training to the FBI and is the sitting president of the FBI's InfraGard chapter in New Jersey.

Terron Williams, NSA IAM-IEM, CEH, CSSLP, works for Elster Electricity as a Senior Test Engineer with his primary focus on Smart Grid Security. He has served on the editorial board for Hakin9 Magazine.

Keywords: HACKING, NETWORK SECURITY, NETWORK SECURITY HACKS, NETWORK SECURITY MONITORING, NETWORK SECURITY ESSENTIALS, NETWORKING SECURITY SYSTEMS, HACKING EXPOSED, GRAY HAT, HACKING, ETHICAL HACKER, SHON HARRIS, ALLEN HARPER, JONATHAN NESS, CHRIS EAGLE, LOGICAL SECURITY, N2NETSECURITY, MICROSOFT, INTRODUCTION, DISCLOSURE, ETHICS, LAW, GOVERNING, BOOK, GUIDE, HOW TO, ETHICAL DISCLOSURE, ETHICAL, HACKING, DISCLOSURE, PENETRATION, SOCIAL ENGINEERING, ATTACKS, PHYSICAL, INSIDER, BACKTRACK, LIVECD LINUX, DISTRIBUTION, METASPLOIT, DRADIS, SPROGRAMMINGILLS, SHELLCODE SHELL CODE, WINDOWS, CLIENT CONTENT, WEB SERVER, VOIP, SCADA, VULNERABILITY, ANALYSIS, PASSIVE, ADVANCED STATIC, IDA PRO, REVERSE ENGINEERING, CLIENT-SIDE, BROWSER, EXPLOITS, WINDOWS ACCESS CONTROL MODEL, INTELLIGENT FUZZING, SULLEY, VULNERABILITY, MITIGATION, MALWARE, RESEARCH, PENETRATION, TESTING, TOOLS, PEN-TESTING, PROCESS, SOCIAL, ENGINEERING, ATTACKS, PHYSICAL, INSIDER, METASPLOIT, DRADIS, INFORMATION, SHARING, EXPLOITS, PROGRAMMING, SURVIVAL, SKILLS, BASIC, LINUX, ADVANCED, SHELL, CODE, STRATEGIES, WRITING, WINDOWS, CLIENT, SIDE, BROWSER, CONTENT, BASED, WEB, VOIP, SCADA, VULNERABILITY, PASSIVE, ANALYSIS, ACTIVE, INTELLIGENT, FUZZING, BUG, POST-EXPLOITATION, GUIDE, MITIGATION, TECHNIQUES, REVERSE, MALWARE, CONFERENCES, REAL-WORLD, ENGAGEMENTS, EXPERIENCE, ISSUES, THREATS, COMPREHENSIVE, OVERVIEW, LANDSCAPE, PROGRESSIVE, UPDATE, DEVELOPMENTS, LATEST, FRAMEWORKS, PROCESS, INFORMATION, CONSULTANTS, GLOBAL, SPEAKERS, PROFESSIONALS, ADMINISTRATORS, NETWORK, ACADEMIC, GOVERNMENT, CORPORATE, WARFARE, AIR FORCE, DEPARTMENT OF DEFENSE, DEPARTMENT OF ENERGY, NSA, WEST POINT, IRS, INFORMATION SYSTEMS AGENCY (DISA), DEPARTMENT OF THE NAVY, MILITARY, FACILITIES, AGGRESSOR, MISSION, RSA, BLACKHAT, INFRAGARD, HAKIN9, GIDEON LENKEY, TERRON WILLIAMS, RA SECURITY SYSTEMS, ELSTER ELECTRICITY, SMART GRID, COMPUTER SECURITY INSTITUTE, SECURITY, NETWORKING, HACKING EXPOSED, HACKING EXPOSED WEB 2.0, HACKING EXPOSED VOIP, HACKING EXPOSED WINDOWS, HACKING EXPOSED WEB APPLICATIONS, HACKING EXPOSED CISCO NETWORKS, GRAY HAT HACKING, HACKING EXPOSED WIRELESS, HACKING EXPOSED COMPUTER FORENSICS, 19 DEADLY SINS OF SOFTWARE SECURITY, 24 DEADLY SINS OF SOFTWARE SECURITY, CCNA CISCO CERTIFIED NETWORK ASSOCIATE STUDY GUIDE, CCENT CISCO CERTIFIED ENTRY NETWORKING TECHNICIAN STUDY GUIDE, CCNA CISCO CERTIFIED NETWORK ASSOCIATE WIRELESS STUDY GUIDE, CISSP ALL-IN-ONE EXAM GUIDE, MOBILE APPLICATION SECURITY, HACKING EXPOSED MALWARE AND ROOTKITS, HACKING EXPOSED COMPUTER FORENSICS, HACKING EXPOSED VIRTUALIZATION & CLOUD COMPUTING, IT SECURITY METRICS, SECURITY INFORMATION AND EVENT MANAGEMENT (SIEM) IMPLEMENTATION, IT AUDITING