Gray hat hacking : the ethical hacker's handbook

Cutting-edge techniques for finding and fixing critical security flawsFortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 12 new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Fourth Edition explains the enemy's current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-deploy testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, andcyber law are thoroughly covered in this state-of-the-art resource. Build and launch spoofing exploits with Ettercap and EvilgradeInduce error conditions and crash software using fuzzersHack Cisco routers, switches, and network hardwareUse advanced reverse engineering to exploit Windows and Linux softwareBypass Windows Access Control and memory protection schemesScan for flaws in Web applications using Fiddler and the x5 pluginLearn the use-after-free technique used in recent zero daysBypass Web authentication via MySQL type conversion and MD5 injection attacksInject your shellcode into a browser's memory using the latest Heap Spray techniquesHijack Web browsers with Metasploit and the BeEF Injection FrameworkNeutralize ransomware before it takes control of your desktopDissect Android malware with JEB and DAD decompilersFind one-day vulnerabilities with binary diffing

Part I:Law & Ethics1: Ethical Hacking and the Legal SystemPart II: Crash Course: Preparing for the War2 Programming Survival Skill3 Passive Analysis4 Advanced Reverse Engineering with IDA Pro 5 Intelligent Fuzzing 6 Shellcode Strategies7 Writing Linux ShellcodePart III: From Vulnerability to Exploit8: Spoofing Based Attacks9: Exploiting Cisco Routers 10: Basic Linux Exports 11: Advanced Linux Exploits 12: Bypassing Windows Memory Protections 13: Exploiting the Windows Access Control Model 14: Exploiting Web Applications 15: Bypassing Adobe Sandbox 16: Client-Side Browser Exploits17: Exploiting Mobile Devices Part IV: Automated Exploitation18: Advanced Client-side Exploitation with BeEF19: Metasploit to the Next Level20: Commercial Exploit Frameworks AnalysisPart V: Advanced Malware Analysis21: Dissecting Stuxnet22: Dissecting Android Malware23: Dissecting Blackhole Exploit Kit24: Analyzing 64-bit Malware25: Dissecting Kernel-mode Rootkit