Gray hat hacking : the ethical hacker's handbook

Cutting-edge techniques for finding and fixing critical security flaws Fortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 13 new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition explains the enemy's current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-try testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, and cyber law are thoroughly covered in this state-of-the-art resource. And the new topic of exploiting the Internet of things is introduced in this edition. *Build and launch spoofing exploits with Ettercap *Induce error conditions and crash software using fuzzers *Use advanced reverse engineering to exploit Windows and Linux software *Bypass Windows Access Control and memory protection schemes *Exploit web applications with Padding Oracle Attacks *Learn the use-after-free technique used in recent zero days *Hijack web browsers with advanced XSS attacks *Understand ransomware and how it takes control of your desktop *Dissect Android malware with JEB and DAD decompilers *Find one-day vulnerabilities with binary diffing *Exploit wireless systems with Software Defined Radios (SDR) *Exploit Internet of things devices *Dissect and exploit embedded devices *Understand bug bounty programs *Deploy next-generation honeypots *Dissect ATM malware and analyze common ATM attacks *Learn the business side of ethical hacking

Part 1: Preparation Chapter 1: Why Gray Hat hacking? Ethics and Law Chapter 2: Programming Survival Skills Chapter 3: Next Generation Fuzzing Chapter 4: Next Generation Reverse Engineering Chapter 5: Software Defined Radios (SDR) Part 2: Business of Hacking Chapter 6: So You Want to Be a Pentester? Chapter 7: Red Team vs. Blue Team Chapter 8: Next Generation Security Operations Chapter 9: Bug Bounty Programs Part 3: Exploiting Systems Chapter 10: Getting Shells without Exploits Chapter 11: Basic Linux Exploits Chapter 12: Advance Linux Exploits Chapter 13: Windows Exploits Chapter 14: Bypassing Windows Memory Protections Chapter 15: Powershell Exploitation Chapter 16: Next Generation Exploitation of Web Applications Chapter 17: Next Generation Patch Exploitation Part 4: Advanced Malware Analysis Chapter 18: Dissecting Mobile Malware Chapter 19: Dissecting Ransomware Chapter 20: ATM Malware Chapter 21: Deception: Next Generation Honeypots Part 5: Internet of Things (IoT) Chapter 22: Internet of Things to be Hacked Chapter 23: Dissecting Embedded Devices Chapter 24: Exploiting Embedded Devices Chapter 25: Exploiting the Internet of Things