Gray Hat Hacking: The Ethical Hacker's Handbook, Fifth Edition

  • 10h 7m
  • Allen Harper, et al.
  • McGraw-Hill/Osborne
  • 2018

Cutting-edge techniques for finding and fixing critical security flaws

Fortify your network and avert digital catastrophe with proven strategies from a team of security experts. Completely updated and featuring 13 new chapters, Gray Hat Hacking, The Ethical Hacker’s Handbook, Fifth Edition explains the enemy’s current weapons, skills, and tactics and offers field-tested remedies, case studies, and ready-to-try testing labs. Find out how hackers gain access, overtake network devices, script and inject malicious code, and plunder Web applications and browsers. Android-based exploits, reverse engineering techniques, and cyber law are thoroughly covered in this state-of-the-art resource. And the new topic of exploiting the Internet of things is introduced in this edition.

  • Build and launch spoofing exploits with Ettercap
  • Induce error conditions and crash software using fuzzers
  • Use advanced reverse engineering to exploit Windows and Linux software
  • Bypass Windows Access Control and memory protection schemes
  • Exploit web applications with Padding Oracle Attacks
  • Learn the use-after-free technique used in recent zero days
  • Hijack web browsers with advanced XSS attacks
  • Understand ransomware and how it takes control of your desktop
  • Dissect Android malware with JEB and DAD decompilers
  • Find one-day vulnerabilities with binary diffing
  • Exploit wireless systems with Software Defined Radios (SDR)
  • Exploit Internet of things devices
  • Dissect and exploit embedded devices
  • Understand bug bounty programs
  • Deploy next-generation honeypots
  • Dissect ATM malware and analyze common ATM attacks
  • Learn the business side of ethical hacking

About the Authors

Dr. Allen Harper, CISSP, PCI QSA, is the Executive Director of the Center for Cyber Excellence at Liberty University.

Daniel Regalado, aka Danux, CISSP, OSCP, OSCE, CREA, is a Principal Security Researcher at Zingbox.

Ryan Linn, CISSP, CSSLP, OSCE, is the Director of Advanced Threats and Countermeasures at a major consulting firm.

Stephen Sims is an independent consultant and is a course author, fellow, and curriculum lead for the SANS Institute.

Branko Spasojevic is a security engineer at Google.

Linda Martinez is the VP of Commercial Service Delivery at Tangible Security, Inc.

Michael Baucom is the VP of Tangible Labs for Tangible Security, Inc.

Chris Eagle is a senior lecturer in the Computer Science Department at the Naval Postgraduate School in Monterey, California.

The late Shon Harris, CISSP, was the CEO and founder of Logical Security.

In this Book

  • Why Gray Hat Hacking? Ethics and Law
  • Programming Survival Skills
  • Next-Generation Fuzzing
  • Next-Generation Reverse Engineering
  • Software-Defined Radio
  • So You Want to Be a Pen Tester?
  • Red Teaming Operations
  • Purple Teaming
  • Bug Bounty Programs
  • Getting Shells Without Exploits
  • Basic Linux Exploits
  • Advanced Linux Exploits
  • Windows Exploits
  • Advanced Windows Exploitation
  • PowerShell Exploitation
  • Next-Generation Web Application Exploitation
  • Next-Generation Patch Exploitation
  • Dissecting Mobile Malware
  • Dissecting Ransomware
  • ATM Malware
  • Deception: Next-Generation Honeypots
  • Internet of Things to Be Hacked
  • Dissecting Embedded Devices
  • Exploiting Embedded Devices
  • Fighting IoT Malware


Rating 5.0 of 2 users Rating 5.0 of 2 users (2)
Rating 4.6 of 239 users Rating 4.6 of 239 users (239)