Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition

  • 9h 35m
  • Daniel Fernandez, Dr. Allen Harper, Huáscar Tejeda, Michael Baucom, Moses Frost, Ryan Linn, Stephen Sims
  • McGraw-Hill/Osborne
  • 2022

Up-to-date strategies for thwarting the latest, most insidious network attacks

This fully updated, industry-standard security resource shows, step by step, how to fortify computer networks by learning and applying effective ethical hacking techniques. Based on curricula developed by the authors at major security conferences and colleges, the book features actionable planning and analysis methods as well as practical steps for identifying and combating both targeted and opportunistic attacks.

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition clearly explains the enemy’s devious weapons, skills, and tactics and offers field-tested remedies, case studies, and testing labs. You will get complete coverage of Internet of Things, mobile, and Cloud security along with penetration testing, malware analysis, and reverse engineering techniques. State-of-the-art malware, ransomware, and system exploits are thoroughly explained.

  • Fully revised content includes 7 new chapters covering the latest threats
  • Includes proof-of-concept code stored on the GitHub repository
  • Authors train attendees at major security conferences, including RSA, Black Hat, Defcon, and Besides

About the Author

Dr. Allen Harper, CISSP, is the founder of N2NetSecurity, Inc.; former EVP and chief hacker at Tangible Security; former program director at Liberty University; and now serves as EVP of Cybersecurity at T-Rex Solutions LLC.

Ryan Linn has over 20 years in the security industry, ranging from systems programmer to corporate security, to leading a global cybersecurity consultancy.

Stephen Sims is an industry expert with over 15 years of experience in information technology and security. He currently works as a consultant performing reverse engineering, exploit development, threat modeling, and penetration testing.

Michael Baucom has over 25 years of industry experience ranging from embedded systems development to leading the product security and research division at Tangible Security.

Huáscar Tejeda is the co-founder and CEO of F2TC Cyber Security. He is a seasoned cybersecurity professional, thoroughly experienced with more than 20 years and notable achievements in IT and Telecommunications, developing carrier grade security solutions and business critical components for multiple broadband providers. He is also a member of the SANS Latin America Advisory Group, SANS Purple Team Summit Advisory Board, and contributing author of the SANS Institute's most advanced course, SEC760: Advanced Exploit Development for Penetration Testers.

Daniel Fernandez is a security researcher with more than 15 years of experience in the field. His focus over the last years has been hypervisor exploitation, before that he exploited Windows and Linux Kernels mostly.

Moses Frost is an author and instructor at the SANS Institute. His technology interests include Web Applications, Linux Systems Administration and Design and Designing hacking challenges. He currently works at McAfee.

In this Book

  • Preface
  • Introduction
  • Gray Hat Hacking
  • Programming Survival Skills
  • Linux Exploit Development Tools
  • Introduction to Ghidra
  • IDA Pro
  • Red and Purple Teams
  • Command and Control (C2)
  • Building a Threat Hunting Lab
  • Introduction to Threat Hunting
  • Basic Linux Exploits
  • Advanced Linux Exploits
  • Linux Kernel Exploits
  • Basic Windows Exploitation
  • Windows Kernel Exploitation
  • PowerShell Exploitation
  • Getting Shells Without Exploits
  • Post-Exploitation in Modern Windows Environments
  • Next-Generation Patch Exploitation
  • Internet of Things to Be Hacked
  • Dissecting Embedded Devices
  • Exploiting Embedded Devices
  • Software-Defined Radio
  • Hypervisors 101
  • Creating a Research Framework
  • Inside Hyper-V
  • Hacking Hypervisors Case Study
  • Hacking in Amazon Web Services
  • Hacking in Azure
  • Hacking Containers
  • Hacking on Kubernetes
SHOW MORE
FREE ACCESS