25 Books to Read Before You Die
 
 

Recently Viewed clear list


The Powell's Playlist | August 6, 2014

Graham Joyce: IMG The Powell’s Playlist: Graham Joyce



The Ghost in the Electric Blue Suit is set on the English coast in the hot summer of 1976, so the music in this playlist is pretty much all from the... Continue »
  1. $17.47 Sale Hardcover add to wish list

spacer
Qualifying orders ship free.
$64.95
New Trade Paper
Ships in 1 to 3 days
Add to Wishlist
available for shipping or prepaid pickup only
Available for In-store Pickup
in 7 to 12 days
Qty Store Section
25 Remote Warehouse Networking- Computer Security

Writing Security Tools and Exploits

by

Writing Security Tools and Exploits Cover

ISBN13: 9781597499972
ISBN10: 1597499978
Condition:
All Product Details

 

Synopses & Reviews

Publisher Comments:

Learn to Write the Security Tools the Other Books Only Teach You to Use

Exploits. In information technology circles, the term exploits has become synonymous with vulnerabilities. It is a scary word that can keep you up at night wondering if you have purchased the best firewalls, configured your new host-based intrusion prevention system correctly, and patched your entire environment. It's also a topic that can enter the security water-cooler discussions faster than McAfee's new wicked antivirus software or Symantec's latest acquisition. Exploits are proof that the computer science or software programming community still does not have an understanding of how to design, create, and implement secure code.

Write Solid Shellcode

Learn the techniques used to make the most out of vulnerabilities by employing the correct shellcode.

Reverse Connection Shellcode

See how reverse connection shellcode makes a connection from a hacked system to a different system where it can be caught using network tools such as netcat.

Buffer Overflow Exploits

Find techniques to protect against buffer overflows such as allocating buffers for string operations dynamically on the heap.

Heap Overflows

Heap overflows have become the most prominent software security bugs. See how they can have varying exploitation techniques and consequences.

Format Strings

Format string vulnerabilities occur when programmers pass externally supplied data to a print f function (or similar) as part of the format string argument.

Race Conditions

Nearly all race condition exploits are written from a local attacker's perspective and have the potential to escalateprivileges, overwrite files, or compromise protected data.

Exploitable Integer Bugs

See how integer bugs are harder for a researcher to spot than stack overflow vulnerabilities and learn why the implications of integer calculation errors are less understood by developers as a whole.

Code for Nessus

Use NASLs to check for security vulnerabilities or misconfigurations.

Metasploit Framework (MSF)

Use MSF and its components, msfweb, msfconsole, and msfcli, as an exploitation platform.

Meterpreter Extensions

Use the power of the Meterpreter payload system to load custom-written DLLs into an exploited process's address space.

Book News Annotation:

Exploits are programs developed by hackers that take advantage of weaknesses in code. In this work Foster (executive director of global product development, Computer Sciences Corporation), Liu ("an IT security specialist at a Fortune 100 company"), and other contributors explain how exploits are written in order to help computer security professionals avoid them. They also describe how to write security tools for combating exploits. Chapters discuss assembly and shellcode, stack exploits, heap exploits, format string exploits, and security coding. Distributed in the US by O'Reilly.
Annotation ©2006 Book News, Inc., Portland, OR (booknews.com)

Book News Annotation:

Exploits are programs developed by hackers that take advantage of weaknesses in code. In this work Foster (executive director of global product development, Computer Sciences Corporation), Liu ("an IT security specialist at a Fortune 100 company"), and other contributors explain how exploits are written in order to help computer security professionals avoid them. They also describe how to write security tools for combating exploits. Chapters discuss assembly and shellcode, stack exploits, heap exploits, format string exploits, and security coding. Distributed in the US by O'Reilly. Annotation ©2006 Book News, Inc., Portland, OR (booknews.com)

Synopsis:

Provides readers with working code to develop and modify the most common security tools including Nmap and Nessus

Synopsis:

Writing Security Tools and Exploits will be the foremost authority on vulnerability and security code and will serve as the premier educational reference for security professionals and software developers. The book will have over 600 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, this book will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques will be included in both the Local and Remote Code sections of the book.

The book will be accompanied with a companion Web site containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

* Provides readers with working code to develop and modify the most common security tools including Nmap and Nessus

* Learn to reverse engineer and write exploits for various operating systems, databases, and applications

* Automate reporting and analysis of security log files

About the Author

James C. Foster, Fellow, is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. and an adjunct author at Information Security Magazine, subsequent to working as Security Research Specialist for the Department of Defense. Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.1 Intrusion Detection (Syngress,

Table of Contents

Windows Server Update Services Essentials; Preparing for WSUS; Installing Windows Server Update Services; Upgrading from SUS to WSUS; Deploying WSUS in the Enterprise; Administering WSUS Servers; Configuring and Administering WSUS Clients; Managing the WSUS Environment; Troubleshooting WSUS; Securing WSUS; The Role of WSUS in IT Service Management

What Our Readers Are Saying

Add a comment for a chance to win!
Average customer rating based on 1 comment:

Robin123, December 19, 2011 (view all comments by Robin123)
If you looking for to learn to write exploit, this is the book to start. Very good book
Was this comment helpful? | Yes | No

Product Details

ISBN:
9781597499972
Author:
Foster, James C.
Publisher:
Syngress Publishing
Author:
Liu, Vincent
Subject:
Programming - Software Development
Subject:
Security - General
Subject:
Security
Subject:
Computer Science
Subject:
Software Development & Engineering - General
Subject:
Networking-Computer Security
Publication Date:
20060331
Binding:
TRADE PAPER
Language:
English
Illustrations:
Y
Pages:
650
Dimensions:
9 x 7 in

Other books you might like

  1. Exploiting Software: How to Break Code Used Trade Paper $32.00
  2. The Art of Unix Programming New Trade Paper $50.60

Related Subjects

Children's » General
Computers and Internet » Networking » Computer Security
Computers and Internet » Software Engineering » General
Engineering » Communications » Radio
Health and Self-Help » Health and Medicine » General
Health and Self-Help » Health and Medicine » General Medicine
Travel » General

Writing Security Tools and Exploits New Trade Paper
0 stars - 0 reviews
$64.95 In Stock
Product details 650 pages Syngress Publishing - English 9781597499972 Reviews:
"Synopsis" by , Provides readers with working code to develop and modify the most common security tools including Nmap and Nessus
"Synopsis" by , Writing Security Tools and Exploits will be the foremost authority on vulnerability and security code and will serve as the premier educational reference for security professionals and software developers. The book will have over 600 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, this book will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques will be included in both the Local and Remote Code sections of the book.

The book will be accompanied with a companion Web site containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

* Provides readers with working code to develop and modify the most common security tools including Nmap and Nessus

* Learn to reverse engineer and write exploits for various operating systems, databases, and applications

* Automate reporting and analysis of security log files

spacer
spacer
  • back to top
Follow us on...




Powell's City of Books is an independent bookstore in Portland, Oregon, that fills a whole city block with more than a million new, used, and out of print books. Shop those shelves — plus literally millions more books, DVDs, and gifts — here at Powells.com.