Penetration Testing with Shellcode
Seiten
2018
Packt Publishing Limited (Verlag)
978-1-78847-373-6 (ISBN)
Packt Publishing Limited (Verlag)
978-1-78847-373-6 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
Master Shellcode to leverage the buffer overflow concept
About This Book
• Understand how systems can be bypassed both at the operating system and network level with shellcode, assembly, and Metasploit
• Learn to write and modify 64-bit shellcode along with kernel-level shellcode concepts
• A step-by-step guide that will take you from low-level security skills to covering loops with shellcode
Who This Book Is For
This book is intended to be read by penetration testers, malware analysts, security researchers, forensic practitioners, exploit developers, C language programmers, software testers, and students in the security field.
Readers should have a basic understanding of OS internals (Windows and Linux). Some knowledge of the C programming language is essential, and a familiarity with the Python language would be helpful.
What You Will Learn
• Create an isolated lab to test and inject shellcodes (Windows and Linux).
• Understand both Windows and Linux behavior.
• Learn the assembly programming language.
• Create shellcode using assembly and Metasploit.
• Detect buffer overflows.
• Debug and reverse-engineer using tools such as GDB, edb, and Immunity (Windows and Linux).
• Exploit development and shellcodes injections (Windows & Linux).
• Prevent and protect against buffer overflows and heap corruption.
In Detail
Security has always been a major concern for your application, your system, or your environment. This book's main goal is to build your skills for low-level security exploits, finding vulnerabilities and covering loopholes with shellcode, assembly, and Metasploit.
This book will teach you topics ranging from memory management and assembly to compiling and extracting shellcode and using syscalls and dynamically locating functions in memory. This book also covers techniques to compile 64-bit shellcode for Linux and Windows along with Metasploit shellcode tools. Lastly, this book will also show you to how to write your own exploits with intermediate techniques, using real-world scenarios.
By the end of this book, you will have become an expert in shellcode and will understand how systems are compromised both at the operating system and network level.
Style and approach
This practical guide helps you understand buffer overflows and how to become creative about creating shellcode, looking inside code and analyzing it, and mastering the injection of shellcode into infected code. At the end of the book, there is a recap with a real-world scenario.
About This Book
• Understand how systems can be bypassed both at the operating system and network level with shellcode, assembly, and Metasploit
• Learn to write and modify 64-bit shellcode along with kernel-level shellcode concepts
• A step-by-step guide that will take you from low-level security skills to covering loops with shellcode
Who This Book Is For
This book is intended to be read by penetration testers, malware analysts, security researchers, forensic practitioners, exploit developers, C language programmers, software testers, and students in the security field.
Readers should have a basic understanding of OS internals (Windows and Linux). Some knowledge of the C programming language is essential, and a familiarity with the Python language would be helpful.
What You Will Learn
• Create an isolated lab to test and inject shellcodes (Windows and Linux).
• Understand both Windows and Linux behavior.
• Learn the assembly programming language.
• Create shellcode using assembly and Metasploit.
• Detect buffer overflows.
• Debug and reverse-engineer using tools such as GDB, edb, and Immunity (Windows and Linux).
• Exploit development and shellcodes injections (Windows & Linux).
• Prevent and protect against buffer overflows and heap corruption.
In Detail
Security has always been a major concern for your application, your system, or your environment. This book's main goal is to build your skills for low-level security exploits, finding vulnerabilities and covering loopholes with shellcode, assembly, and Metasploit.
This book will teach you topics ranging from memory management and assembly to compiling and extracting shellcode and using syscalls and dynamically locating functions in memory. This book also covers techniques to compile 64-bit shellcode for Linux and Windows along with Metasploit shellcode tools. Lastly, this book will also show you to how to write your own exploits with intermediate techniques, using real-world scenarios.
By the end of this book, you will have become an expert in shellcode and will understand how systems are compromised both at the operating system and network level.
Style and approach
This practical guide helps you understand buffer overflows and how to become creative about creating shellcode, looking inside code and analyzing it, and mastering the injection of shellcode into infected code. At the end of the book, there is a recap with a real-world scenario.
Hamza Megahed is a penetration tester, a Linux kernel expert, and a security researcher. He is interested in exploit development and cryptography, with a background in memory management and return-oriented programming. He has written many shellcodes; some of them were published in shell-storm and exploit-db. Also, he has written articles about information security and cryptographic algorithms.
Table of Contents
Introduction
Lab Setup
Assembly Language in Linux
Reverse Engineering
Creating Shellcode
Buffer Overflow Attacks
Exploit Development - Part 1
Exploit Development - Part 2
Real World scenarios part 1
Real World scenarios part 2
Real World scenarios part 3
Detection and Prevention
| Erscheinungsdatum | 10.03.2018 |
|---|---|
| Verlagsort | Birmingham |
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-78847-373-6 / 1788473736 |
| ISBN-13 | 978-1-78847-373-6 / 9781788473736 |
| Zustand | Neuware |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
Mehr entdecken
aus dem Bereich
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …
Buch | Softcover (2022)
Springer Vieweg (Verlag)
CHF 53,15
Lehrbuch für Prüfung und Praxis
Buch | Softcover (2023)
Springer Fachmedien Wiesbaden GmbH (Verlag)
CHF 27,95
Management der Informationssicherheit und Vorbereitung auf die …
Buch (2024)
Carl Hanser (Verlag)
CHF 97,95
