Rtfm: Red Team Field Manual by Clark, B.The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
Publication Date: 2014
Cyber Forensics by Marcella, A.J.; Guillossou, F.An explanation of the basic principles of data This book explains the basic principles of data as building blocks of electronic evidential matter, which are used in a cyber forensics investigations. The entire text is written with no reference to a particular operation system or environment, thus it is applicable to all work environments, cyber investigation scenarios, and technologies. The text is written in a step-by-step manner, beginning with the elementary building blocks of data progressing upwards to the representation and storage of information. It inlcudes practical examples and illustrations throughout to guide the reader.
Practical Forensic Imaging by Nikkel, B.Forensic image acquisition is an important part of postmortem incident response and evidence collection. Digital forensic investigators acquire, preserve, and manage digital evidence to support civil and criminal cases; examine organizational policy violations; resolve disputes; and analyze cyber attacks. Practical Forensic Imaging takes a detailed look at how to secure and manage digital evidence using Linux-based command line tools. This essential guide walks you through the entire forensic acquisition process and covers a wide range of practical scenarios and situations related to the imaging of storage media. You ll learn how to: Perform forensic imaging of magnetic hard disks, SSDs and flash drives, optical discs, magnetic tapes, and legacy technologies Protect attached evidence media from accidental modification Manage large forensic image files, storage capacity, image format conversion, compression, splitting, duplication, secure transfer and storage, and secure disposal P
Call Number: eBook
Publication Date: 2016
CEH: Certified Ethical Hacker Version 8 Study Guide by Oriyano, S-P.Prepare for the new Certified Ethical Hacker version 8 exam with this Sybex guide Security professionals remain in high demand. The Certified Ethical Hacker is a one-of-a-kind certification designed to give the candidate a look inside the mind of a hacker. This study guide provides a concise, easy-to-follow approach that covers all of the exam objectives and includes numerous examples and hands-on exercises. Coverage includes cryptography, footprinting and reconnaissance, scanning networks, enumeration of services, gaining access to a system, Trojans, viruses, worms, covert channels, and much more. A companion website includes additional study tools, Including practice exam and chapter review questions and electronic flashcards. Security remains the fastest growing segment of IT, and CEH certification provides unique skills The CEH also satisfies the Department of Defense's 8570 Directive, which requires all Information Assurance government positions to hold one of the approved certifications This Sybex study guide is perfect for candidates studying on their own as well as those who are taking the CEHv8 course Covers all the exam objectives with an easy-to-follow approach Companion website includes practice exam questions, flashcards, and a searchable Glossary of key terms CEHv8: Certified Ethical Hacker Version 8 Study Guide is the book you need when you're ready to tackle this challenging exam Also available as a set, Ethical Hacking and Web Hacking Set, 9781119072171 with The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition.
Call Number: eBook
Publication Date: 2014
Computer Organization and Design ARM Edition by David A. Patterson; John L. HennessyThe new ARM Edition of Computer Organization and Design features a subset of the ARMv8-A architecture, which is used to present the fundamentals of hardware technologies, assembly language, computer arithmetic, pipelining, memory hierarchies, and I/O. With the post-PC era now upon us, Computer Organization and Design moves forward to explore this generational change with examples, exercises, and material highlighting the emergence of mobile computing and the Cloud. Updated content featuring tablet computers, Cloud infrastructure, and the ARM (mobile computing devices) and x86 (cloud computing) architectures is included. An online companion Web site provides links to a free version of the DS-5 Community Edition (a free professional quality tool chain developed by ARM), as well as additional advanced content for further study, appendices, glossary, references, and recommended reading.
Call Number: 004.21 PAT + eBook
Publication Date: 2016
Practical Malware Analysis by Sikorski, M.; Honig, A.Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring. For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way. You'll learn how to: Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases
Call Number: eBook
Publication Date: 2012
Network Security Essentials by Stallings, W.For courses in Corporate, Computer and Network Security . Network Security: Innovations and Improvements Network Securities Essentials: Applications and Standards introduces readers to the critical importance of internet security in our age of universal electronic connectivity. Amidst viruses, hackers, and electronic fraud, organizations and individuals are constantly at risk of having their private information compromised. This creates a heightened need to protect data and resources from disclosure, guarantee their authenticity, and safeguard systems from network-based attacks. The Sixth Edition covers the expanding developments in the cryptography and network security disciplines, giving readers a practical survey of applications and standards. The text places emphasis on applications widely used for Internet and corporate networks, as well as extensively deployed internet standards.
The Web Application Hacker's Handbook by Stuttard, D.; Pinto, M.The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws. Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.
Call Number: 005.8 STU + eBook
Publication Date: 2011
Penetration Testing by Weidman, G.Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses. In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine-based lab that includes Kali Linux and vulnerable operating systems, you'll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you'll experience the key stages of an actual assessment - including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more. Learn how to: Crack passwords and wireless network keys with brute-forcing and wordlists Test web applications for vulnerabilities Use the Metasploit Framework to launch exploits and write your own Metasploit modules Automate social-engineering attacks Bypass antivirus software Turn access to one machine into total control of the enterprise in the post exploitation phase You'll even explore writing your own exploits. Then it's on to mobile hacking - Weidman's particular area of research - with her tool, the Smartphone Pentest Framework. With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.
Call Number: 005.8092 WEI + eBook
Publication Date: 2014
Blue Team Field Manual (BTFM) by White, A.; Clark, B.Blue Team Field Manual (BTFM) is a Cyber Security Incident Response Guide that aligns with the NIST Cybersecurity Framework consisting of the five core functions of Identify, Protect, Detect, Respond, and Recover by providing the tactical steps to follow and commands to use when preparing for, working through and recovering from a Cyber Security Incident.
Publication Date: 2017
Industrial Network Security by Knapp, E.D.; Langill, J.As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems--energy production, water, gas, and other vital systems--becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems. The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation.