Practical Iot Hacking: The Definitive Guide to Attacking the Internet of Things (Paperback)
暫譯: 實用物聯網駭客技術:攻擊物聯網的權威指南 (平裝本)
Chantzis, Fotios, Stais, Ioannis, Calderon, Paulino
- 出版商: No Starch Press
- 出版日期: 2021-04-20
- 定價: $1,800
- 售價: 9.5 折 $1,710
- 貴賓價: 9.0 折 $1,620
- 語言: 英文
- 頁數: 464
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1718500904
- ISBN-13: 9781718500907
-
相關分類:
物聯網 IoT、資訊安全、駭客 Hack
-
相關翻譯:
物聯網時代的 15堂資安基礎必修課 (繁中版)
物聯網黑客 (簡中版)
立即出貨 (庫存=1)
買這商品的人也買了...
-
程式設計師的自我修養-連結、載入、程式庫$580$458 -
Debug Hacks 除錯駭客 -- 極致除錯的技巧與工具$580$458 -
Binary Hacks -- 駭客秘傳技巧一百招$580$493 -
The IoT Hacker's Handbook: A Practical Guide to Hacking the Internet of Things$2,040$1,938 -
物聯網實戰:使用樹莓派 /Arduino/ESP8266 NodeMCU/Python/Node-RED 打造安全監控系統$500$390 -
Cybersecurity - Attack and Defense Strategies - Second Edition$3,180$3,021 -
IoT and Edge Computing for Architects, 2/e (Paperback)$1,800$1,710 -
Computer Vision with Maker Tech: Detecting People with a Raspberry Pi, a Thermal Camera, and Machine Learning$2,350$2,233 -
經理人之道:技術領袖航向成長與改變的參考指南 (The Manager's Path: A Guide for Tech Leaders Navigating Growth and Change)$480$379 -
Python 演算法交易 (Python for Algorithmic Trading)$680$537 -
百萬在線:大型遊戲服務端開發$594$564 -
Ethical Hacking : A Hands-On Introduction to Breaking in (Paperback)$1,780$1,691 -
設計重構:25個管理技術債的技巧消除軟體設計臭味 (Refactoring for Software Design Smells: Managing Technical Debt)$520$406 -
程序員必讀之軟件架構$294$279 -
突破困境!企業開源虛擬化管理平台:使用 Proxmox Virtual Environment (iThome鐵人賽系列書)$620$484 -
圖解資料庫的工作原理$450$355 -
AutoML 自動化機器學習:用 AutoKeras 超輕鬆打造高效能 AI 模型 (Automated Machine Learning with AutoKeras: Deep learning made accessible for everyone with just few lines of coding)$690$587 -
用 ASP.NET Core 打造軟體積木和應用系統$400$316 -
$2,446Generative Deep Learning: Teaching Machines to Paint, Write, Compose, and Play, 2/e (Paperback) -
駕馭 ChatGPT 4: 探索 Azure OpenAI 與 Cognitive Service for Language 開發實踐 (使用.NET 與 Node.js)$650$488 -
Creative Prototyping with Generative AI: Augmenting Creative Workflows with Generative AI (Paperback)$1,790$1,701 -
ATT& CK 框架實踐指南, 2/e$960$912 -
ChatGPT 開發手冊 - 用 OpenAI API ‧ LangChain ‧ Embeddings 設計 Plugin、LINE/Discord bot、股票分析與客服自動化助理$750$593 -
Pragmatic TDD:以 DDD 寫出鬆散耦合、文件化和高品質的程式碼 (Pragmatic Test-Driven Development in C# and .NET: Write loosely coupled, documented, and high-quality code with DDD using familiar tools and libraries)$720$562 -
AI GNN 再進化 -- 圖神經網路完整學習及應用大全$1,200$948
相關主題
商品描述
The definitive guide to hacking the world of the Internet of Things (IoT) -- Internet connected devices such as medical devices, home assistants, smart home appliances and more.
Geared towards security researchers, IT teams, and penetration testers, application testers, developers, and IT administrators, this book teaches you how to get started with hacking Internet connected devices. You'll dig deep into technical (and related legal) issues, as you learn what kinds of devices to use as hacking tools and which make the best targets. The authors, all experts in the field, cover the kinds of vulnerabilities found in IoT devices, explain how to exploit their network protocols, and how to leverage security flaws and certain hardware interfaces found in the physical devices themselves.
The book begins with threat modeling and a security testing methodology, then covers how to attack hardware interfaces such as UART, I C, SPI, JTAG / SWD and IoT network protocols like UPnP, WS-Discovery, mDNS, DNS-SD, RTSP / RTCP / RTP, LoRa / LoRaWAN, Wi-Fi / Wi-Fi Direct, RFID / NFC, BLE, MQTT, CDP and DICOM. Examples throughout offer custom code designed to demonstrate specific vulnerabilities and tools to help readers reproduce the attacks. Practical IoT Hacking is full of practical exercises and hands-on examples taken from the authors' own research that teach you things like how to bypass the authentication of an STM32F103 device (black pill) through SWD; reverse firmware; exploit zero-configuration networking; use low-cost equipment to capture LoRa network traffic; analyze IoT companion mobile apps, take over and remotely control an Android based treadmill, jam wireless devices such as home alarm systems, hijack Bluetooth Low Energy connections and how to circumvent modern RFID and NFC enabled smart door locks.
商品描述(中文翻譯)
駭客攻擊物聯網(IoT)世界的權威指南 -- 互聯網連接的設備,如醫療設備、家庭助手、智能家電等。
本書針對安全研究人員、IT 團隊、滲透測試員、應用測試員、開發人員和 IT 管理員,教您如何開始駭客攻擊互聯網連接的設備。您將深入探討技術(及相關法律)問題,了解哪些設備可以作為駭客工具,哪些設備是最佳目標。所有作者都是該領域的專家,涵蓋了 IoT 設備中發現的各種漏洞,解釋如何利用其網絡協議,以及如何利用物理設備本身中的安全缺陷和某些硬體介面。
本書首先介紹威脅建模和安全測試方法論,然後涵蓋如何攻擊硬體介面,如 UART、I2C、SPI、JTAG/SWD,以及 IoT 網絡協議,如 UPnP、WS-Discovery、mDNS、DNS-SD、RTSP/RTCP/RTP、LoRa/LoRaWAN、Wi-Fi/Wi-Fi Direct、RFID/NFC、BLE、MQTT、CDP 和 DICOM。書中提供的範例包含自訂代碼,旨在展示特定漏洞和幫助讀者重現攻擊的工具。《實用 IoT 駭客攻擊》充滿了實用的練習和來自作者自身研究的實作範例,教您如何通過 SWD 繞過 STM32F103 設備(黑色小藥丸)的身份驗證;反向工程韌體;利用零配置網絡;使用低成本設備捕獲 LoRa 網絡流量;分析 IoT 伴隨的移動應用程式,接管並遠程控制基於 Android 的跑步機,干擾無線設備如家庭警報系統,劫持藍牙低能耗連接,以及如何繞過現代 RFID 和 NFC 啟用的智能門鎖。
作者簡介
Fotios (Fotis) Chantzis is laying the foundation for a safe and secure Artificial General Intelligence (AGI) at OpenAI. Previously, he worked as a principal information security engineer at Mayo Clinic, where he managed and conducted technical security assessments on medical devices, clinical support systems, and critical healthcare infrastructure.
Ioannis Stais is a senior IT security researcher and head of red teaming at CENSUS S.A., a company that offers specialized cybersecurity services. He has participated in dozens of security assessment projects, including the assessment of communication protocols, web and mobile banking services, ATMs and point-of-sale systems, and critical medical appliances.
Paulino Calderon is a published author and international speaker with over 12 years of experience in network and application security. When he isn't traveling to security conferences or consulting for Fortune 500 companies with Websec, a company he co-founded in 2011, he spends peaceful days enjoying the beach in Cozumel, Mexico.
Evangelos Deirmentzoglou is an information security professional interested in solving security problems at scale. He led and structured the cybersecurity capability of the financial tech startup Revolut. A member of the open-source community since 2015, he has made multiple contributions to Nmap and Ncrack.
Beau Woods is a cyber safety innovation fellow with the Atlantic Council and a leader with the I Am The Cavalry grassroots initiative. He is also the founder and CEO of Stratigos Security and sits on the board of several nonprofits. Beau is a published author and frequent public speaker.
作者簡介(中文翻譯)
**Fotios (Fotis) Chantzis** 正在 OpenAI 為安全且可靠的人工通用智慧 (AGI) 打下基礎。之前,他曾擔任梅奧診所的首席資訊安全工程師,負責管理和執行醫療設備、臨床支援系統及關鍵醫療基礎設施的技術安全評估。
**Ioannis Stais** 是 CENSUS S.A. 的資深 IT 安全研究員及紅隊負責人,該公司提供專業的網路安全服務。他參與了數十個安全評估專案,包括通訊協定、網路及行動銀行服務、自動提款機和銷售點系統,以及關鍵醫療設備的評估。
**Paulino Calderon** 是一位已出版的作者和國際演講者,擁有超過 12 年的網路和應用安全經驗。當他不在安全會議上旅行或為他於 2011 年共同創立的公司 Websec 提供顧問服務時,他會在墨西哥的科蘇梅爾享受平靜的海灘日子。
**Evangelos Deirmentzoglou** 是一位資訊安全專業人士,對於大規模解決安全問題充滿興趣。他曾領導並構建金融科技初創公司 Revolut 的網路安全能力。自 2015 年以來,他一直是開源社群的成員,並對 Nmap 和 Ncrack 做出了多項貢獻。
**Beau Woods** 是大西洋理事會的網路安全創新研究員,也是 I Am The Cavalry 基層倡議的領導者。他還是 Stratigos Security 的創始人兼 CEO,並在多個非營利組織的董事會任職。Beau 是一位已出版的作者和經常公開演講的人士。
