Becoming the Hacker: The Playbook for Getting Inside the Mind of the Attacker
暫譯: 成為駭客:深入攻擊者思維的實戰手冊

Adrian Pruteanu

Becoming the Hacker: The Playbook for Getting Inside the Mind of the Attacker
  • 出版商: Packt Publishing
  • 出版日期: 2018-10-31
  • 售價: $1,830
  • 貴賓價: 9.5$1,739
  • 語言: 英文
  • 頁數: 404
  • 裝訂: Paperback
  • ISBN: 1788627962
  • ISBN-13: 9781788627962
  • 相關分類: 駭客 Hack

    • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Web penetration testing by becoming an ethical hacker. Protect the web by learning the tools, and the tricks of the web application attacker.

Key Features

  • Builds on books and courses on penetration testing for beginners
  • Covers both attack and defense perspectives
  • Examines which tool to deploy to suit different applications and situations

Book Description

Becoming the Hacker will teach you how to approach web penetration testing with an attacker's mindset. While testing web applications for performance is common, the ever-changing threat landscape makes security testing much more difficult for the defender.

There are many web application tools that claim to provide a complete survey and defense against potential threats, but they must be analyzed in line with the security needs of each web application or service. We must understand how an attacker approaches a web application and the implications of breaching its defenses.

Through the first part of the book, Adrian Pruteanu walks you through commonly encountered vulnerabilities and how to take advantage of them to achieve your goal. The latter part of the book shifts gears and puts the newly learned techniques into practice, going over scenarios where the target may be a popular content management system or a containerized application and its network.

Becoming the Hacker is a clear guide to web application security from an attacker's point of view, from which both sides can benefit.

What you will learn

  • Study the mindset of an attacker
  • Adopt defensive strategies
  • Classify and plan for standard web application security threats
  • Prepare to combat standard system security problems
  • Defend WordPress and mobile applications
  • Use security tools and plan for defense against remote execution

Who this book is for

The reader should have basic security experience, for example, through running a network or encountering security issues during application development. Formal education in security is useful, but not required. This title is suitable for people with at least two years of experience in development, network management, or DevOps, or with an established interest in security.

Table of Contents

  1. Introduction to Attacking Web Applications
  2. Efficient Discovery
  3. Low-hanging Fruit
  4. Advanced Bruteforcing
  5. File Inclusion Attacks
  6. Out of Band Exploitation
  7. Automated Testing
  8. Bad Serialization
  9. Practical Client-Side Attacks
  10. Practical Server-Side Attacks
  11. Attacking APIs
  12. Attacking CMS
  13. Breaking Containers

商品描述(中文翻譯)

**成為道德駭客的網路滲透測試。透過學習工具和網路應用攻擊者的技巧來保護網路。**

#### 主要特點
- 建立在針對初學者的滲透測試書籍和課程之上
- 涵蓋攻擊和防禦的雙重視角
- 檢視適合不同應用和情境的工具部署

#### 書籍描述
《成為駭客》將教你如何以攻擊者的心態來進行網路滲透測試。雖然測試網路應用的性能是常見的做法,但不斷變化的威脅環境使得防禦者的安全測試變得更加困難。

有許多網路應用工具聲稱能提供對潛在威脅的全面調查和防禦,但這些工具必須根據每個網路應用或服務的安全需求進行分析。我們必須了解攻擊者如何接近網路應用以及突破其防禦的影響。

在書的第一部分,Adrian Pruteanu 會帶你了解常見的漏洞以及如何利用這些漏洞來達成你的目標。書的後半部分則轉向實踐,將新學到的技術付諸實行,探討目標可能是流行的內容管理系統或容器化應用及其網路的情境。

《成為駭客》是一本從攻擊者的角度出發的網路應用安全清晰指南,雙方都能從中受益。

#### 你將學到的內容
- 研究攻擊者的心態
- 採取防禦策略
- 分類並規劃標準網路應用安全威脅
- 準備應對標準系統安全問題
- 防禦 WordPress 和行動應用
- 使用安全工具並規劃防禦遠端執行

#### 本書適合誰
讀者應具備基本的安全經驗,例如,透過運行網路或在應用開發過程中遇到安全問題。正式的安全教育雖然有用,但並非必需。本書適合至少有兩年開發、網路管理或 DevOps 經驗的人,或對安全有既定興趣的人。

#### 目錄
1. 網路應用攻擊介紹
2. 高效發現
3. 低垂的果實
4. 進階暴力破解
5. 檔案包含攻擊
6. 跨通道利用
7. 自動化測試
8. 錯誤序列化
9. 實用的客戶端攻擊
10. 實用的伺服器端攻擊
11. 攻擊 API
12. 攻擊 CMS
13. 突破容器

類似商品