インターネットデパート - 取扱い商品数1000万点以上の通販サイト。送料無料商品も多数あります。

Penetration Testing with Shellcode: Detect, exploit, and secure network-level and operating system vulnerabilities

価格: ¥0
カテゴリ: Kindle版
ブランド: Packt Publishing
Amazon.co.jpで確認

Master Shellcode to leverage the buffer overflow concept

Key Features

  • Understand how systems can be bypassed both at the operating system and network level with shellcode, assembly, and Metasploit
  • Learn to write and modify 64-bit shellcode along with kernel-level shellcode concepts
  • A step-by-step guide that will take you from low-level security skills to covering loops with shellcode

Book Description

Security is always a major concern for your application, your system, or your environment.

This book’s main goal is to build up your skills for low-level security exploits, enabling you to find vulnerabilities and cover loopholes with shellcode, assembly, and Metasploit.

This book covers topics ranging from memory management and assembly to compiling and extracting shellcode and using syscalls and dynamically locating functions in memory. This book also covers how to compile 64-bit shellcode for Linux and Windows along with Metasploit shellcode tools. Lastly, this book will also show you to how to write your own exploits with intermediate techniques, using real-world scenarios.

By the end of this book, you will have become an expert in shellcode and will understand how systems are compromised both at the operating system and at the network level.

What you will learn

  • Create an isolated lab to test and inject Shellcodes (Windows and Linux)
  • Understand both Windows and Linux behavior in overflow attacks
  • Learn the assembly programming language
  • Create Shellcode using assembly and Metasploit
  • Detect buffer overflows
  • Debug and reverse-engineer using tools such as gdb, edb, and immunity
  • (Windows and Linux)
  • Exploit development and Shellcode injections (Windows and Linux)
  • Prevent and protect against buffer overflows and heap corruption

Who this book is for

This book is intended to be read by penetration testers, malware analysts, security researchers, forensic practitioners, exploit developers, C language programmers, software testers, and students in the security field.

Readers should have a basic understanding of OS internals (Windows and Linux). Some knowledge of the C programming language is essential, and a familiarity with the Python language would be helpful.

Table of Contents

  1. Introduction
  2. Lab Setup
  3. Assembly Language in Linux
  4. Reverse Engineering
  5. Creating Shellcode
  6. Buffer Overflow Attacks
  7. Exploit Development – Part 1
  8. Exploit Development – Part 2
  9. Real World scenarios part 1
  10. Real World scenarios part 2
  11. Real World scenarios part 3
  12. Detection and Prevention