Thursday, 7. July 2011
The Shellcoder’s Handbook
The Shellcoder’s Handbook

Part 1: Introduction to Exploitation: Linux on x86.

Chapter 1: Before You Begin.
Chapter 2: Stack Overflows.
Chapter 3: Shellcode.
Chapter 4: Introduction to Format String Bugs.
Chapter 5: Introduction to Heap Overflows.

Part 2: Exploiting More Platforms: Windows, Solaris, and Tru64.

Chapter 6: The Wild World of Windows.
Chapter 7: Windows Shellcode.
Chapter 8: Windows Overflows.
Chapter 9: Overcoming Filters.
Chapter 10: Introduction to Solaris Exploitation.
Chapter 11: Advanced Solaris Exploitation.
Chapter 12: HP Tru64 Unix Exploitation.

Part 3: Vulnerability Discovery.

Chapter 13: Establishing a Working Environment.
Chapter 14: Fault Injection.
Chapter 15: The Art of Fuzzing.
Chapter 16: Source Code Auditing: Finding Vulnerabilities in C-Based Languages.
Chapter 17: Instrumented Investigation: A Manual Approach.
Chapter 18: Tracing for Vulnerabilities.
Chapter 19: Binary Auditing: Hacking Closed Source Software.

Part 4: Advanced Materials.

Chapter 20: Alternative Payload Strategies.
Chapter 21: Writing Exploits that Work in the Wild.
Chapter 22: Attacking Database Software.
Chapter 23: Kernel Overflows.
Chapter 24: Exploiting Kernel Vulnerabilities.

Permalink

 


Malware Analyst’s Cookbook and DVD
Title: Malware Analyst’s Cookbook and DVD
Author: Michael Ligh, Steven Adair, Blake Hartstein, Matthew Richard
Publisher: Wiley
Hardcover: 744 pages
Release Date: November 2, 2010

Here is the ‘Table of Contents’

Chapter 1 – Anonymizing Your Activities.
Chapter 2 – Honeypots.
Chapter 3 – Malware Classification.
Chapter 4 – Sandboxes and Multi-AV Scanners.
Chapter 5 – Researching Domains and IP Addresses.
Chapter 6 – Documents, Shellcode, and URLs.
Chapter 7 – Malware Labs.
Chapter 8 – Automation.
Chapter 9 – Dynamic Analysis.
Chapter 10 – Malware Forensics.
Chapter 11 – Debugging Malware.
Chapter 12 – De-Obfuscation.
Chapter 13 – Working with DLLs.
Chapter 14 – Kernel Debugging.
Chapter 15 – Memory Forensics with Volatility.
Chapter 16 – Memory Forensics: Code Injection and Extraction.
Chapter 17 – Memory Forensics: Rootkits.
Chapter 18 – Memory Forensics: Network and Registry.

Permalink

 


Social Engineering: The Art of Human Hacking
Social Engineering: The Art of Human Hacking

Title: Social Engineering: The Art of Human Hacking
Author: Christopher Hadnagy, Paul Wilson
Publisher: Wiley
Hardcover: 408 pages
Release Date: December 21, 2010

Table of Contents

A Look into the World of Social Engineering.
Information Gathering.
Elicitation.
Pretexting: How to Become Anyone.
Mind Tricks: Psychological Principles Used in Social Engineering.
Influence: The Power of Persuasion.
The Tools of the Social Engineer.
Case Studies: Dissecting the Social Engineer.
Prevention and Mitigation.

Permalink

 


Android in Action
Title: Android in Action
Author: Frank Ableson, Robi Sen
Publisher: Manning Publications
Hardcover: 592 pages
Release Date: Jan 28, 2011 (2nd Edition)

Here’s the table of Contents

Part 1 What is Android?—The Big Picture

Chapter 1 Introducing Android
Chapter 2 Android’s development environment
Part 2 Exercising the Android SDK

Chapter 3 User interfaces
Chapter 4 Intents and Services
Chapter 5 Storing and retrieving data
Chapter 6 Networking and web services
Chapter 7 Telephony
Chapter 8 Notifications and alarms
Chapter 9 Graphics and animation
Chapter 10 Multimedia
Chapter 11 Location, location, location
Part 3 Android applications

Chapter 12 Putting Android to work in a field service application
Chapter 13 Building Android applications in C
Part 4 The maturing platform

Chapter 14 Bluetooth and sensors
Chapter 15 Integration
Chapter 16 Android web development
Chapter 17 AppWidgets
Chapter 18 Localization
Chapter 19 Android Native Development Kit

Permalink

 


Practical Lock Picking
Practical Lock Picking

Title: Practical Lock Picking: A Physical Penetration Tester’s Training Guide
Author: Deviant Ollam
Publisher: Syngress
Hardcover: 236 pages
Release Date: July 23, 2010

Here is the table of contents

Chapter 1: Fundamentals of pin tumbler and wafer locks
Chapter 2: The basics of picking: Exploiting weaknesses
Chapter 3: Beginner training: How to get very good, very fast
Chapter 4: Advanced training: Learning some additional skills
Chapter 5: Quick-entry tricks: Shimming, bumping, and bypassing
Chapter 6: They all come tumbling down: Pin tumblers in other configurations
Appendix: Guide to tools and toolkits

Permalink

 


The Hacker News June 2011
The Hacker News June 2011

Content :
- Total Exposure
- Wikileaks : Exposure in true way
- Guide about selecting your Computer Security Consultant
- In the Realm of Cyber Breach
- Exploit Writers : Challenging Cyber Security
- Interview with Team Inj3ct0r
- IT Security Incident Management
- Interview with Core Anonymous Member : Anony_ops
- Exposure of Password secrets of Apple Safari
- Sony Hacked , Again hacked & Again Hacked
- Hacking News Highlights of the Month
- Hackers Toolkits Updates
- Security Tool : Buffer Zone

Download:
http://theevilhackerz.com/THN-june2011.pdf

Permalink

 


The Hacker News June 2011
The Hacker News June 2011

Content :
- Total Exposure
- Wikileaks : Exposure in true way
- Guide about selecting your Computer Security Consultant
- In the Realm of Cyber Breach
- Exploit Writers : Challenging Cyber Security
- Interview with Team Inj3ct0r
- IT Security Incident Management
- Interview with Core Anonymous Member : Anony_ops
- Exposure of Password secrets of Apple Safari
- Sony Hacked , Again hacked & Again Hacked
- Hacking News Highlights of the Month
- Hackers Toolkits Updates
- Security Tool : Buffer Zone

Download:
http://theevilhackerz.com/THN-june2011.pdf

Permalink

 


ClubHACK Magazine Issue 17-June 2011
ClubHACK Magazine Issue 17-June 2011

Tech Gyan - Pentesting your own Wireless Network
Tool Gyan - Wi-Fi tools
Mom's Guide - Wireless Security - Best Practices
Legal Gyan - Copyrights and cyber space
Matriux Vibhag - Forensics with Matriux Part - 2
Poster of the month - Can you cage a Wi-Fi signanl ?

Download:
http://chmag.in/issue/jun2011.pdf

Permalink

 


ClubHack Magazine
ClubHack Magazine

Contents of this Issue:-

Tech Gyan - First ever public disclosure of Password secrets of "Apple Safari".
Tool Gyan - BeEF (Browser Exploitation Framework)
Mom's Guide - User Agent on my Header.
Legal Gyan - New Rules under Information Technology Act.
Matriux Vibhag - Forensics with Matriux Part - 1
Poster of the month - How safe you are while surfing?


Direct Download: http://chmag.in/issue/may2011.pdf

Permalink

 


The Web Application Hacker's Handbook 2nd: Discovering and Exploiting Security Flaws
The Web Application Hacker's Handbook 2nd: Discovering and Exploiting Security Flaws

Web Application (In)security
Core Defense Mechanisms
Web Application Technologies
Mapping the Application
Bypassing Client-Side Controls
Attacking Authentication
Attacking Session Management
Attacking Access Controls
Injecting Code
Exploiting Path Traversal
Attacking Application Logic
Attacking Other Users
Automating Bespoke Attacks
Exploiting Information Disclosure
Attacking Compiled Applications
Attacking Application Architecture
Attacking the Web Server
Finding Vulnerabilities in Source Code
A Web Application Hacker's Toolkit
A Web Application Hacker's Methodology

Download the full table of contents (PDF).
http://portswigger.net/wahh/wahh-toc.pdf

Permalink