Coding for Penetration Testers Building Better Tools

Size: px
Start display at page:

Download "Coding for Penetration Testers Building Better Tools"

Transcription

1 Coding for Penetration Testers Building Better Tools Second Edition Jason Andress Ryan Linn Clara Hartwell, Technical Editor ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint of Elsevier SVNGRESS,

2 About the Authors xv CHAPTER 0 Introduction l Book Overview and Key Learning Points 1 Book Audience 2 How This Book is Organized 2 Chapter 1: Introduction to Command Shell Scripting 3 Chapter 2: Introduction to Python 3 Chapter 3: Introduction to Perl 3 Chapter 4: Introduction to Ruby 3 Chapter 5: Introduction to Web Scripting With PHP 4 Chapter 6: Manipulating Windows With PowerShell 4 Chapter 7: Scanner Scripting 4 Chapter 8: Information Gathering 4 Chapter 9: Exploitation Scripting 5 Chapter 10: Postexploitation Scripting 5 Conclusion 5 CHAPTER 1 Introduction to command shell scripting 7 On Shell Scripting 7 What Is a Shell? 8 What Is a Script? 9 Shell Scripts 10 Where Shell Scripting Is Useful? 10 UNIX, Linux, and OS X Shell Scripting 11 Shell Availability and Choices 11 Working With Shells 13 Bash Basics 14 Hello World 14 Variables 16 Arguments 18 Control statements 19 Putting It All Together With Bash 22 Adding /dev/tcp/support to Bash 23 Building a Port Scanner With Bash 23 Improving the Script 25 vii

3 viii Windows Scripting 25 Shell Availability and Choices 26 Command.com and CMD.exe 26 PowerShell 27 Cygwin 28 Other Shells 28 PowerShell Basics 29 Hello World 29 Variables 31 Arguments 32 Control Statements 34 Conditionals 34 Introducing the Windows Management Interface 35 Looping 36 Putting It All Together With PowerShell 38 Building a Port Scanner With PowerShell 38 Improving the Script 40 Summary 41 References 42 CHAPTER 2 Introduction to Python 43 What Is Python? 44 Where Do We Get Python? 44 Where Is Python Useful? 44 Multiplatform Scripting 45 Network Scripting 45 Extensive Modules 45 Reusable Code That Is Easy to Create 45 Python Basics 46 Getting Started 46 Variables 48 Modules 49 Arguments 49 Lists 53 Dictionaries Control Statements 60 Functions 62 File Manipulation 64 Exception Handling 65

4 ix Network Communications 66 Client Communications 67 Server Communications 69 Scapy 72 Summary 78 References 79 CHAPTER 3 Introduction to Perl 81 Introduction 81 Where Perl Is Useful 82 Handling Text 82 Gluing Applications Together 83 Working With Perl 83 Editing Tools 84 Extending Perl Scripts 85 Graphical User Interfaces in Perl 85 Perl Basics 86 Hello World 86 Variables 87 Shell Commands 88 Arguments 91 Control Statements 92 Regular Expressions 97 File Input and Output 100 Putting It All Together 103 Building an SNMP Scanner With Perl 103 Improving the Script 109 Summary 109 References 110 CHAPTER 4 Introduction to Ruby in Introduction Ill Where Ruby Is Useful 112 Ruby Basics 112 Variables 114 Building Classes With Ruby 125 Building a Class 126 Extending a Class 127 Accessing Class Data 129

5 x File Manipulation 131 Database Basics 133 Using DBI 134 Using Active Record 136 Network Operations 138 Client Communications 139 Server Communications 141 Putting It All Together 143 Summary 149 References 149 CHAPTER 5 Introduction to web scripting with PHP 151 Introduction 151 Where Web Scripting Is Useful 152 Getting Started With PHP 152 Scope 153 PHP Basics 153 Variables 154 Output 156 Control Statements 157 Functions 160 Handling Forms With PHP 162 File Handling and Command Execution 165 File Handling 165 Command Execution 168 Putting It All Together 171 Summary 175 CHAPTER 6 Manipulating Windows with PowerShell 177 Dealing With Execution Policies in PowerShell 178 Execution Policies 178 Bypassing the Policies 179 Getting In 181 Setting Up a Windows 10 System 181 Penetration Testing Uses for PowerShell 183 Controlling Processes and Services 183 Interfacing With the Event Logs 186 Getting and Sending Files Over the Network 188 Interfacing With the Registry 191

6 PowerShell and Metasploit 196 Customizing Invoke-Shellcode 197 Putting It All Together 198 Summary 200 References 201 CHAPTER 7 Scanner scripting 203 Introduction 203 Working With Scanning Tools 204 Netcat 204 Nmap 205 Nessus/OpenVAS 205 Netcat 206 Implementations of Netcat 206 Simple Netcat Usage 207 Building a Web Server With Netcat 208 Transferring Files With Netcat 210 Nmap 213 Working With Service Probes in Nmap 213 TheNSE 217 Building Nmap NSE Files 217 Nessus/OpenVAS 218 NASL in Nessus and Open VAS 219 Nessus Attack Scripting Language 219 Summary 222 References 223 CHAPTER 8 Information gathering 225 Introduction 225 Information Gathering for Penetration Testing 226 Sources of Information 226 Patterns in Information 227 Metadata 228 What Can We Do With the Information? 229 Talking to Google 229 Google Hacking 230 Advanced Operators 231 Automating Google Discovery 232 Web Automation With Perl 234 Pulling Information From Websites 234

7 xii Working With Metadata 237 Finding Metadata 238 Document Metadata 239 Metadata in Media Files 240 Putting It All Together 243 Summary 245 References 246 CHAPTER 9 Exploitation scripting 247 Introduction 247 Building Exploits With Python 247 Setting Up 248 Setting Up Debugging 250 Causing Our First Crash 253 Using pattern_offset 255 Controlling EIP 257 Adding Shellcode 259 Getting Our Shell 262 Creating Metasploit Exploits 262 Starting a Template 264 Porting the Exploit Code 267 Executing the Exploit 269 Exploiting PHP Scripts 270 Remote File Inclusion 271 Command Execution Vulnerabilities 274 Cross-Site Scripting 277 Summary 282 CHAPTER 10 Postexploitation scripting 283 Introduction 283 Why Postexploitation Is Important? 284 Windows Shell Commands 284 User Management 284 Listing Users and Groups 284 Adding Users and Groups 288 Gathering Network Information 288 Windows Network Information Gathering 288 Linux Network Information Gathering 290 Scripting Metasploit Meterpreter 291 Getting a Shell 291

8 xiii Building a Basic Script 292 Executing the Script 298 Database Postexploitation 299 What Is SQLi? 299 MySQL 299 SQLi on Microsoft SQL Server 307 Summary 309 Index 311

Coding for Penetration

Coding for Penetration Coding for Penetration Testers Building Better Tools Jason Andress Ryan Linn ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security No part of this publication, in whole or in part, may

More information

Embedded Systems Architecture

Embedded Systems Architecture Embedded Systems Architecture A Comprehensive Guide for Engineers and Programmers By Tammy Noergaard ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

Android Forensics. Investigation, Analysis, Google Android. and Mobile Security for. Andrew Hoog. John McCash, Technical Editor SYNGRESS

Android Forensics. Investigation, Analysis, Google Android. and Mobile Security for. Andrew Hoog. John McCash, Technical Editor SYNGRESS Android Forensics Investigation, Analysis, and Mobile Security for Google Android Andrew Hoog John McCash, Technical Editor AMSTERDAM BOSTON. HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO.

More information

Maya Python. for Games and Film. and the Maya Python API. A Complete Reference for Maya Python. Ryan Trowbridge. Adam Mechtley ELSEVIER

Maya Python. for Games and Film. and the Maya Python API. A Complete Reference for Maya Python. Ryan Trowbridge. Adam Mechtley ELSEVIER Maya Python for Games and Film A Complete Reference for Maya Python and the Maya Python API Adam Mechtley Ryan Trowbridge AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Managed. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS

Managed. Code Rootkits. Hooking. into Runtime. Environments. Erez Metula ELSEVIER. Syngress is an imprint of Elsevier SYNGRESS Managed Code Rootkits Hooking into Runtime Environments Erez Metula ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEWYORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint

More information

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services Following topics will be covered: Module 1: Penetration Testing Planning and Scoping - Types of penetration testing and ethical hacking projects - Penetration testing methodology - Limitations and benefits

More information

Computers as Components Principles of Embedded Computing System Design

Computers as Components Principles of Embedded Computing System Design Computers as Components Principles of Embedded Computing System Design Third Edition Marilyn Wolf ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY

More information

An Introduction to Parallel Programming

An Introduction to Parallel Programming F 'C 3 R'"'C,_,. HO!.-IJJ () An Introduction to Parallel Programming Peter S. Pacheco University of San Francisco ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

CONTENTS IN DETAIL. FOREWORD by HD Moore ACKNOWLEDGMENTS INTRODUCTION 1 THE ABSOLUTE BASICS OF PENETRATION TESTING 1 2 METASPLOIT BASICS 7

CONTENTS IN DETAIL. FOREWORD by HD Moore ACKNOWLEDGMENTS INTRODUCTION 1 THE ABSOLUTE BASICS OF PENETRATION TESTING 1 2 METASPLOIT BASICS 7 CONTENTS IN DETAIL FOREWORD by HD Moore xiii PREFACE xvii ACKNOWLEDGMENTS xix Special Thanks... xx INTRODUCTION xxi Why Do A Penetration Test?... xxii Why Metasploit?... xxii A Brief History of Metasploit...

More information

Understand and Implement Effective PCI Data Security Standard Compliance

Understand and Implement Effective PCI Data Security Standard Compliance PCI Compliance Understand and Implement Effective PCI Data Security Standard Compliance Second Edition Dr. Anton A. Chuvakin Branden R. Williams Technical Editor Ward Spangenberg ELSEVIER AMSTERDAM BOSTON

More information

FISMAand the Risk Management Framework

FISMAand the Risk Management Framework FISMAand the Risk Management Framework The New Practice of Federal Cyber Security Stephen D. Gantz Daniel R. Phi I pott Darren Windham, Technical Editor ^jm* ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON

More information

Metasploit: The Penetration Tester's Guide PDF

Metasploit: The Penetration Tester's Guide PDF Metasploit: The Penetration Tester's Guide PDF "The best guide to the Metasploit Framework."—HD Moore, Founder of the Metasploit Project The Metasploit Framework makes discovering, exploiting, and

More information

System Assurance. Beyond Detecting. Vulnerabilities. Djenana Campara. Nikolai Mansourov

System Assurance. Beyond Detecting. Vulnerabilities. Djenana Campara. Nikolai Mansourov System Assurance Beyond Detecting Vulnerabilities Nikolai Mansourov Djenana Campara ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SYDNEY TOKYO Morgan Kaufmann

More information

Nmap & Metasploit. Chun-Jen (James) Chung. Arizona State University

Nmap & Metasploit. Chun-Jen (James) Chung. Arizona State University Nmap & Metasploit Chun-Jen (James) Chung Nmap recap Nmap uses raw IP packets in novel ways to determine what hosts are available on the network What services (application name and version) those hosts

More information

Programming 8-bit PIC Microcontrollers in С

Programming 8-bit PIC Microcontrollers in С Programming 8-bit PIC Microcontrollers in С with Interactive Hardware Simulation Martin P. Bates älllllltlilisft &Щ*лЛ AMSTERDAM BOSTON HEIDELBERG LONDON ^^Ш NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Information Modeling and Relational Databases

Information Modeling and Relational Databases Information Modeling and Relational Databases Second Edition Terry Halpin Neumont University Tony Morgan Neumont University AMSTERDAM» BOSTON. HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Contents in Detail. Foreword by Peter Van Eeckhoutte

Contents in Detail. Foreword by Peter Van Eeckhoutte Contents in Detail Foreword by Peter Van Eeckhoutte xix Acknowledgments xxiii Introduction xxv A Note of Thanks.... xxvi About This Book.... xxvi Part I: The Basics.... xxvii Part II: Assessments.........................................

More information

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for

More information

Moving to the Cloud. Developing Apps in. the New World of Cloud Computing. Dinkar Sitaram. Geetha Manjunath. David R. Deily ELSEVIER.

Moving to the Cloud. Developing Apps in. the New World of Cloud Computing. Dinkar Sitaram. Geetha Manjunath. David R. Deily ELSEVIER. Moving to the Cloud Developing Apps in the New World of Cloud Computing Dinkar Sitaram Geetha Manjunath Technical Editor David R. Deily AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO

More information

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking Summer Training Internship Program 2017 (STIP - 2017) is a practical oriented & industrial level training program for all students who have aspiration to work in the core technical industry domain. This

More information

MSP430 Microcontroller Basics

MSP430 Microcontroller Basics MSP430 Microcontroller Basics John H. Davies AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Newnes is an imprint of Elsevier N WPIGS Contents Preface

More information

An Introduction to Programming with IDL

An Introduction to Programming with IDL An Introduction to Programming with IDL Interactive Data Language Kenneth P. Bowman Department of Atmospheric Sciences Texas A&M University AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN

More information

دوره تست نفوذ. Ver.1.2 شما میتوانید آنلاین در این دوره ثبت نام بلافاصله از آن استفاده کنید. Information Gathering. Bash scripting

دوره تست نفوذ. Ver.1.2 شما میتوانید آنلاین در این دوره ثبت نام بلافاصله از آن استفاده کنید. Information Gathering. Bash scripting Ver.1.2 Information Gathering Bash scripting Information gathering (passive) شما میتوانید آنلاین در این دوره ثبت نام کنید و بلافاصله از آن استفاده کنید. دیدن نمونه آموزش هاي دوره تست نفوذ Google operators

More information

PENETRATION TESTING. A HattdA-Oti Introduction. to Hacking. by Georgia Weidman. <e> no starch. press. San Francisco

PENETRATION TESTING. A HattdA-Oti Introduction. to Hacking. by Georgia Weidman. <e> no starch. press. San Francisco PENETRATION TESTING A HattdA-Oti Introduction to Hacking by Georgia Weidman no starch press San Francisco CONTENTS IN DETAIL FOREWORD by Peter Van Eeckhoutte xix ACKNOWLEDGMENTS xxiii INTRODUCTION

More information

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7 Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7 We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online

More information

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7

Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7 Windows Forensic Analysis Toolkit Third Edition Advanced Analysis Techniques For Windows 7 We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our ebooks online

More information

Security for Microsoft Windows System Administrators

Security for Microsoft Windows System Administrators Security for Microsoft Windows System Administrators Security for Microsoft Windows System Administrators Introduction to Key Information Security Concepts Derrick Rountree Rodney Buike, Technical Editor

More information

The Unified Modeling Language User Guide

The Unified Modeling Language User Guide The Unified Modeling Language User Guide Grady Booch James Rumbaugh Ivar Jacobson Rational Software Corporation TT ADDISON-WESLEY Boston San Francisco New York Toronto Montreal London Munich Paris Madrid

More information

AUTHOR CONTACT DETAILS

AUTHOR CONTACT DETAILS AUTHOR CONTACT DETAILS Name Dinesh Shetty Organization Paladion Networks Email ID dinesh.shetty@paladion.net Penetration Testing with Metasploit Framework When i say "Penetration Testing tool" the first

More information

Algorithmic Graph Theory and Perfect Graphs

Algorithmic Graph Theory and Perfect Graphs Algorithmic Graph Theory and Perfect Graphs Second Edition Martin Charles Golumbic Caesarea Rothschild Institute University of Haifa Haifa, Israel 2004 ELSEVIER.. Amsterdam - Boston - Heidelberg - London

More information

Evaluating Website Security with Penetration Testing Methodology

Evaluating Website Security with Penetration Testing Methodology Evaluating Website Security with Penetration Testing Methodology D. Menoski, P. Mitrevski and T. Dimovski St. Clement of Ohrid University in Bitola/Faculty of Technical Sciences, Bitola, Republic of Macedonia

More information

Audience. Pre-Requisites

Audience. Pre-Requisites T R A N C H U L A S W O R K S H O P S A N D T R A I N I N G S Hands-On Penetration Testing Training Course About Tranchulas Tranchulas is a multinational information security company having its offices

More information

CPTE: Certified Penetration Testing Engineer

CPTE: Certified Penetration Testing Engineer www.peaklearningllc.com CPTE: Certified Penetration Testing Engineer (5 Days) *Includes exam voucher, course video, an exam preparation guide About this course Certified Penetration Testing Engineer certification

More information

MariaDB Crash Course. A Addison-Wesley. Ben Forta. Upper Saddle River, NJ Boston. Indianapolis. Singapore Mexico City. Cape Town Sydney.

MariaDB Crash Course. A Addison-Wesley. Ben Forta. Upper Saddle River, NJ Boston. Indianapolis. Singapore Mexico City. Cape Town Sydney. MariaDB Crash Course Ben Forta A Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Cape Town Sydney Tokyo Singapore Mexico City

More information

Logging and Log Management

Logging and Log Management Logging and Log Management The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management Dr. Anton A. Chuvakin Kevin J. Schmidt Christopher Phillips Partricia Moulder, Technical

More information

Usability Testing Essentials

Usability Testing Essentials Usability Testing Essentials Ready, Set...Test! Carol M. Barnum ELSEVIER Amsterdam Boston Heidelberg London New York Oxford Paris San Diego San Francisco Singapore Sydney Tokyo Morgan Kaufmann is an imprint

More information

Programming in Python 3

Programming in Python 3 Programming in Python 3 A Complete Introduction to the Python Language Mark Summerfield.4.Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich

More information

Digital Signal Processing System Design: LabVIEW-Based Hybrid Programming Nasser Kehtarnavaz

Digital Signal Processing System Design: LabVIEW-Based Hybrid Programming Nasser Kehtarnavaz Digital Signal Processing System Design: LabVIEW-Based Hybrid Programming Nasser Kehtarnavaz Digital Signal Processing System Design: LabVIEW-Based Hybrid Programming by Nasser Kehtarnavaz University

More information

The Definitive Guide to the ARM Cortex-M3

The Definitive Guide to the ARM Cortex-M3 The Definitive Guide to the ARM Cortex-M3 Joseph Yiu AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Newnes is an imprint of Elsevier Newnes Forewopd

More information

Database Modeling And Design The Fundamental Principles The Morgan Kaufmann Series In Data Management Systems

Database Modeling And Design The Fundamental Principles The Morgan Kaufmann Series In Data Management Systems Database Modeling And Design The Fundamental Principles The Morgan Kaufmann Series In Data Management We have made it easy for you to find a PDF Ebooks without any digging. And by having access to our

More information

Oracle 10g Developing Media Rich Applications

Oracle 10g Developing Media Rich Applications Oracle 10g Developing Media Rich Applications Oracle Database Related Book Titles: Oracle 9iR2 Data Warehousing, Hobbs, et al, ISBN: 1-55558-287-7, 2004 Oracle 10g Data Warehousing, Hobbs, et al, ISBN

More information

Web Penetration Testing

Web Penetration Testing Web Penetration Testing What is a Website How to hack a Website? Computer with OS and some servers. Apache, MySQL...etc Contains web application. PHP, Python...etc Web application is executed here and

More information

Contents. Deployment: Automated Installation of Cygwin

Contents. Deployment: Automated Installation of Cygwin .. Introduction to Open Source About this Book The Origins of Open Source The Three Cs Should an Administrator Care About Open Source? Understanding the Open Source Licenses What Hardware and Software

More information

Open-Source Robotics and Process Control Cookbook

Open-Source Robotics and Process Control Cookbook Open-Source Robotics and Process Control Cookbook This page intentionally left blank Open-Source Robotics and Process Control Cookbook Designing and Building Robust, Dependable Real-Time Systems by Lewin

More information

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last revised 10-4-17 KonBoot Get into any account without the password Works on Windows and Linux No longer free Link Ch 5r From the

More information

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last revised 1-11-17 KonBoot Get into any account without the password Works on Windows and Linux No longer free Link Ch 5r From the

More information

B a s h s c r i p t i n g

B a s h s c r i p t i n g 8 Bash Scripting Any self-respecting hacker must be able to write scripts. For that matter, any selfrespecting Linux administrator must be able to script. Hackers often need to automate commands, sometimes

More information

Structured Parallel Programming Patterns for Efficient Computation

Structured Parallel Programming Patterns for Efficient Computation Structured Parallel Programming Patterns for Efficient Computation Michael McCool Arch D. Robison James Reinders ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

ISDP 2018 Industry Skill Development Program In association with

ISDP 2018 Industry Skill Development Program In association with ISDP 2018 Industry Skill Development Program In association with Penetration Testing What is penetration testing? Penetration testing is simply an assessment in a industry computer network to test the

More information

Who Am I. Chris Gates

Who Am I. Chris Gates Metasploit Basics Who Am I Chris Gates CISSP, GCIH, CPTS, CEH, A+, Network+, Security+, MCP 2003 Columnist on EthicalHacker.net VP of Operations LearnSecurityOnline.com Why am I here Talk about the Metasploit

More information

CSC 5930/9010 Offensive Security: OSINT

CSC 5930/9010 Offensive Security: OSINT CSC 5930/9010 Offensive Security: OSINT Professor Henry Carter Spring 2019 Recap Designing shellcode requires intimate knowledge of assembly, system calls, and creative combinations of operations But allows

More information

Ethical Hacking Foundation Exam Syllabus

Ethical Hacking Foundation Exam Syllabus 1 Table of contents Table of contents... 2 Exam Syllabus: Ethical Hacking Foundation... 3 Context... 3 Course objectives... 3 Target audience... 3 Prerequisites... 4 Exam information... 4 Examination details...

More information

Kali Linux Network Scanning Cookbook Books

Kali Linux Network Scanning Cookbook Books Kali Linux Network Scanning Cookbook Books Over 90 hands-on recipes explaining how to leverage custom scripts and integrated tools in Kali Linux to effectively master network scanningabout This Book Learn

More information

MPEG-l.MPEG-2, MPEG-4

MPEG-l.MPEG-2, MPEG-4 The MPEG Handbook MPEG-l.MPEG-2, MPEG-4 Second edition John Watkinson PT ^PVTPR AMSTERDAM BOSTON HEIDELBERG LONDON. NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Focal Press is an

More information

Structured Parallel Programming

Structured Parallel Programming Structured Parallel Programming Patterns for Efficient Computation Michael McCool Arch D. Robison James Reinders ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

PTC Mathcad Prime 3.0

PTC Mathcad Prime 3.0 Essential PTC Mathcad Prime 3.0 A Guide for New and Current Users Brent Maxfield, P.E. AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO @ Academic

More information

Relational Database Design Clearly Explained Second Edition The Morgan Kaufmann Series In Data Management Systems By Harrington Jan L 2002 Paperback

Relational Database Design Clearly Explained Second Edition The Morgan Kaufmann Series In Data Management Systems By Harrington Jan L 2002 Paperback Relational Database Design Clearly Explained Second Edition The Morgan Kaufmann Series In Data Management We have made it easy for you to find a PDF Ebooks without any digging. And by having access to

More information

HTML5 MOBILE WEBSITES

HTML5 MOBILE WEBSITES HTML5 MOBILE WEBSITES HTML5 MOBILE WEBSITES TURBOCHARGING HTML5 WITH jquery MOBILE, SENCHA TOUCH, AND OTHER FRAMEWORKS MATTHEW DAVID AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO

More information

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security HTML PHP Database Linux Operating System and Networking: LINUX NETWORKING Information Gathering:

More information

Complete PCB Design Using OrCad Capture and Layout

Complete PCB Design Using OrCad Capture and Layout Complete PCB Design Using OrCad Capture and Layout By Kraig Mitzner Amsterdam Boston Heidelberg London New York Oxford Paris San Diego San Francisco Singapore Sydney Tokyo Newnes is an imprint of Elsevier

More information

POST-EXPLOITATION WITH WINDOWS POWERSHELL

POST-EXPLOITATION WITH WINDOWS POWERSHELL POST-EXPLOITATION WITH WINDOWS POWERSHELL Jerold Hoong, OSCP Associate, Singapore 27 th May 2015 ASPAC Hacknet Conference and Security Training Agenda No. CHAPTER 1 PowerShell 101 2 Exploitation Frameworks

More information

"Charting the Course... Intermediate PHP & MySQL Course Summary

Charting the Course... Intermediate PHP & MySQL Course Summary Course Summary Description In this PHP training course, students will learn to create database-driven websites using PHP and MySQL or the database of their choice. The class also covers SQL basics. Objectives

More information

Eleventh Hour Network+ Exam N Study Guide

Eleventh Hour Network+ Exam N Study Guide Eleventh Hour Network+ Exam N10-004 Study Guide Syngress Eleventh Hour Series Eleventh Hour Linux+: Exam XK1-003 Study Guide ISBN: 978-1-59749-497-7 Graham Speake Eleventh Hour Security+: Exam SYO-201

More information

TexSaw Penetration Te st in g

TexSaw Penetration Te st in g TexSaw Penetration Te st in g What is penetration testing? The process of breaking something or using something for an unintended used case for the purpose of bettering the system or application. This

More information

Definitive Guide to PENETRATION TESTING

Definitive Guide to PENETRATION TESTING Definitive Guide to PENETRATION TESTING Chapter 1 Getting To Know Penetration Testing A. What is Penetration Testing? Penetration Testing, pen testing, or ethical hacking is the process of assessing an

More information

FPGAs: Instant Access

FPGAs: Instant Access FPGAs: Instant Access Clive"Max"Maxfield AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO % ELSEVIER Newnes is an imprint of Elsevier Newnes Contents

More information

Database Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER

Database Concepts. David M. Kroenke UNIVERSITATSBIBLIOTHEK HANNOVER Database Concepts Fifth Edition David M. Kroenke David J. Auer ^111 I ii i.111 111 n.n jiiim^ TECHNISCHE INFORMATIOMSBiBLIOTHEK UNIVERSITATSBIBLIOTHEK HANNOVER j TIB/UB Hannover Prentice Hall Boston Columbus

More information

Computer Architecture A Quantitative Approach

Computer Architecture A Quantitative Approach Computer Architecture A Quantitative Approach Third Edition John L. Hennessy Stanford University David A. Patterson University of California at Berkeley With Contributions by David Goldberg Xerox Palo

More information

C o n t e n t S i n D e ta i l FOrewOrd by Matt Graeber xii PreFaCe xvii C# CraSH COurSe FuzzinG and exploiting xss and SQL injection

C o n t e n t S i n D e ta i l FOrewOrd by Matt Graeber xii PreFaCe xvii C# CraSH COurSe FuzzinG and exploiting xss and SQL injection Foreword by Matt Graeber xii Preface xvii Why Should I Trust Mono?... xviii Who Is This Book For?... xviii Organization of This Book... xix Acknowledgments... xxi A Final Note... xxi 1 C# Crash Course

More information

Essential MATLAB for Engineers and Scientists

Essential MATLAB for Engineers and Scientists Essential MATLAB for Engineers and Scientists Third edition Brian D. Hahn and Daniel T. Valentine ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY

More information

PYTHON. p ykos vtawynivis. Second eciitiovl. CO Ve, WESLEY J. CHUN

PYTHON. p ykos vtawynivis. Second eciitiovl. CO Ve, WESLEY J. CHUN CO Ve, PYTHON p ykos vtawynivis Second eciitiovl WESLEY J. CHUN. PRENTICE HALL Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney

More information

Hackveda Training - Ethical Hacking, Networking & Security

Hackveda Training - Ethical Hacking, Networking & Security Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass

More information

Principles of ICT Systems and Data Security

Principles of ICT Systems and Data Security Principles of ICT Systems and Data Security Ethical Hacking Ethical Hacking What is ethical hacking? Ethical Hacking It is a process where a computer security expert, who specialises in penetration testing

More information

Chris Simpkins (Georgia Tech) CS 2316 Data Manipulation for Engineers Python Overview 1 / 9

Chris Simpkins (Georgia Tech) CS 2316 Data Manipulation for Engineers Python Overview 1 / 9 http://xkcd.com/353/ Chris Simpkins (Georgia Tech) CS 2316 Data Manipulation for Engineers Python Overview 1 / 9 Python Python is a general-purpose programming language, meaning you can write any kind

More information

Networked Graphics 01_P374423_PRELIMS.indd i 10/27/2009 6:57:42 AM

Networked Graphics 01_P374423_PRELIMS.indd i 10/27/2009 6:57:42 AM Networked Graphics Networked Graphics Building Networked Games and Virtual Environments Anthony Steed Manuel Fradinho Oliveira AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Practical UML Statecharts in C/C++

Practical UML Statecharts in C/C++ Practical UML Statecharts in C/C++ Event-Driven Programming for Embedded Systems 2nd Edition Miro Samek ELSEVIER AMSTERDAM. BOSTON. HEIDELBERG LONDON NEW YORK. OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

ARCHITECTURE DESIGN FOR SOFT ERRORS

ARCHITECTURE DESIGN FOR SOFT ERRORS ARCHITECTURE DESIGN FOR SOFT ERRORS Shubu Mukherjee ^ШВпШшр"* AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO T^"ТГПШГ SAN FRANCISCO SINGAPORE SYDNEY TOKYO ^ P f ^ ^ ELSEVIER Morgan

More information

Features of Netcat. Abstract. Keywords. I. Introduction. II. History. Jeffrey Kurcz School of Computer Science University of Windsor

Features of Netcat. Abstract. Keywords. I. Introduction. II. History. Jeffrey Kurcz School of Computer Science University of Windsor Features of Netcat Jeffrey Kurcz School of Computer Science University of Windsor kurcz@uwindsor.ca Abstract This paper discusses the many uses that Netcat can perform for many different tasks that need

More information

The Essential Guide to Video Processing

The Essential Guide to Video Processing The Essential Guide to Video Processing Second Edition EDITOR Al Bovik Department of Electrical and Computer Engineering The University of Texas at Austin Austin, Texas AMSTERDAM BOSTON HEIDELBERG LONDON

More information

"Charting the Course... MOC C: Automating Administration with Windows PowerShell. Course Summary

Charting the Course... MOC C: Automating Administration with Windows PowerShell. Course Summary Course Summary Description This course provides students with the fundamental knowledge and skills to use Windows PowerShell for administering and automating administration of Windows servers. This course

More information

Cross Platform Penetration Testing Suite

Cross Platform Penetration Testing Suite Cross Platform Penetration Testing Suite Ms. Shyaml Virnodkar, Rahul Gupta, Tejas Bharambe 1Asst Professor, Department of Computer Engineering, K J Somaiya Institute of Engineering and Information Technology,

More information

Ethical Hacking Foundation Certification Training - Brochure

Ethical Hacking Foundation Certification Training - Brochure Ethical Hacking Foundation Certification Training - Brochure Discover vulnerabilities legally and protect your systems from being hacked Course Name : Ethical Hacking Foundation Version : INVL_Ethical

More information

Editing: A Guide for Beginning and Intermediate Users

Editing: A Guide for Beginning and Intermediate Users Avid @ Editing: A Guide for Beginning and Intermediate Users Second Edition by Sam Kauffmann AMSTERDAM BOSTON LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO An imprint of Elsevier

More information

A Model for Penetration Testing

A Model for Penetration Testing A Model for Penetration Testing Chuck Easttom Collin College Professional Development chuck@chuckeasttom.com Research Gate Publication Abstract Penetration testing is an increasingly integral part of cyber

More information

Foreword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1

Foreword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1 Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network

More information

Engineering Real- Time Applications with Wild Magic

Engineering Real- Time Applications with Wild Magic 3D GAME ENGINE ARCHITECTURE Engineering Real- Time Applications with Wild Magic DAVID H. EBERLY Geometric Tools, Inc. AMSTERDAM BOSTON HEIDELRERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

Avid Editing A Guide for Beginning and Intermediate Users

Avid Editing A Guide for Beginning and Intermediate Users Avid Editing A Guide for Beginning and Intermediate Users Fourth Edition Sam Kauffmann JP4sf fff #-*йж.., ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE

More information

Certified Network Security Open Source Software Developer VS-1145

Certified Network Security Open Source Software Developer VS-1145 Certified Network Security Open Source Software Developer VS-1145 www.vskills.in Certified Network Security Open Source Software Developer Certified Network Security Open Source Software Developer Certification

More information

Host Hardening Achieve or Avoid. Nilesh Kapoor Auckland 2016

Host Hardening Achieve or Avoid. Nilesh Kapoor Auckland 2016 Host Hardening Achieve or Avoid Nilesh Kapoor Auckland 2016 Introduction Nilesh Kapoor Senior Security Consultant @ Aura Information Security Core 8 years experience in Security Consulting Co- Author Security

More information

Contents in Detail. Acknowledgments

Contents in Detail. Acknowledgments Acknowledgments xix Introduction What s in This Book... xxii What Is Ethical Hacking?... xxiii Penetration Testing... xxiii Military and Espionage... xxiii Why Hackers Use Linux... xxiv Linux Is Open Source....

More information

"Charting the Course... Enterprise Linux Security Administration Course Summary

Charting the Course... Enterprise Linux Security Administration Course Summary Course Summary Description This highly technical course focuses on properly securing machines running the Linux operating systems. A broad range of general security techniques such as user/group policies,

More information

M (~ Computer Organization and Design ELSEVIER. David A. Patterson. John L. Hennessy. University of California, Berkeley. Stanford University

M (~ Computer Organization and Design ELSEVIER. David A. Patterson. John L. Hennessy. University of California, Berkeley. Stanford University T H I R D EDITION REVISED Computer Organization and Design THE HARDWARE/SOFTWARE INTERFACE David A. Patterson University of California, Berkeley John L. Hennessy Stanford University With contributions

More information

Rendering with mental ray and 3ds Max

Rendering with mental ray and 3ds Max Rendering with mental ray and 3ds Max Rendering with mental ray and 3ds Max Second Edition Joep van der Steen Ted Boardman AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO

More information

Programming in Python

Programming in Python COURSE DESCRIPTION This course presents both the programming interface and the techniques that can be used to write procedures in Python on Unix / Linux systems. COURSE OBJECTIVES Each participant will

More information

Advanced Diploma on Information Security

Advanced Diploma on Information Security Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic

More information

CYBERSECURITY PROFESSIONAL PENETRATION TESTER

CYBERSECURITY PROFESSIONAL PENETRATION TESTER 2018 CYBERSECURITY PROFESSIONAL PENETRATION TESTER DIVERGENCE ACADEMY 11/3/2018 TABLE OF CONTENTS NETWORK EXPLOITATION AND PENTESTING... 4 WIRELESS PENTESTING AND NETWORK EXPLOITATION... 6 PYTHON FOR PENTESTERS...

More information

NETWORK EXPLOITATION USING METASPLOIT FRAMEWORK

NETWORK EXPLOITATION USING METASPLOIT FRAMEWORK NETWORK EXPLOITATION USING METASPLOIT FRAMEWORK M R S. B. S I N D H I Y A M. P H I L ASSISTANT PROFESSOR DEPARTMENT OF COMPUTER SCIENCE SRI KRISHNA ARTS AND SCIENCE COLLEGE COIMBATORE, INDIA. mail4sini.1@gmail.com

More information

SQL Queries. for. Mere Mortals. Third Edition. A Hands-On Guide to Data Manipulation in SQL. John L. Viescas Michael J. Hernandez

SQL Queries. for. Mere Mortals. Third Edition. A Hands-On Guide to Data Manipulation in SQL. John L. Viescas Michael J. Hernandez SQL Queries for Mere Mortals Third Edition A Hands-On Guide to Data Manipulation in SQL John L. Viescas Michael J. Hernandez r A TT TAddison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco

More information

Basics of executing a penetration test

Basics of executing a penetration test Basics of executing a penetration test 25.04.2013, WrUT BAITSE guest lecture Bernhards Blumbergs, CERT.LV Outline Reconnaissance and footprinting Scanning and enumeration System exploitation Outline Reconnaisance

More information