DESCRIPTION
The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:
1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.
2. Sockets – The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same – communication over TCP and UDP, sockets are implemented differently in nearly ever language.
3. Shellcode – Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access.
4. Porting – Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not “recreate the wheel.”
5. Coding Tools – The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.
KEY
SELLING POINTS
- Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits.
- Perform zero-day exploit forensics by reverse engineering malicious code.
- Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks.
MARKET
INFORMATION
Software exploits are being created more easily and faster than ever, while attackers are launching more sophisticated attacks for financial gain. Software vulnerabilities and targeted attacks remain a primary area of concern for organizations and individuals. According to the annual “Symantec Security Threat Report” More than 1,237 new vulnerabilities were discovered between January 1 and June 30, 2004, an average of 48 new vulnerabilities per week. Seventy percent of these vulnerabilities were considered easy to exploit, and 96 percent were considered moderately or highly severe. This book will teach readers HOW these exploits were developed, WHY the code was vulnerable to begin with and WHAT they can do to stop the next exploit.
RELATED
SYNGRESS TITLES
ISBN: 1932266658, Hacking the Code: ASP.NET Web Application Security
COMPETING
TITLES
0201786958, Exploiting Software : How to Break Code, Greg Hoglund, Gary McGraw
0764544683, The Shellcoder’s Handbooks, Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
The competing titles both focus on exploiting particular operating systems or applications. Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Writing Security Tools goes beyond simply writing exploits and provides readers with a thorough examination complete with working code examples of the fundamental building blocks of software applications, software exploits and customized security tools to defeat future attacks.
ABOUT
THE AUTHOR
James C. Foster, Fellow is the Deputy Director of Global Security Solution Development for Computer Sciences Corporation where he is responsible for the vision and development of physical, personnel, and data security solutions. Preceding CSC, Foster was the Director of Research and Development for Foundstone Inc. (acquired by McAfee) and was responsible for all aspects of product, consulting, and corporate R&D initiatives. Prior to joining Foundstone, Foster was an Executive Advisor and Research Scientist with Guardent Inc. (acquired by Verisign) and an adjunct author at Information Security Magazine(acquired by TechTarget), subsequent to working as Security Research Specialist for the Department of Defense. With his core competencies residing in high-tech remote management, international expansion, application security, protocol analysis, and search algorithm technology, Foster has conducted numerous code reviews for commercial OS components, Win32 application assessments, and reviews on commercial-grade cryptography implementations.
Foster is a seasoned speaker and has presented throughout North America at conferences, technology forums, security summits, and research symposiums with highlights at the Microsoft Security Summit, BlackHat USA, BlackHat Windows, MIT Wireless Research Forum, SANS, MilCon, TechGov, InfoSec World 2001, and the Thomson Security Conference. He also is commonly asked to comment on pertinent security issues and has been sited in USAToday, Information Security Magazine, Baseline, Computer World, Secure Computing, and the MIT Technologist. Foster holds an A.S., B.S., MBA and numerous technology and management certifications and has attended or conducted research at the Yale School of Business, Harvard University, the University of Maryland, and is currently a Fellow at University of Pennsylvania’s Wharton School of Business.
Foster is also a well published author with multiple commercial and educational papers; and has authored, contributed, or edited for major publications to include Snort 2.0, Snort 2.1, Hacking Exposed 4th Ed, Special Ops Security, Anti-Hacker Toolkit 2nd Ed, Advanced Intrusion Detection, Hacking the Code, Anti-Spam Toolkit, and the upcoming Google Hacking: Penetration Techniques.
TECHNOLOGY
BACKGROUND
Malicious hackers; cyber-criminals; and worm and virus writers have historically had an advantage over security professionals and software developers. Over the past two years, the number of severs software vulnerabilities exploited by these malicious hackers has more than doubled. During the same period, the amount of time from discovery to exploit of software vulnerabilities has decreased by more than 50%. Translation: There are twice as many software vulnerabilities being exploited twice as fast as ever before. The only way for security professionals and software developers to stop this trend is to:
1. Develop applications with fewer vulnerabilities.
2. Discover the vulnerabilities in existing applications before the malicious hackers do.
This book will teach readers how to accomplish both of these tasks. |
