{"title":"Computer fraud and hacking Books","description":"","products":[{"product_id":"cybersecurity-and-cyberwar-9780199918119","title":"Cybersecurity and Cyberwar","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eDependence on computers has had a transformative effect on human society. Cybernetics is now woven into the core functions of virtually every basic institution, including our oldest ones. War is one such institution, and the digital revolution''s impact on it has been profound. The American military, which has no peer, is almost completely reliant on high-tech computer systems. Given the Internet''s potential for full-spectrum surveillance and information disruption, the marshaling of computer networks represents the next stage of cyberwar. Indeed, it is upon us already. The recent Stuxnet episode, in which Israel fed a malignant computer virus into Iran''s nuclear facilities, is one such example. Penetration into US government computer systems by Chinese hackers-presumably sponsored by the Chinese government-is another. Together, they point to a new era in the evolution of human conflict. In Cybersecurity: What Everyone Needs to Know, noted experts Peter W. Singer and Allan Friedman lay out how the revolution in military cybernetics occurred and explain where it is headed. They begin with an explanation of what cyberspace is before moving on to discussions of how it can be exploited and why it is so hard to defend. Throughout, they discuss the latest developments in military and security technology. Singer and Friedman close with a discussion of how people and governments can protect themselves. In sum, Cybersecurity is the definitive account on the subject for the educated layman who wants to know more about the nature of war, conflict, and security in the twenty first century.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003eIn our digital age, the issues of cybersecurity are no longer just for the technology crowd; they matter to us all. Whether you work in business or politics, the military or the media -- or are simply an ordinary citizen -- this is an essential read. * Eric Schmidt, Executive Chairman, Google *\u003cbr\u003eThis is the most approachable and readable book ever written on the cyber world. The authors have distilled the key facts and policy, provided sensible recommendations, and opened the debate generally to any informed citizen: a singular achievement. A must read for practitioners and scholars alike. * Admiral James Stavridis, U.S. Navy (Ret), former Supreme Allied Commander at NATO *\u003cbr\u003eIn confronting the cybersecurity problem, it's important for all of us to become knowledgeable and involved. This book makes that possible -- and also fascinating. It's everything you need to know about cybersecurity, wonderfully presented in a clear and smart way. * Walter Isaacson, author of Steve Jobs *\u003cbr\u003eIf you read only one book about 'all this cyberstuff,' make it this one. Singer and Friedman know how to make even the most complicated material accessible and even entertaining, while at the same time making a powerful case for why all of us need to know more and think harder about the (cyber)world we know live in. * Anne-Marie Slaughter, President, the New America Foundation *\u003cbr\u003eSinger and Friedman do a highly credible job of documenting the present and likely future risky state of cyber-affairs. This is a clarion call. * Vint Cerf, \"Father of the Internet,\" Presidential Medal of Freedom winner *\u003cbr\u003eI loved this book. Wow. Until I read this astonishing and important book, I didn't know how much I didn't know about the hidden world of cybersecurity and cyberwar. Singer and Friedman make comprehensible an impossibly complex subject, and expose the frightening truth of just how vulnerable we are. Understanding these often-invisible threats to our personal and national security is a necessary first step toward defending ourselves against them. This is an essential read. * Howard Gordon, Executive Producer of 24 and co-creator of Homeland *\u003cbr\u003eSinger and Friedman blend a wonderfully easy to follow FAQ format with engaging prose, weaving explanations of the elements of cybersecurity with revealing anecdotes. From the fundamentals of Internet architecture to the topical intrigue of recent security leaks, this book provides an accessible and enjoyable analysis of the current cybersecurity landscape and what it could look like in the future. * Jonathan Zittrain, Professor of Law and Computer Science at Harvard University, author of The Future of the Internet - And How to Stop It *\u003cbr\u003eCybersecurity and Cyberwar: What Everyone Needs To Know aims to demystify \"cyber stuff\" and arm readers - from the everyday Internet user to the policymaker - with the necessary tools to better understand cybersecurity and the threats that face it ... Essential reading for anyone interested in national security. * Politico *\u003cbr\u003eMore than anything else, the book is a reality check If you're completely ignorant about malware and cyberattacks, this is the book for you. And if you think you know a lot about these topics, this is still the book for you. It's thorough, exhaustive, and easy to read. And it eloquently simplifies every complicated issue, challenging widespread notions about cybersecurity and cyberwar. In this extremely approachable book, Singer and Friedman may have very well told us all we need to know about cybersecurity and cyberwar. Now it's up to us all to work together to make the Internet a better place. * Mashable *\u003cbr\u003eThe easy-to-read style, sprinkled with colloquial language, humor, and anecdotes, will make the book particularly engagingPerhaps most importantly, this book will be a significant contribution to building a deeper understanding and a common base of knowledge around cybersecurity issues. This, in turn, may serve as a foundation for enabling policymakers, scholars, and citizens to begin building a crucial dialogue and much-needed conversation around how to approach, understand, and deal with the important policy implications of cybersecurity and cyberwar. * E-International Relations *\u003cbr\u003eA sobering indictment of the current US cybersecurity policy, which has so far been characterized by a dangerous mix of ignorance and shrill hysteria over oft-warned-about but not-yet-realized \"cyber Pearl Harbor\" catastrophes ... Singer and Friedman cut through this alarmist rhetoric, demystifying technical jargon with simple questions like \"How Does The Internet Actually Work?\"; \"What Is Hacktivism?\"; and \"Do We Need A Cyberspace Treaty?\" The result is an honest, well-researched appraisal of the impact of cyber threats, and the potential solutions for cybersecurity. * Vice Magazine \"Motherboard\" *\u003cbr\u003eLawyers, consider this your official warning about cybersecurity ... A thorough, comprehensible, and sometimes entertaining explanation of the digital revolution, how we got here, and what lies ahead. * NC Lawyers Weekly *\u003cbr\u003eAn impressively comprehensive guide to one of the least understood arenas of modern life. * Popular Science *\u003cbr\u003eIn writing Cybersecurity and Cyberwar: What Everyone Needs To Know, authors Peter W. Singer and Allan Friedman do what few cybersecurity and war scholars do: They tie together the history of the generative Internet, and its foundations in curiosity and experimentation, with the politico-military cyber security community housed in government. They connect the dots between technological traits and their insecurities. And they tell the stories of the people, not just the machines. In the book, Singer and Friedman break down to building blocks what Internet and the World Wide Web are made of, then use those to build back up to sophisticated concepts and information ... At its core, Cybersecurity and Cyberwar makes the point that cybersecurity risk is human risk. * ThinkProgress *\u003cbr\u003eexposes serious ignorance and incompetence in surprisingly high places. * Australia Broadcasting Corporation *\u003cbr\u003eThough it's concise, at 300 pages, the guide covers cyber issues, both personal and global, with easy-to-understand explanations and engaging stories. * The Charlotte Observer *\u003cbr\u003eThe pace of global digitization, and the widespread lack of understanding of related security risks, is a ticking time bomb ... If you don't know your asymmetric cryptography from your spear phishing, this is a thoughtful introduction. * Nature *\u003cbr\u003eIn short, this book is a genuine must-read for anyone interested in cyber security issues, regardless of their background or level of expertise. Singer and Friedman present a lucid, concise and highly informative breakdown of current cyber security matters and their implications at the global, state, corporate and individual levels. Aside from the highly informative arguments and evidence featured in this book, the style in which it is written allows it to appeal to both experts and newcomers to the subject of cyber security. We can say no more than this book is essential reading in the modern world. * Monitor *\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e1. Why cyberspace is wonderfulEL and complicated ;   What is cyberspace? ;   Why do people talk about the difference of a networked world? ;   How does the Internet actually work? ;   Who owns this thing? ;   WaitEL You mean no one runs the internet? ;   What can governments do online? What are the limits of state power? ;   Just how dependent are we on cyberspace? ; 2. Security and Insecurity Online ;   What do we mean by a \u0026lt;\"secure\u0026gt;\" system? ;   What is the difference between an attack on a network and an attack on a system? ;   How does anti-virus software work? ;   How do you defend a network? ;   Why is anonymity a problem online? Why is it relatively easy to act without accountability? ;   How can you authenticate some one to be sure they are who they say they are? ;   How do we keep data secure in cyberspace? ; 3. Threats and Bad Actors ; o Differentiating threats ; o Value at risk ;   What are the bad guys after? What can you really do with a computer? ;   What's the worst you can do? Can a hacker really turn off the power grid? ; o Different motivations of attackers ; o Different types of attacks ; o What is Cyber Terrorism, actually? ;   What does \"cyberwarfare\" mean? ;   How are countries militarizing cyberspace? Why? ;   So if we just built better systems, could we have a secure internet? ; 4. Case Studies \/ Examples of attacks ; o Aurora \/ Google {phishing, attribution} ; o Stuxnet {Critical infrastructure, intelligence} ; o Wikileaks data breach \u0026amp; fallout {data protection, DoS} ; o Israel-Syria Air Defense {Cyber-Kinetic Crossover, cyberwar} ; - ; 5. Why securing cyberspace is hard ;   What are some mechanisms that enable us to trust systems or data? ;   What is the difference between espionage and exploitation? ;   Why not just write better software? ;   Why can't network operators detect bad behavior? ;   Why security through obscurity doesn't work ;   How do we know what has happened after a cyber incident? ;   How does the rise in \u0026lt;\"cloud computing\u0026gt;\" change the dynamics of cyber security? ;   What makes mobile computing different? ;   If everyone's systems are vulnerable, can't defenders just interrupt the attacker's systems? ;   Why is it so hard to know who the attackers are? ;   Why does attribution matter? ;   How do we measure a cyber risk? ;   Why aren't users able to protect themselves? ;   Don't vendors and service providers have enough incentives to provide good security? ;   Why aren't companies investing enough to protect themselves? ; 6. International Dimensions ;   What changes when cyber problems cross international borders? ;   How do countries differ in their approach to cyberspace? ;   Who has the biggest cyber armies? ;   What constitutes an act of war? ;   How does law enforcement deal with international boundaries? ;   What are existing international organizations currently doing? ;   What international treaties are in place? ;   Why don't the classic models of military deterrence work for cyberspace? ;   What are the obstacles to international cooperation to resolve cybersecurity issues? ; 7.The path forward to a more secure cyberspace ;   It sounds like every aspect of modern life is vulnerable. Are things really that bad? ;   Why can't we just re-built the technology to prevent bad behavior? ;   Can we impose accountability through national control of cyberspace? ;   How can private firms be incentivized to internalize their risk? ;   If a company or government agency was willing to invest in cyber security defenses, what would stand in their way? ;   Can internet service providers do more to identity and stop bad behavior? ;   How can we make it harder for bad actors to profit from successful attacks ;   What can I do to protect myself?","brand":"Oxford University Press Inc","offers":[{"title":"Default Title","offer_id":48732890661207,"sku":"9780199918119","price":10.44,"currency_code":"GBP","in_stock":true}]},{"product_id":"the-manager-9781739808709","title":"The Manager","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eIn the City of London, the scent of money and power lingers in the corridors of the shiny office buildings and clings to the suits of the men who work in them. Chasing that scent is the only thing that matters.   But not to Katy Daly. She has spent her life working in the City, but wealth and power are things granted to other people. Her childhood was shattered by the pursuit of them, and since then she's coasted along on a course of risk-avoidance and underachieving.   Then Katy starts working for Riley Daniels, the beautiful and charismatic CEO of Byrsa, one of the most successful yet secretive tech companies in the world. Katy can't help but be fascinated by this clever, fiercely ambitious woman making it in a man's world. Riley has a way of making her wonder if there could be more to life than letting other people shape your destiny.  But power comes at a cost. As Katy is drawn deeper into Riley's intoxicating world, she is forced to confront who she is, who she has become, and how far she will go to protect Riley's secrets - and her own.","brand":"WBE Creative","offers":[{"title":"Default Title","offer_id":48740939858263,"sku":"9781739808709","price":8.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781739808709.jpg?v=1720056087"},{"product_id":"crime-dot-com-from-viruses-to-vote-rigging-how-hacking-went-global-9781789144437","title":"Crime Dot Com: From Viruses to Vote Rigging, How","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eOn 4 May 2000, an email that read ‘kindly check the attached LOVELETTER’  was sent from Philippines. Attached was a virus, the Love Bug, and  within days it had paralysed banks, broadcasters and businesses across  the globe. The age of Crime Dot Com had begun. Geoff White charts the  astonishing development of hacking, from its birth among the ruins of  the Eastern Bloc to its coming of age as the most pervasive threat to  our connected world. He takes us inside the workings of real-life  cybercrimes, revealing how the tactics of high-tech crooks are now being  harnessed by nation states. From Ashley Madison to election rigging, Crime Dot Com is a thrilling account of hacking, past and present, and of what the future might hold.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e‘Arguing that cybercrime has grown in power and in danger, journalist White offers a well-written, expertly researched examination of the topic. Relying on published reports and in-depth interviews, the author looks at three different facets: cybercrime gangs, 'hacktivist' movements, and ways in which nation states use cybercrimes. White is at his best when describing this seemingly legally sanctioned hacking, such as in Russia and North Korea. In vivid detail, he explores the 2015 raid on Bangladesh’s Central Bank; the movement Anonymous, which has made attacks on governments; and ways in which data is hacked for profit . . . This is a fascinating, often gripping read, and a solid update to Brian Krebs’s Spam Nation . . . For true crime and technology enthusiasts in search of an overview of cybercrime.’ — Library Journal ‘Journalist White uses the stories of different hacks, dating from the 1980s to the 2016 election, to connect illicit activity on the earliest Internet forums to today's cyberattacks by hacktivists and state-sanctioned hacking teams. He humanizes this history by highlighting the people behind the tech: the Filipino student who unleashed the Love Bug, one of the first global cyberattacks to rely on psychological manipulation; the former cybercriminal who worked with the FBI to bring down Silk Road, a dark Web black market for illegal drugs (a scheme that involved him faking his own death); and the audio producer who lost thousands of dollars in a scam that exploited personal information stolen from telecommunications company TalkTalk.’ — Scientific American ‘Beginning with a tour of hacks from the 1980s through to the 2016 election (and a thrilling account of the 2015 Bangladesh Central Bank heist), this is a fascinating primer on the dangers of the cyber underworld, which includes hacktivist movements, cyber gangs, and nation-state attacks.’ — Globe and Mail, Toronto ‘Brilliantly researched and written, Crime Dot Com is a vivid insight into the scale of the threat to us all from crime born of and facilitated by the digital age.’ — Jon Snow, Channel 4 News ‘Geoff White is one of the most authoritative reporters on cybercrime and Crime Dot Com is an informative, accessible and entertaining tour of the cyber underworld. If you want to understand everything from ransomware to nation state attacks on key infrastructure this is an excellent primer.’ — Rory Cellan-Jones, BBC News ‘Geoff White offers up a comprehensive and intelligible account of the elusive world of hacking and cybercrime over the last two decades. He ranges from the lone hacktivist to state-sponsored surveillance, from the Love Bug to the Lazarus Group, from Snowden’s revelations to the Huawei controversy. His book is, thankfully, jargon-free, keeping a tight focus on the humans involved rather than the technology. It is lively, insightful and, often, alarming.’ — Ewen MacAskill, former Chief Political Correspondent for the Guardian ‘Geoff White writes with insight and flair about a subject that concerns everyone – or should do. Criminals, hooligans, hostile state actors and terrorists attack our computers and networks every minute of every day. Our money, security and freedom are at risk. Yet the public is still pitifully unaware of the threats we face – and what we need to do to protect ourselves at an individual, business and government level. Crime Dot Com joins the dots, painting a well-informed, easy-to-understand and up-to-date picture of the mounting dangers caused by our complacency, greed and ignorance.’ — Edward Lucas, author of Deception: Spies, Lies and How Russia Dupes the West","brand":"Reaktion Books","offers":[{"title":"Default Title","offer_id":48741663670615,"sku":"9781789144437","price":11.69,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781789144437.jpg?v=1720058338"},{"product_id":"the-art-of-deception-9780471237129","title":"The Art of Deception","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eThe world''s most infamous hacker offers an insider''s view of the low-tech threats to high-tech security\u003cbr\u003e Kevin Mitnick''s exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world''s most notorious hacker gives new meaning to the old adage, It takes a thief to catch a thief.\u003cbr\u003e Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illust\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e“…authoritative…” (\u003ci\u003eRetail Systems\u003c\/i\u003e, December 2005)  \u003cp\u003eMitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie \u003ci\u003eWarGames\u003c\/i\u003e. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's description of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific -- better stuff is available on the Internet—but it teaches the timeless spirit of th e hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxication sense of power that comes from stalking and spying. (Oct.)\u003cbr\u003e \u003cb\u003eForecast:\u003c\/b\u003e Mitnick's notoriety and his well written, entertaining stories should generate positive word-of-mouth. With the double appeal of a true-crime memoir and a manual for computer security, this book will enjoy good sales. (\u003ci\u003ePublishers Weekly\u003c\/i\u003e, June 24, 2002)\u003c\/p\u003e \u003cp\u003e\"...an interesting read...\" (www.infosecnews.com, 17 July 2002)\u003c\/p\u003e \u003cp\u003e\"...highly entertaining...will appeal to a broad audience...\" (\u003ci\u003ePublishing News\u003c\/i\u003e, 26 July 2002)\u003c\/p\u003e \u003cp\u003eThe world's most famous computer hacker and cybercult hero, once the subject of a massive FBI manhunt for computer fraud, has written a blueprint for system security based on his own experiences. Mitnick, who was released from federal prison in 1998 after serving a 22-month term, explains that unauthorized intrusion into computer networks is not limited to exploiting security holes in hardware and software. He focuses instead on a common hacker technique known as social engineering in which a cybercriminal deceives an individual into providing key information rather than trying to use technology to reveal it. Mitnick illustrates the tactics comprising this \"art of deception\" through actual case studies, showing that even state-of-the-art security software can't protect businesses from the dangers of human error. With Mitnick's recommended security policies, readers gain the information their organizations need to detect and ward off the threat of social engineering. Required reading for IT professionals, this book is highly recommended for public, academic, and corporate libraries. [This should not be confused with Ridley Pearson's new thriller, \u003ci\u003eThe Art of Deception\u003c\/i\u003e. —Ed]—Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL (\u003ci\u003eLibrary Journal\u003c\/i\u003e, August 2002)\u003c\/p\u003e \u003cp\u003eHe was the FBI's most-wanted hacker. But in his own eyes, Mitnick was simply a small-time con artist with an incredible memory, a knack for social engineering, and an enemy at \u003ci\u003eThe New York Times\u003c\/i\u003e. That foe, John Markoff, made big bucks selling two books about Mitnick - without ever interviewing him. This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story. (\u003ci\u003eWIRED\u003c\/i\u003e Magazine, October 2002)\u003c\/p\u003e \u003cp\u003eKevin Mitnick spent five years in jail at the federal authorities' behest, but \u003ci\u003eThe Art of Deception: Controlling the Human Element of Security\u003c\/i\u003e (Kevin Mitnick and William Simon), reveals that he was no lowly grifter. Rather, by impersonating others in order to talk guileless employees out of access protocols, Mr. Mitnick was practicing \"the performance art called social engineering.\"\u003cbr\u003e While every society has had its demimonde-like the Elizabethan coney catchers who duped visitors to 16th-century London--it's in the United States that con artists assumedlegendary status. The definitive book is still The Big Con from 1940 (Anchor Books), which commemorates a golden age already receding when it was published: the grifters it describes--like the High Ass Kid and Slobbering Bob--thrived between 1914 and 1929, when technological advances and unparalleled prosperity generated a roller-coaster stock market.\u003cbr\u003e That sounds a lot like the past decade. So how did the culture of the con do during the Internet era? On Mr. Mitnick's evidence, it flourished and evolved. The Art of Deception is itself a bit of a fraud as far as advice on upgrading security. But the book does deliver on \"social engineering\" exercises. Some aren't even illegal and Mr. Mitnick -- weasel that he is -- lovingly records their most elaborate convolutions. One way or another, you'll find the information useful. (\u003ci\u003eRed Herring\u003c\/i\u003e, October 2002)\u003c\/p\u003e \u003cp\u003e\"Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'\" (\u003ci\u003eWired.com\u003c\/i\u003e, October 3, 2002)\u003c\/p\u003e \u003cp\u003eFinally someone is on to the real cause of data security breaches--stupid humans. Notorious hacker Kevin Mitnick--released from federal prison in January 2000 and still on probation--reveals clever tricks of the \"social engineering\" trade and shows how to fend them off in \u003ci\u003eThe Art of Deception: Controlling the Human Element of Security\u003c\/i\u003e (Wiley, $27.50).\u003cbr\u003e Most of the book, coauthored by William Simon (not the one running for governor of California), is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security--information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development. The rest lays out a fairly draconian plan of action for companies that want to strengthen their defenses. Takeaway: You can put all the technology you want around critical information, but all it takes to break through is one dolt who gives up his password to a \"colleague\" who claims to be working from the Peoria office.\u003cbr\u003e What's useful about this book is its explanation of risks in seemingly innocuous systems few people think about. The caller ID notification that proves you're talking to a top executive of your firm? Easily forged. The password your assistant logs in with? Easily guessed. The memos you toss into the cheap office shredder? Easily reconstructed. The extension that you call in the IT department? Easily forwarded.\u003cbr\u003e Physical security can be compromised, too. It's not hard to gain access to a building by \"piggybacking\" your way in the door amid the happy throng returning from lunch. You'd better have confidence in your IT professionals, because they're likely to have access to everything on the corporate system, including your salary and personal information. Mitnick offers some ideas for plugging these holes, like color-coded ID cards with really big photos.\u003cbr\u003e Implementing the book's security action plan in full seems impossible, but it's a good idea to warn employees from the boss down to the receptionist and janitors not to give out even innocuous information to people claiming to be helpful IT folks without confirming their identity--and to use things like encryption technology as fallbacks. Plenty of would-be Mitnicks--and worse--still ply their trade in spaces cyber and psychological. --S.M. (\u003ci\u003eForbes Magazine\u003c\/i\u003e - October 14, 2002)\u003c\/p\u003e \u003cp\u003e\"...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else.\" (\u003ci\u003eCNN.com\u003c\/i\u003e's Technology section, October 9, 2002)\u003c\/p\u003e \u003cp\u003e\"...engaging style...fascinating true stories...\" (The CBL Source, October\/December 2002)\u003c\/p\u003e \u003cp\u003e\"…the book describes how people can get information without even stepping near a computer…\" (CNN, 16 October 2002)\u003c\/p\u003e \u003cp\u003e\"…each vignette reads like a mini-cybermystery thriller…I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate…\" (zdnet.co.uk, 15 October 2002)\u003c\/p\u003e \u003cp\u003e\"…details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems…the book is scary in ways that computer security texts usually do not manage to be…\" (BBC online, 14 October 2002)\u003c\/p\u003e \u003cp\u003e\"…more educational than tell-all…\" (Forbes, 2 October 2002)\u003c\/p\u003e \u003cp\u003e\"…would put a shiver into anyone responsible for looking after valuable computer data…the exploits are fictional but realistic…the book is about hacking peoples heads…\" (The Independent, 21 October 2002)\u003c\/p\u003e \u003cp\u003e\"…the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed…provides a solid basis for staff training on security…\" (Information Age, October 2002)\u003c\/p\u003e \u003cp\u003e\"…should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature…\" (Unix Review, 18 October 2002\u003c\/p\u003e \u003cp\u003e\"…disturbingly convincing…\" (Fraud Watch, Vol.10, No.5, 2002\u003c\/p\u003e \u003cp\u003e\"…the worlds most authoritative handbook…an unputdownable succession of case studies…chilling…trust me, Kevin Mitnick is right…\" (Business a.m, 29 October 2002)\u003c\/p\u003e \u003cp\u003e\"…a damn good read…I would expect to see it as required reading on courses that cover business security…Should you read this book? On several levels the answer has to be yes. If you run your own business, work in one, or just want a good read, this is worth it…\" (Acorn User, 29 October 2002)\u003c\/p\u003e \u003cp\u003e\"...the analysis of individual cases is carried out thoroughly...ultimately, the value of the book is that it may encourage security managers to be more assiduous in teaching their staff to check the identities of the people they deal with, and better corporate security will be the result...\" (ITWeek, 1 November 2002)\u003c\/p\u003e \u003cp\u003e\"...a penetrating insight into the forgotten side of computer security...\" (IT Week, 4 November 2002)\u003c\/p\u003e \u003cp\u003e\"...a highly entertaining read...Mitnick has a laid-back style which makes the book easy to read and of great interest, even to those of us who have no interest in computers...\" (Business Age, September 2002)\u003c\/p\u003e \u003cp\u003e\"...one of the hacker gurus of our time...makes it abundantly clear that everyone can be fooled and cheated by the professionals....\" (\u003ci\u003eThe Times Higher Education Supplement\u003c\/i\u003e, 15 November 2002)\u003c\/p\u003e \u003cp\u003e\"...focuses on teaching companies how to defeat someone like him…full of specific examples of the ways apparently innocent bits of information can be stitched together to mount a comprehensive attack on an organisation's most prized information...\" (\u003ci\u003eNew Scientist\u003c\/i\u003e, 23 November 2002)\u003c\/p\u003e \u003cp\u003e\"...all simple things, little titbits of seemingly innocuous information, which when gathered together give the hacker the power to cripple the biggest corporation or the smallest home business...\" (\u003ci\u003eNew Media Age\u003c\/i\u003e, 14 November 2002)\u003c\/p\u003e \u003cp\u003e\"…highly acclaimed…a fascinating account…\" (Information Security Management, November 2002)\u003c\/p\u003e \u003cp\u003e\"...His new book, The Art of Deception, presents itself as a manual to help companies defeat hackers...\" Also listed in recommended reading list (The Guardian, 13 December 2002)\u003c\/p\u003e \u003cp\u003e“…gets it’s point across and contains some valuable pointers…”(MacFormat, January 2003)\u003c\/p\u003e \u003cp\u003e“…supremely educational…a sexy way to hammer home a relevant point…what makes it sing is the clear information that Mitnick brings to the table…”(Business Week, 8 January 2003)\u003c\/p\u003e \u003cp\u003e“…Indispensable…”(Focus, February 2003)\u003c\/p\u003e \u003cp\u003e\"...incredibly intriguing...a superb book which would be beneficial for anyone to read...\" (\u003ci\u003eTelecomworldwire\u003c\/i\u003e, 4 February 2003)\u003c\/p\u003e \u003cp\u003e\"...a good overview of one of the most neglected aspects of computer security...\" (\u003ci\u003eTechnology and Society\u003c\/i\u003e, 7 February 2003)\u003c\/p\u003e \u003cp\u003e\"...fascinating to read...should strike fear into the hearts of commercial computer security departments...\" (Business Week, 3 September 2003)\u003c\/p\u003e \u003cp\u003e\"...a penetrating insight into the forgotten side of computer security...\" (Accountancy Age, 19 February 2003)\u003c\/p\u003e \u003cp\u003eTop 10 Popular Science Books (New Scientist, 21 February f2003)\u003c\/p\u003e \u003cp\u003e\"...should be assigned as required reading in every IT department...excellent advice...\" (Electronic Commerce Guide, 12 February 2003)\u003c\/p\u003e \u003cp\u003e“…an interesting and educational read for anyone with a role to play in corporate security…”(Computer Business Review, 6 March 2003)\u003c\/p\u003e \u003cp\u003e“…if you were not having security nightmares before, read this book and you certainly will…” (IT Showcase News, 6 March 2003)\u003c\/p\u003e \u003cp\u003e“….easy to understand and actually fun to read…”(Slashdot, 6 March 2003)\u003c\/p\u003e \u003cp\u003e“…a good read, well written…” (Managing Information, March 2003)\u003c\/p\u003e \u003cp\u003e“…structured like a mini detective story series…the unfolding attacks are compulsive reading…” (Aberdeen Evening Express, 7 June 21003)\u003c\/p\u003e \u003cp\u003e“…a real eye-opener…well written and produced…an easy and valuable read…” (Accounting Web, 19 June 2003)\u003c\/p\u003e \u003cp\u003e“…a superb book which would be beneficial for anyone to read…” (M2 Best Books, 4 February 2003)\u003c\/p\u003e \u003cp\u003e“…the insights for earlier chapters are fascinationg, and that alone makes it worth blagging a copy for review…”(Mute, Summer\/Autumn 2003)\u003c\/p\u003e \u003cp\u003e“…a good read, well-written…this accessibility makes it doubly important…” (Managing Information – 5 star rating, October 2003)\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eForeword.\u003cbr\u003e \u003cbr\u003e Preface.\u003cbr\u003e \u003cbr\u003e Introduction.\u003cbr\u003e \u003cbr\u003e Part 1: Behind the Scenes.\u003cbr\u003e \u003cbr\u003e Chapter 1: Security's Weakest Link.\u003cbr\u003e \u003cbr\u003e Part 2: The Art of the Attacker.\u003cbr\u003e \u003cbr\u003e Chapter 2: When Innocuous Information Isn't.\u003cbr\u003e \u003cbr\u003e Chapter 3: The Direct Attack: Just Asking for It.\u003cbr\u003e \u003cbr\u003e Chapter 4: Building Trust.\u003cbr\u003e \u003cbr\u003e Chapter 5: \"Let Me Help You\".\u003cbr\u003e \u003cbr\u003e Chapter 6: \"Can You Help Me?\".\u003cbr\u003e \u003cbr\u003e Chapter 7: Phony Sites and Dangerous Attachments.\u003cbr\u003e \u003cbr\u003e Chapter 8: Using Sympathy, Guilt, and Intimidation.\u003cbr\u003e \u003cbr\u003e Chapter 9: The Reverse Sting.\u003cbr\u003e \u003cbr\u003e Part 3: Intruder Alert.\u003cbr\u003e \u003cbr\u003e Chapter 10: Entering the Premises.\u003cbr\u003e \u003cbr\u003e Chapter 11: Combining Technology and Social Engineering.\u003cbr\u003e \u003cbr\u003e Chapter 12: Attacks on the Entry-Level Employee.\u003cbr\u003e \u003cbr\u003e Chapter 13: Clever Cons.\u003cbr\u003e \u003cbr\u003e Chapter 14: Industrial Espionage.\u003cbr\u003e \u003cbr\u003e Part 4: Raising the Bar.\u003cbr\u003e \u003cbr\u003e Chapter 15: Information Security Awareness and Training.\u003cbr\u003e \u003cbr\u003e Chapter 16: Recommended Corporate Information Security Policies.\u003cbr\u003e \u003cbr\u003e Security at a Glance.\u003cbr\u003e \u003cbr\u003e Sources.\u003cbr\u003e \u003cbr\u003e Acknowledgements.\u003cbr\u003e \u003cbr\u003e Index.","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":48864645841239,"sku":"9780471237129","price":28.8,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780471237129.jpg?v=1722272875"},{"product_id":"hacking-the-hacker-9781119396215","title":"Hacking the Hacker","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eMeet the world's top ethical hackers and explore the tools of the trade    Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eForeword xxxi\u003c\/p\u003e \u003cp\u003eIntroduction xxxiii\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 What Type of Hacker Are You? 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eMost Hackers Aren’t Geniuses 2\u003c\/p\u003e \u003cp\u003eDefenders Are Hackers Plus 3\u003c\/p\u003e \u003cp\u003eHackers Are Special 3\u003c\/p\u003e \u003cp\u003eHackers Are Persistent 4\u003c\/p\u003e \u003cp\u003eHacker Hats 4\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 How Hackers Hack 9\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Secret to Hacking 10\u003c\/p\u003e \u003cp\u003eThe Hacking Methodology 11\u003c\/p\u003e \u003cp\u003eHacking Is Boringly Successful 20\u003c\/p\u003e \u003cp\u003eAutomated Malware as a Hacking Tool 20\u003c\/p\u003e \u003cp\u003eHacking Ethically 21\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 Profile: \u003ci\u003eBruce Schneier\u003c\/i\u003e   23\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eBruce Schneier\u003c\/i\u003e 26\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 Social Engineering   27\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSocial Engineering Methods 27\u003c\/p\u003e \u003cp\u003ePhishing 27\u003c\/p\u003e \u003cp\u003eTrojan Horse Execution 28\u003c\/p\u003e \u003cp\u003eOver the Phone 28\u003c\/p\u003e \u003cp\u003ePurchase Scams 28\u003c\/p\u003e \u003cp\u003eIn-Person 29\u003c\/p\u003e \u003cp\u003eCarrot or Stick 29\u003c\/p\u003e \u003cp\u003eSocial Engineering Defenses 30\u003c\/p\u003e \u003cp\u003eEducation 30\u003c\/p\u003e \u003cp\u003eBe Careful of Installing Software from Third-Party Websites 30\u003c\/p\u003e \u003cp\u003eEV Digital Certificates   31\u003c\/p\u003e \u003cp\u003eGet Rid of Passwords 31\u003c\/p\u003e \u003cp\u003eAnti–Social Engineering Technologies 31\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 Profile: \u003ci\u003eKevin Mitnick\u003c\/i\u003e   33\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eKevin Mitnick \u003c\/i\u003e37\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 Software Vulnerabilities   39\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eNumber of Software Vulnerabilities 39\u003c\/p\u003e \u003cp\u003eWhy Are Software Vulnerabilities Still a Big Problem? 40\u003c\/p\u003e \u003cp\u003eDefenses Against Software Vulnerabilities 41\u003c\/p\u003e \u003cp\u003eSecurity Development Lifecycle 41\u003c\/p\u003e \u003cp\u003eMore Secure Programming Languages 42\u003c\/p\u003e \u003cp\u003eCode and Program Analysis 42\u003c\/p\u003e \u003cp\u003eMore Secure Operating Systems 42\u003c\/p\u003e \u003cp\u003eThird-Party Protections and Vendor Add-Ons 42\u003c\/p\u003e \u003cp\u003ePerfect Software Won’t Cure All Ills 43\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 Profile: \u003ci\u003eMichael Howard\u003c\/i\u003e 45\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eMichael Howard\u003c\/i\u003e 49\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 Profile: \u003ci\u003eGary McGraw\u003c\/i\u003e 51\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eGary McGraw\u003c\/i\u003e 54\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9 Malware   55\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eMalware Types 55\u003c\/p\u003e \u003cp\u003eNumber of Malware Programs 56\u003c\/p\u003e \u003cp\u003eMostly Criminal in Origin 57\u003c\/p\u003e \u003cp\u003eDefenses Against Malware 58\u003c\/p\u003e \u003cp\u003eFully Patched Software 58\u003c\/p\u003e \u003cp\u003eTraining 58\u003c\/p\u003e \u003cp\u003eAnti-Malware Software 58\u003c\/p\u003e \u003cp\u003eApplication Control Programs 59\u003c\/p\u003e \u003cp\u003eSecurity Boundaries 59\u003c\/p\u003e \u003cp\u003eIntrusion Detection 59\u003c\/p\u003e \u003cp\u003e\u003cb\u003e10 Profile: \u003ci\u003eSusan Bradley\u003c\/i\u003e 61\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on Susan Bradley 63\u003c\/p\u003e \u003cp\u003e\u003cb\u003e11 Profile: \u003ci\u003eMark Russinovich\u003c\/i\u003e   65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More on \u003ci\u003eMark Russinovich\u003c\/i\u003e 68\u003c\/p\u003e \u003cp\u003e\u003cb\u003e12 Cryptography 69\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Is Cryptography? 69\u003c\/p\u003e \u003cp\u003eWhy Can’t Attackers Just Guess All the Possible Keys? 70\u003c\/p\u003e \u003cp\u003eSymmetric Versus Asymmetric Keys 70\u003c\/p\u003e \u003cp\u003ePopular Cryptography 70\u003c\/p\u003e \u003cp\u003eHashes 71\u003c\/p\u003e \u003cp\u003eCryptographic Uses 72\u003c\/p\u003e \u003cp\u003eCryptographic Attacks 72\u003c\/p\u003e \u003cp\u003eMath Attacks 72\u003c\/p\u003e \u003cp\u003eKnown Ciphertext\/Plaintext 73\u003c\/p\u003e \u003cp\u003eSide Channel Attacks 73\u003c\/p\u003e \u003cp\u003eInsecure Implementations 73\u003c\/p\u003e \u003cp\u003e\u003cb\u003e13 Profile: \u003ci\u003eMartin Hellman\u003c\/i\u003e   75\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eMartin Hellman\u003c\/i\u003e 79\u003c\/p\u003e \u003cp\u003e\u003cb\u003e14 Intrusion Detection\/APTs   81\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTraits of a Good Security Event Message 82\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats (APTs) 82\u003c\/p\u003e \u003cp\u003eTypes of Intrusion Detection 83\u003c\/p\u003e \u003cp\u003eBehavior-Based 83\u003c\/p\u003e \u003cp\u003eSignature-Based 84\u003c\/p\u003e \u003cp\u003eIntrusion Detection Tools and Services 84\u003c\/p\u003e \u003cp\u003eIntrusion Detection\/Prevention Systems 84\u003c\/p\u003e \u003cp\u003eEvent Log Management Systems 85\u003c\/p\u003e \u003cp\u003eDetecting Advanced Persistent Threats (APTs) 85\u003c\/p\u003e \u003cp\u003e\u003cb\u003e15 Profile: \u003ci\u003eDr. Dorothy E. Denning\u003c\/i\u003e   87\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eDr Dorothy E Denning\u003c\/i\u003e 90\u003c\/p\u003e \u003cp\u003e\u003cb\u003e16 Profile: \u003ci\u003eMichael Dubinsky\u003c\/i\u003e 91\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eMichael Dubinsky\u003c\/i\u003e 93\u003c\/p\u003e \u003cp\u003e\u003cb\u003e17 Firewalls 95\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Is a Firewall? 95\u003c\/p\u003e \u003cp\u003eThe Early History of Firewalls 95\u003c\/p\u003e \u003cp\u003eFirewall Rules 97\u003c\/p\u003e \u003cp\u003eWhere Are Firewalls? 97\u003c\/p\u003e \u003cp\u003eAdvanced Firewalls 98\u003c\/p\u003e \u003cp\u003eWhat Firewalls Protect Against 98\u003c\/p\u003e \u003cp\u003e\u003cb\u003e18 Profile: \u003ci\u003eWilliam Cheswick\u003c\/i\u003e   101\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eWilliam Cheswick\u003c\/i\u003e 105\u003c\/p\u003e \u003cp\u003e\u003cb\u003e19 Honeypots 107\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat Is a Honeypot? 107\u003c\/p\u003e \u003cp\u003eInteraction 108\u003c\/p\u003e \u003cp\u003eWhy Use a Honeypot? 108\u003c\/p\u003e \u003cp\u003eCatching My Own Russian Spy 109\u003c\/p\u003e \u003cp\u003eHoneypot Resources to Explore 110\u003c\/p\u003e \u003cp\u003e\u003cb\u003e20 Profile: \u003ci\u003eLance Spitzner\u003c\/i\u003e   111\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eLance Spitzner\u003c\/i\u003e 114\u003c\/p\u003e \u003cp\u003e\u003cb\u003e21 Password Hacking   115\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAuthentication Components 115\u003c\/p\u003e \u003cp\u003ePasswords 116\u003c\/p\u003e \u003cp\u003eAuthentication Databases 116\u003c\/p\u003e \u003cp\u003ePassword Hashes   116\u003c\/p\u003e \u003cp\u003eAuthentication Challenges   116\u003c\/p\u003e \u003cp\u003eAuthentication Factors   117\u003c\/p\u003e \u003cp\u003eHacking Passwords   117\u003c\/p\u003e \u003cp\u003ePassword Guessing 117\u003c\/p\u003e \u003cp\u003ePhishing   118\u003c\/p\u003e \u003cp\u003eKeylogging 118\u003c\/p\u003e \u003cp\u003eHash Cracking   118\u003c\/p\u003e \u003cp\u003eCredential Reuse 119\u003c\/p\u003e \u003cp\u003eHacking Password Reset Portals   119\u003c\/p\u003e \u003cp\u003ePassword Defenses   119\u003c\/p\u003e \u003cp\u003eComplexity and Length 120\u003c\/p\u003e \u003cp\u003eFrequent Changes with No Repeating 120\u003c\/p\u003e \u003cp\u003eNot Sharing Passwords Between Systems 120\u003c\/p\u003e \u003cp\u003eAccount Lockout 121\u003c\/p\u003e \u003cp\u003eStrong Password Hashes 121\u003c\/p\u003e \u003cp\u003eDon’t Use Passwords   121\u003c\/p\u003e \u003cp\u003eCredential Theft Defenses 121\u003c\/p\u003e \u003cp\u003eReset Portal Defenses 122\u003c\/p\u003e \u003cp\u003e\u003cb\u003e22 Profile: \u003ci\u003eDr. Cormac Herley\u003c\/i\u003e   123\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eDr. Cormac Herley\u003c\/i\u003e 126\u003c\/p\u003e \u003cp\u003e\u003cb\u003e23 Wireless Hacking   127\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Wireless World 127\u003c\/p\u003e \u003cp\u003eTypes of Wireless Hacking   127\u003c\/p\u003e \u003cp\u003eAttacking the Access Point 128\u003c\/p\u003e \u003cp\u003eDenial of Service 128\u003c\/p\u003e \u003cp\u003eGuessing a Wireless Channel Password 128\u003c\/p\u003e \u003cp\u003eSession Hijacking 128\u003c\/p\u003e \u003cp\u003eStealing Information 129\u003c\/p\u003e \u003cp\u003ePhysically Locating a User 129\u003c\/p\u003e \u003cp\u003eSome Wireless Hacking Tools 129\u003c\/p\u003e \u003cp\u003eAircrack-Ng 130\u003c\/p\u003e \u003cp\u003eKismet 130\u003c\/p\u003e \u003cp\u003eFern Wi-Fi Hacker 130\u003c\/p\u003e \u003cp\u003eFiresheep 130\u003c\/p\u003e \u003cp\u003eWireless Hacking Defenses 130\u003c\/p\u003e \u003cp\u003eFrequency Hopping 130\u003c\/p\u003e \u003cp\u003ePredefined Client Identification   131\u003c\/p\u003e \u003cp\u003eStrong Protocols 131\u003c\/p\u003e \u003cp\u003eLong Passwords   131\u003c\/p\u003e \u003cp\u003ePatching Access Points   131\u003c\/p\u003e \u003cp\u003eElectromagnetic Shielding   131\u003c\/p\u003e \u003cp\u003e\u003cb\u003e24 Profile: \u003ci\u003eThomas d’Otreppe de Bouvette\u003c\/i\u003e   133\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eThomas d’Otreppe de Bouvette\u003c\/i\u003e 135\u003c\/p\u003e \u003cp\u003e\u003cb\u003e25 Penetration Testing   137\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eMy Penetration Testing Highlights   137\u003c\/p\u003e \u003cp\u003eHacked Every Cable Box in the Country   137\u003c\/p\u003e \u003cp\u003eSimultaneously Hacked a Major Television Network and Pornography 138\u003c\/p\u003e \u003cp\u003eHacked a Major Credit Card Company   138\u003c\/p\u003e \u003cp\u003eCreated a Camera Virus   139\u003c\/p\u003e \u003cp\u003eHow to Be a Pen Tester   139\u003c\/p\u003e \u003cp\u003eHacker Methodology   139\u003c\/p\u003e \u003cp\u003eGet Documented Permission First 140\u003c\/p\u003e \u003cp\u003eGet a Signed Contract 140\u003c\/p\u003e \u003cp\u003eReporting 140\u003c\/p\u003e \u003cp\u003eCertifications   141\u003c\/p\u003e \u003cp\u003eBe Ethical 145\u003c\/p\u003e \u003cp\u003eMinimize Potential Operational Interruption 145\u003c\/p\u003e \u003cp\u003e\u003cb\u003e26 Profile: \u003ci\u003eAaron Higbee\u003c\/i\u003e   147\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eAaron Higbee\u003c\/i\u003e 149\u003c\/p\u003e \u003cp\u003e\u003cb\u003e27 Profile: \u003ci\u003eBenild Joseph\u003c\/i\u003e   151\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eBenild Joseph\u003c\/i\u003e   153\u003c\/p\u003e \u003cp\u003e\u003cb\u003e28 DDoS Attacks 155\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTypes of DDoS Attacks   155\u003c\/p\u003e \u003cp\u003eDenial of Service 155\u003c\/p\u003e \u003cp\u003eDirect Attacks 156\u003c\/p\u003e \u003cp\u003eReflection Attacks 156\u003c\/p\u003e \u003cp\u003eAmplification 156\u003c\/p\u003e \u003cp\u003eEvery Layer in the OSI Model   157\u003c\/p\u003e \u003cp\u003eEscalating Attacks 157\u003c\/p\u003e \u003cp\u003eUpstream and Downsteam Attacks 157\u003c\/p\u003e \u003cp\u003eDDoS Tools and Providers 158\u003c\/p\u003e \u003cp\u003eTools 158\u003c\/p\u003e \u003cp\u003eDDoS as a Service 158\u003c\/p\u003e \u003cp\u003eDDoS Defenses   159\u003c\/p\u003e \u003cp\u003eTraining   159\u003c\/p\u003e \u003cp\u003eStress Testing   159\u003c\/p\u003e \u003cp\u003eAppropriate Network Configuration 159\u003c\/p\u003e \u003cp\u003eEngineer Out Potential Weak Points   159\u003c\/p\u003e \u003cp\u003eAnti-DDoS Services 160\u003c\/p\u003e \u003cp\u003e\u003cb\u003e29 Profile: \u003ci\u003eBrian Krebs\u003c\/i\u003e 161\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eBrian Krebs\u003c\/i\u003e 164\u003c\/p\u003e \u003cp\u003e\u003cb\u003e30 Secure OS 165\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHow to Secure an Operating System 166\u003c\/p\u003e \u003cp\u003eSecure-Built OS 166\u003c\/p\u003e \u003cp\u003eSecure Guidelines 168\u003c\/p\u003e \u003cp\u003eSecure Configuration Tools 169\u003c\/p\u003e \u003cp\u003eSecurity Consortiums 169\u003c\/p\u003e \u003cp\u003eTrusted Computing Group 169\u003c\/p\u003e \u003cp\u003eFIDO Alliance 169\u003c\/p\u003e \u003cp\u003e\u003cb\u003e31 Profile: \u003ci\u003eJoanna Rutkowska\u003c\/i\u003e 171\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eJoanna Rutkowska\u003c\/i\u003e   173\u003c\/p\u003e \u003cp\u003e\u003cb\u003e32 Profile: \u003ci\u003eAaron Margosis\u003c\/i\u003e   175\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eAaron Margosis\u003c\/i\u003e   179\u003c\/p\u003e \u003cp\u003e\u003cb\u003e33 Network Attacks   181\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTypes of Network Attacks 181\u003c\/p\u003e \u003cp\u003eEavesdropping 182\u003c\/p\u003e \u003cp\u003eMan-in-the-Middle Attacks 182\u003c\/p\u003e \u003cp\u003eDistributed Denial-of-Service Attacks 183\u003c\/p\u003e \u003cp\u003eNetwork Attack Defenses 183\u003c\/p\u003e \u003cp\u003eDomain Isolation 183\u003c\/p\u003e \u003cp\u003eVirtual Private Networks 183\u003c\/p\u003e \u003cp\u003eUse Secure Protocols and Applications 183\u003c\/p\u003e \u003cp\u003eNetwork Intrusion Detection 184\u003c\/p\u003e \u003cp\u003eAnti-DDoS Defenses 184\u003c\/p\u003e \u003cp\u003eVisit Secure Web Sites and Use Secure Services 184\u003c\/p\u003e \u003cp\u003e\u003cb\u003e34 Profile: \u003ci\u003eLaura Chappell\u003c\/i\u003e 185\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eLaura Chappell\u003c\/i\u003e 188\u003c\/p\u003e \u003cp\u003e\u003cb\u003e35 IoT Hacking 189\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHow Do Hackers Hack IoT? 189\u003c\/p\u003e \u003cp\u003eIoT Defenses 190\u003c\/p\u003e \u003cp\u003e\u003cb\u003e36 Profile: \u003ci\u003eDr. Charlie Miller\u003c\/i\u003e 193\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eDr. Charlie Miller\u003c\/i\u003e 198\u003c\/p\u003e \u003cp\u003e\u003cb\u003e37 Policy and Strategy 201\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eStandards 201\u003c\/p\u003e \u003cp\u003ePolicies 202\u003c\/p\u003e \u003cp\u003eProcedures 203\u003c\/p\u003e \u003cp\u003eFrameworks 203\u003c\/p\u003e \u003cp\u003eRegulatory Laws 203\u003c\/p\u003e \u003cp\u003eGlobal Concerns 203\u003c\/p\u003e \u003cp\u003eSystems Support 204\u003c\/p\u003e \u003cp\u003e\u003cb\u003e38 Profile: \u003ci\u003eJing de Jong-Chen\u003c\/i\u003e 205\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eJing de Jong-Chen\u003c\/i\u003e 209\u003c\/p\u003e \u003cp\u003e\u003cb\u003e39 Threat Modeling  211\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhy Threat Model?  211\u003c\/p\u003e \u003cp\u003eThreat Modeling Models 212\u003c\/p\u003e \u003cp\u003eThreat Actors  213\u003c\/p\u003e \u003cp\u003eNation-States  213\u003c\/p\u003e \u003cp\u003eIndustrial Hackers  213\u003c\/p\u003e \u003cp\u003eFinancial Crime 213\u003c\/p\u003e \u003cp\u003eHacktivists 214\u003c\/p\u003e \u003cp\u003eGamers 214\u003c\/p\u003e \u003cp\u003eInsider Threats 214\u003c\/p\u003e \u003cp\u003eOrdinary, Solitary Hackers or Hacker Groups 214\u003c\/p\u003e \u003cp\u003e\u003cb\u003e40 Profile: \u003ci\u003eAdam Shostack\u003c\/i\u003e 217\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eAdam Shostack\u003c\/i\u003e 220\u003c\/p\u003e \u003cp\u003e\u003cb\u003e41 Computer Security Education 221\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eComputer Security Training Topics 222\u003c\/p\u003e \u003cp\u003eEnd-User\/Security Awareness Training 222\u003c\/p\u003e \u003cp\u003eGeneral IT Security Training 222\u003c\/p\u003e \u003cp\u003eIncident Response 222\u003c\/p\u003e \u003cp\u003eOS and Application-Specific Training 223\u003c\/p\u003e \u003cp\u003eTechnical Skills 223\u003c\/p\u003e \u003cp\u003eCertifications 223\u003c\/p\u003e \u003cp\u003eTraining Methods 224\u003c\/p\u003e \u003cp\u003eOnline Training 224\u003c\/p\u003e \u003cp\u003eBreak into My Website 224\u003c\/p\u003e \u003cp\u003eSchools and Training Centers 224\u003c\/p\u003e \u003cp\u003eBoot Camps 225\u003c\/p\u003e \u003cp\u003eCorporate Training 225\u003c\/p\u003e \u003cp\u003eBooks 225\u003c\/p\u003e \u003cp\u003e\u003cb\u003e42 Profile: \u003ci\u003eStephen Northcutt\u003c\/i\u003e  227\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eStephen Northcutt\u003c\/i\u003e 230\u003c\/p\u003e \u003cp\u003e\u003cb\u003e43 Privacy 231\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePrivacy Organizations 232\u003c\/p\u003e \u003cp\u003ePrivacy-Protecting Applications 233\u003c\/p\u003e \u003cp\u003e\u003cb\u003e44 Profile: \u003ci\u003eEva Galperin\u003c\/i\u003e 235\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eEva Galperin\u003c\/i\u003e 237\u003c\/p\u003e \u003cp\u003e\u003cb\u003e45 Patching  239\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePatching Facts 240\u003c\/p\u003e \u003cp\u003eMost Exploits Are Caused by Old Vulnerabilities That Patches Exist For 240\u003c\/p\u003e \u003cp\u003eMost Exploits Are Caused by a Few Unpatched Programs 240\u003c\/p\u003e \u003cp\u003eThe Most Unpatched Program Isn’t Always the Most Exploited Program 241\u003c\/p\u003e \u003cp\u003eYou Need to Patch Hardware Too 241\u003c\/p\u003e \u003cp\u003eCommon Patching Problems 241\u003c\/p\u003e \u003cp\u003eDetecting Missing Patching Isn’t Accurate 241\u003c\/p\u003e \u003cp\u003eYou Can’t Always Patch 242\u003c\/p\u003e \u003cp\u003eSome Percentage of Patching Always Fails 242\u003c\/p\u003e \u003cp\u003ePatching Will Cause Operational Issues 242\u003c\/p\u003e \u003cp\u003eA Patch Is a Globally Broadcasted Exploit Announcement 243\u003c\/p\u003e \u003cp\u003e\u003cb\u003e46 Profile: Window Snyder 245\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on Window Snyder 248\u003c\/p\u003e \u003cp\u003e\u003cb\u003e47 Writing as a Career 249\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eComputer Security Writing Outlets 250\u003c\/p\u003e \u003cp\u003eBlogs 250\u003c\/p\u003e \u003cp\u003eSocial Media Sites 250\u003c\/p\u003e \u003cp\u003eArticles   250\u003c\/p\u003e \u003cp\u003eBooks 251\u003c\/p\u003e \u003cp\u003eNewsletters 253\u003c\/p\u003e \u003cp\u003eWhitepapers 254\u003c\/p\u003e \u003cp\u003eTechnical Reviews 254\u003c\/p\u003e \u003cp\u003eConferences 254\u003c\/p\u003e \u003cp\u003eProfessional Writing Tips 255\u003c\/p\u003e \u003cp\u003eThe Hardest Part Is Starting 255\u003c\/p\u003e \u003cp\u003eRead Differently 255\u003c\/p\u003e \u003cp\u003eStart Out Free 255\u003c\/p\u003e \u003cp\u003eBe Professional 256\u003c\/p\u003e \u003cp\u003eBe Your Own Publicist 256\u003c\/p\u003e \u003cp\u003eA Picture Is Worth a Thousand Words 256\u003c\/p\u003e \u003cp\u003e\u003cb\u003e48 Profile: \u003ci\u003eFahmida Y . Rashid\u003c\/i\u003e 259\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFor More Information on \u003ci\u003eFahmida Y. Rashid\u003c\/i\u003e 262\u003c\/p\u003e \u003cp\u003e\u003cb\u003e49 Guide for Parents with Young Hackers   263\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSigns Your Kid Is Hacking 264\u003c\/p\u003e \u003cp\u003eThey Tell You They Hack 264\u003c\/p\u003e \u003cp\u003eOverly Secretive About Their Online Activities 264\u003c\/p\u003e \u003cp\u003eThey Have Multiple Email\/Social Media Accounts You Can’t Access 265\u003c\/p\u003e \u003cp\u003eYou Find Hacking Tools on the System 265\u003c\/p\u003e \u003cp\u003ePeople Complain You Are Hacking 265\u003c\/p\u003e \u003cp\u003eYou Catch Them Switching Screens Every Time You Walk into the Room 265\u003c\/p\u003e \u003cp\u003eThese Signs Could Be Normal 265\u003c\/p\u003e \u003cp\u003eNot All Hacking Is Bad 266\u003c\/p\u003e \u003cp\u003eHow to Turn Around Your Malicious Hacker 266\u003c\/p\u003e \u003cp\u003eMove Their Computers into the Main Living Area and Monitor 267\u003c\/p\u003e \u003cp\u003eGive Guidance 267\u003c\/p\u003e \u003cp\u003eGive Legal Places to Hack 267\u003c\/p\u003e \u003cp\u003eConnect Them with a Good Mentor 269\u003c\/p\u003e \u003cp\u003e\u003cb\u003e50 Hacker Code of Ethics   271\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHacker Code of Ethics 272\u003c\/p\u003e \u003cp\u003eBe Ethical, Transparent, and Honest 273\u003c\/p\u003e \u003cp\u003eDon’t Break the Law 273\u003c\/p\u003e \u003cp\u003eGet Permission 273\u003c\/p\u003e \u003cp\u003eBe Confidential with Sensitive Information 273\u003c\/p\u003e \u003cp\u003eDo No Greater Harm 273\u003c\/p\u003e \u003cp\u003eConduct Yourself Professionally 274\u003c\/p\u003e \u003cp\u003eBe a Light for Others 274\u003c\/p\u003e \u003cp\u003eIndex 275\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":48866394407255,"sku":"9781119396215","price":17.85,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119396215.jpg?v=1722278445"},{"product_id":"the-pentester-blueprint-9781119684305","title":"The Pentester BluePrint","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eJUMPSTART YOUR NEW AND EXCITING CAREER AS A PENETRATION TESTER The Pentester BluePrint: Your Guide to Being a Pentesteroffers readers a chance to delve deeply into the world of the ethical, or white-hat hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications.    You'll learn about the role of a penetration tester, what a pentest involves, and the prerequisite knowledge you'll need to start the educational journey of becoming a pentester. Discover how to develop a plan by assessing your current skillset and finding a starting place to begin growing your knowledge and skills. Finally, find out how to become employed as a pentester by using social media, networking strategies, and community involvement.    Perfect for IT workers and entry-level information security professionals,The Pentester BluePrintalso belongs on the bookshelves of anyone seeking to transition to the exciting and in-demand field of penetration testing.    Written in a highly approachable and accessible style,The Pentester BluePrintavoids unnecessarily technical lingo in favor of concrete advice and practical strategies to help you get your start in pentesting. This book will teach you: The foundations of pentesting, including basic IT skills like operating systems, networking, and security systemsThe development of hacking skills and a hacker mindsetWhere to find educational options, including college and university classes, security training providers, volunteer work, and self-studyWhich certifications and degrees are most useful for gaining employment as a pentesterHow to get experience in the pentesting field, including labs, CTFs, and bug bounties\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eForeword xvi\u003c\/p\u003e \u003cp\u003eIntroduction xviii\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 \u003c\/b\u003e\u003cb\u003eWhat is a Pentester? 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSynonymous Terms and Types of Hackers 2\u003c\/p\u003e \u003cp\u003ePentests Described 3\u003c\/p\u003e \u003cp\u003eBenefits and Reasons 3\u003c\/p\u003e \u003cp\u003eLegality and Permission 5\u003c\/p\u003e \u003cp\u003ePentest Methodology 5\u003c\/p\u003e \u003cp\u003ePre-engagement Interactions 7\u003c\/p\u003e \u003cp\u003eIntelligence Gathering 7\u003c\/p\u003e \u003cp\u003eThreat Modeling 7\u003c\/p\u003e \u003cp\u003eVulnerability Analysis 7\u003c\/p\u003e \u003cp\u003eExploitation 8\u003c\/p\u003e \u003cp\u003ePost Exploitation 8\u003c\/p\u003e \u003cp\u003eReporting 8\u003c\/p\u003e \u003cp\u003ePentest Types 9\u003c\/p\u003e \u003cp\u003eVulnerability Scanning 10\u003c\/p\u003e \u003cp\u003eVulnerability Assessments 10\u003c\/p\u003e \u003cp\u003ePentest Targets and Specializations 11\u003c\/p\u003e \u003cp\u003eGeneralist Pentesting 11\u003c\/p\u003e \u003cp\u003eApplication Pentesting 11\u003c\/p\u003e \u003cp\u003eInternet of Things (IoT) 12\u003c\/p\u003e \u003cp\u003eIndustrial Control Systems (ICS) 12\u003c\/p\u003e \u003cp\u003eHardware and Medical Devices 13\u003c\/p\u003e \u003cp\u003eSocial Engineering 13\u003c\/p\u003e \u003cp\u003ePhysical Pentesting 13\u003c\/p\u003e \u003cp\u003eTransportation Pentesting 14\u003c\/p\u003e \u003cp\u003eRed Team Pentesting 14\u003c\/p\u003e \u003cp\u003eCareer Outlook 14\u003c\/p\u003e \u003cp\u003eSummary 16\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 \u003c\/b\u003e\u003cb\u003ePrerequisite Skills 17\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSkills Required for Learning Pentesting 18\u003c\/p\u003e \u003cp\u003eOperating Systems 18\u003c\/p\u003e \u003cp\u003eNetworking 19\u003c\/p\u003e \u003cp\u003eInformation Security 19\u003c\/p\u003e \u003cp\u003ePrerequisites Learning 19\u003c\/p\u003e \u003cp\u003eInformation Security Basics 20\u003c\/p\u003e \u003cp\u003eWhat is Information Security? 21\u003c\/p\u003e \u003cp\u003eThe CIA Triad 22\u003c\/p\u003e \u003cp\u003eSecurity Controls 24\u003c\/p\u003e \u003cp\u003eAccess Control 26\u003c\/p\u003e \u003cp\u003eIncident Response 28\u003c\/p\u003e \u003cp\u003eMalware 30\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats 34\u003c\/p\u003e \u003cp\u003eThe Cyber Kill Chain 35\u003c\/p\u003e \u003cp\u003eCommon Vulnerabilities and Exposures 36\u003c\/p\u003e \u003cp\u003ePhishing and Other Social Engineering 37\u003c\/p\u003e \u003cp\u003eAirgapped Machines 38\u003c\/p\u003e \u003cp\u003eThe Dark Web 39\u003c\/p\u003e \u003cp\u003eSummary 40\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 \u003c\/b\u003e\u003cb\u003eEducation of a Hacker 43\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHacking Skills 43\u003c\/p\u003e \u003cp\u003eHacker Mindset 44\u003c\/p\u003e \u003cp\u003eThe Pentester Blueprint Formula 45\u003c\/p\u003e \u003cp\u003eEthical Hacking Areas 45\u003c\/p\u003e \u003cp\u003eOperating Systems and Applications 46\u003c\/p\u003e \u003cp\u003eNetworks 46\u003c\/p\u003e \u003cp\u003eSocial Engineering 47\u003c\/p\u003e \u003cp\u003ePhysical Security 48\u003c\/p\u003e \u003cp\u003eTypes of Pentesting 48\u003c\/p\u003e \u003cp\u003eBlack Box Testing 49\u003c\/p\u003e \u003cp\u003eWhite Box Testing 49\u003c\/p\u003e \u003cp\u003eGray Box Testing 50\u003c\/p\u003e \u003cp\u003eA Brief History of Pentesting 50\u003c\/p\u003e \u003cp\u003eThe Early Days of Pentesting 51\u003c\/p\u003e \u003cp\u003eImproving the Security of Your Site by Breaking into It 51\u003c\/p\u003e \u003cp\u003ePentesting Today 52\u003c\/p\u003e \u003cp\u003eSummary 53\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 \u003c\/b\u003e\u003cb\u003eEducation Resources 55\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Courses 55\u003c\/p\u003e \u003cp\u003ePentesting Books 56\u003c\/p\u003e \u003cp\u003ePentesting Labs 60\u003c\/p\u003e \u003cp\u003eWeb Resources 60\u003c\/p\u003e \u003cp\u003eSummary 64\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 \u003c\/b\u003e\u003cb\u003eBuilding a Pentesting Lab 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Lab Options 65\u003c\/p\u003e \u003cp\u003eMinimalist Lab 66\u003c\/p\u003e \u003cp\u003eDedicated Lab 66\u003c\/p\u003e \u003cp\u003eAdvanced Lab 67\u003c\/p\u003e \u003cp\u003eHacking Systems 67\u003c\/p\u003e \u003cp\u003ePopular Pentesting Tools 68\u003c\/p\u003e \u003cp\u003eKali Linux 68\u003c\/p\u003e \u003cp\u003eNmap 69\u003c\/p\u003e \u003cp\u003eWireshark 69\u003c\/p\u003e \u003cp\u003eVulnerability Scanning Applications 69\u003c\/p\u003e \u003cp\u003eHak5 70\u003c\/p\u003e \u003cp\u003eHacking Targets 70\u003c\/p\u003e \u003cp\u003ePentestBox 70\u003c\/p\u003e \u003cp\u003eVulnHub 71\u003c\/p\u003e \u003cp\u003eProving Grounds 71\u003c\/p\u003e \u003cp\u003eHow Pentesters Build Their Labs 71\u003c\/p\u003e \u003cp\u003eSummary 81\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 Certifications \u003c\/b\u003e\u003cb\u003eand Degrees 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Certifications 83\u003c\/p\u003e \u003cp\u003eEntry-Level Certifications 84\u003c\/p\u003e \u003cp\u003eIntermediate-Level Certifications 85\u003c\/p\u003e \u003cp\u003eAdvanced-Level Certifications 87\u003c\/p\u003e \u003cp\u003eSpecialization Web Application Pentesting Certifications 88\u003c\/p\u003e \u003cp\u003eWireless Pentesting Certifications 90\u003c\/p\u003e \u003cp\u003eMobile Pentesting Certifications 91\u003c\/p\u003e \u003cp\u003ePentesting Training and Coursework 91\u003c\/p\u003e \u003cp\u003eAcquiring Pentesting Credentials 92\u003c\/p\u003e \u003cp\u003eCertification Study Resources 99\u003c\/p\u003e \u003cp\u003eCEH v10 Certified Ethical Hacker Study Guide 100\u003c\/p\u003e \u003cp\u003eEC-Council 100\u003c\/p\u003e \u003cp\u003eQuizlet CEH v10 Study Flashcards 100\u003c\/p\u003e \u003cp\u003eHacking Wireless Networks for Dummies 100\u003c\/p\u003e \u003cp\u003eCompTIA PenTest+ Study Guide 101\u003c\/p\u003e \u003cp\u003eCompTIA PenTest+ Website 101\u003c\/p\u003e \u003cp\u003eCybrary’s Advanced Penetration Testing 101\u003c\/p\u003e \u003cp\u003eLinux Server Security: Hack and Defend 101\u003c\/p\u003e \u003cp\u003eAdvanced Penetration Testing: Hacking the World’s Most Secure Networks 102\u003c\/p\u003e \u003cp\u003eThe Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 102\u003c\/p\u003e \u003cp\u003eSummary 102\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 \u003c\/b\u003e\u003cb\u003eDeveloping a Plan 105\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSkills Inventory 105\u003c\/p\u003e \u003cp\u003eSkill Gaps 111\u003c\/p\u003e \u003cp\u003eAction Plan 112\u003c\/p\u003e \u003cp\u003eSummary 113\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 \u003c\/b\u003e\u003cb\u003eGaining Experience 115\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCapture the Flag 115\u003c\/p\u003e \u003cp\u003eBug Bounties 123\u003c\/p\u003e \u003cp\u003eA Brief History of Bug Bounty Programs 124\u003c\/p\u003e \u003cp\u003ePro Bono and Volunteer Work 125\u003c\/p\u003e \u003cp\u003eInternships 126\u003c\/p\u003e \u003cp\u003eLabs 126\u003c\/p\u003e \u003cp\u003ePentesters on Experience 126\u003c\/p\u003e \u003cp\u003eSummary 135\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9 \u003c\/b\u003e\u003cb\u003eGetting Employed as a Pentester 137\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eJob Descriptions 137\u003c\/p\u003e \u003cp\u003eProfessional Networking 138\u003c\/p\u003e \u003cp\u003eSocial Media 139\u003c\/p\u003e \u003cp\u003eRésumé and Interview Tips 139\u003c\/p\u003e \u003cp\u003eSummary 148\u003c\/p\u003e \u003cp\u003eAppendix: The Pentester Blueprint 149\u003c\/p\u003e \u003cp\u003eGlossary 155\u003c\/p\u003e \u003cp\u003eIndex 167\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":48866411086167,"sku":"9781119684305","price":21.25,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119684305.jpg?v=1722278511"},{"product_id":"crypto-wars-9781398600683","title":"Crypto Wars","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eErica Stanford \u003c\/b\u003eis a crypto and future of money expert. The founder and CEO of the UK's most recommended crypto networking and events organization, Crypto Curry Club, she publishes the weekly Crypto Currier industry newsletter as well as \u003ci\u003eBlockchain Industry Review\u003c\/i\u003e. The advisor to several crypto start-ups, she is an in-demand speaker and commentator on the potential and use cases of digital currencies. She is the guest associate lecturer in cryptocurrency at Warwick Business School and has featured in \u003ci\u003eThe Express, Finance News, Coin Rivet \u003c\/i\u003eand on the BBC. She is based in London, England.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"An accessible guide to the confusing and fast-growing world of crypto scams. If you're thinking of investing in cryptocurrency, read this first!\" * Jamie Bartlett, host of BBC podcast The Missing Cryptoqueen, author of The People Vs Tech, The Dark Net, Radicals and The Missing Cryptoqueen, presenter and journalist *\u003cbr\u003e\"Crypto has proved the quickest get-rich scheme in all history. Unfortunately, the easiest people to rip off are those hoping to get rich quick, so scam after inevitable scam has preyed on the sector. \u003cb\u003eErica Stanford's\u003c\/b\u003e page turner tells their bitter, but compelling stories.\" * Dominic Frisby, comedian, actor, MoneyWeek columnist and author of Daylight Robbery *\u003cbr\u003e\"\u003cb\u003eErica Stanford\u003c\/b\u003e covers everything that is oh so wrong and oh so right about the transformational world of cryptocurrencies. Prepare to laugh, cringe or be spooked. This book combines technology, business, mystery, fantasy and popular culture in a fascinating and enlightening way. And the best part: it's all true.\" * Anthony Day, Blockchain Partner, IBM, and host of Blockchain Won’t Save the World podcast *\u003cbr\u003e\"Fascinating read on the boom days of crypto's Initial Coin Offerings, analysing the hype that threatened to overshadow the technology. \u003cb\u003eErica Stanford\u003c\/b\u003e captures the mood and energy of the time in this greatly entertaining and insightful work.\" * Caroline Casey, Vice President, Innovation and Consumer Experience, Europe, Mastercard *\u003cbr\u003e\"In what other book could you read about the biggest Ponzi schemes in the world, espionage, an $800 billion bubble, fake death, cryptoqueens, gambling and porn - literally 50 shades of the dodgiest grey with regulators and the FBI in hot pursuit? \u003cb\u003eErica Stanford\u003c\/b\u003e brilliantly analyses the future of crypto in a world where the real future including security-backed tokens and CBDC's is only just beginning.\" * Bob Wigley, Chair UK Finance, Co-Chair, Cross Market Operational Resilience Group, Bank of England, Board Member, DIT and UK Home Office, NED, adjunct professor and author of Born Digital *\u003cbr\u003e\"The is a marvellous romp through the crazy world of cryptocurrency and its wackier elements. But as well as the fun, we get a glimpse into what might one day give the global financial system a run for its money.\" * Mike Butcher MBE, Editor-at-Large, TechCrunch *\u003cbr\u003e\"\u003cb\u003e\u003ci\u003eCrypto Wars\u003c\/i\u003e\u003c\/b\u003e is a fascinating and gripping account of human nature and its demons emerging from the frontiers of the crypto economy. It is mandatory reading for investors, regulators and builders of our financial future\" * Lex Sokolin, fintech futurist and philosopher, Founder, The Fintech Blueprint, and Head Economist, ConsenSys *\u003cbr\u003e\"This book is essential reading, especially for anyone thinking of dipping even their little toe into cryptocurrency.\" * Sara Vaughan, innovator and creator of global brands with purpose, positive change maker *\u003cbr\u003e\"\u003cb\u003e\u003ci\u003eErica Stanford\u003c\/i\u003e\u003c\/b\u003e takes readers through the complicated history of crypto hacks, scams and pump and dump schemes with such vivid detail and engaging narrative, you'll find it hard to put the book down.\" * Leslie Lamb, Head of Institutional Sales, Amber Group, and host of the Crypto Unstacked podcast *\u003cbr\u003e\"As the market booms it's timely that someone has done justice to the extraordinary story of crypto - this unputdownable book captures the fun and the ups and the downs. It's a mesmeric read.\" * Charlie Kerrigan, Partner and Global Head of Fintech, CMS *\u003cbr\u003e\"\u003cb\u003eErica Stanford's\u003c\/b\u003e entertaining exploration of the world of scams, grifts, frauds and fantasies serves as a reminder that while on the one hand there is nothing new under the sun, on the other hand we have barely begun to understand the impact of cryptocurrency.\" * David Birch, author of The Currency Cold War and international adviser and commentator on digital financial services *","brand":"Kogan Page Ltd","offers":[{"title":"Default Title","offer_id":48866637644119,"sku":"9781398600683","price":15.29,"currency_code":"GBP","in_stock":true}]},{"product_id":"hackers-9781449388393","title":"Hackers","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eSteven Levy's classic book about the original hackers of the computer revolution is now available in a special 25th anniversary edition, with updated material from noteworthy hackers such as Bill Gates, Mark Zukerberg, Richard Stallman, and Tim O'Reilly.","brand":"O'Reilly Media","offers":[{"title":"Default Title","offer_id":48867118088535,"sku":"9781449388393","price":21.59,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781449388393.jpg?v=1722281775"},{"product_id":"this-is-how-they-tell-me-the-world-ends-a-true-story-9781526652539","title":"This Is How They Tell Me the World Ends: A True","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eWINNER OF THE FT \u0026amp; McKINSEY BUSINESS BOOK OF THE YEAR AWARD 2021\u003c\/b\u003e  \u003cb\u003eThe instant \u003ci\u003eNew York Times \u003c\/i\u003ebestseller\u003c\/b\u003e \u003cb\u003eA \u003ci\u003eFinancial Times \u003c\/i\u003eand \u003ci\u003eThe Times \u003c\/i\u003eBook of the Year\u003c\/b\u003e \u003cb\u003e 'A terrifying exposé' \u003ci\u003eThe Times\u003c\/i\u003e 'Part John le Carré . . . Spellbinding' \u003ci\u003eNew Yorker \u003c\/i\u003e \u003c\/b\u003eWe plug in anything we can to the internet. We can control our entire lives, economy and grid via a remote web control. But over the past decade, as this transformation took place, we never paused to think that we were also creating the world’s largest attack surface. And that the same nation that maintains the greatest cyber advantage on earth could also be among its most vulnerable.  Filled with spies, hackers, arms dealers and a few unsung heroes, \u003ci\u003eThis Is How They Tell Me the World Ends \u003c\/i\u003eis an astonishing and gripping feat of journalism. Drawing on years of reporting and hundreds of interviews, Nicole Perlroth lifts the curtain on a market in shadow, revealing the urgent threat faced by us all if we cannot bring the global cyber arms race to heel.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003eAn intricately detailed, deeply sourced and reported history of the origins and growth of the [cyberweapons] market and the global cyberweapons arms race it has sparked . . . This is no bloodless, just-the-facts chronicle. Written in the hot, propulsive prose of a spy thriller, Perlroth’s book sets out from the start to scare us out of our complacency . . . Perlroth comes at the reader hard, like an angry Cassandra who has spent the last seven years of her life unmasking the signs of our impending doom – only to be ignored again and again . . . A strong, data-driven case for action -- Jonathan Tepperman * New York Times *\u003cbr\u003ePerlroth is a longtime cybersecurity reporter for the \u003ci\u003eNew York Times\u003c\/i\u003e, and her book makes a kind of Hollywood entrance . . . Perlroth’s storytelling is part John le Carré and more parts Michael Crichton – ‘Tinker, Tailor, Soldier, Spy’ meets ‘The Andromeda Strain’. Because she’s writing about a boys’ club, there’s also a lot of ‘Fight Club’ in this book . . . And, because she tells the story of the zero-day market through the story of her investigation, it’s got a Frances McDormand ‘Fargo’ quality, too . . . Spellbinding -- Jill Lepore * New Yorker *\u003cbr\u003eWhen the weaknesses of a system can be bought and sold, the results can be calamitous, as \u003ci\u003eThis Is How They Tell Me the World Ends \u003c\/i\u003eshows . . . Engaging and troubling . . . This secretive market is difficult to penetrate, but Perlroth has dug deeper than most and chronicles her efforts wittily * Economist *\u003cbr\u003eA terrifying exposé of the black market in software bugs . . . Perlroth’s insider accounts provide texture and context that was often missing from news coverage at the time. Storytelling skills honed in her work as a \u003ci\u003eNew York Times \u003c\/i\u003ereporter specialising in cybersecurity make them scarier, particularly because of the collateral damage . . . Yet the thrust of her commendably thorough and determined research is not the damage done, but the market in mayhem that underpins it . . . Perlroth does an admirable job in stripping away the jargon * The Times *\u003cbr\u003eA stemwinder of a tale of how frightening cyber weapons have been turned on their maker, and the implications for the world when everyone and anyone can now decimate everyone else with a click of a mouse . . .  Perlroth takes a complex subject that has been cloaked in opaque techspeak and makes it dead real for the rest of us. You will not look at your mobile phone, your search engine, even your networked thermostat the same way again -- Kara Swisher, co-founder of Recode and New York Times opinion writer\u003cbr\u003eNicole Perlroth has written a dazzling and revelatory history of the darkest corner of the internet, where hackers and governments secretly trade the tools of the next war . . . \u003ci\u003eThis Is How They Tell Me the World Ends\u003c\/i\u003e is a rollicking fun trip, front to back, and an urgent call for action before our wired world spins out of our control. I've covered cybersecurity for a decade and yet paragraph after paragraph I kept wondering: 'How did she manage to figure *that* out? How is she so good?'\" -- Garrett M. Graff, author of 'The Only Plane in the Sky'\u003cbr\u003eThe definitive history of cyberwarfare. Nicole Perlroth connects the dots and the behind the scenes action of every serious intrusion, cyberattack and cyberespionage revelation in the last decade -- Clint Watts, author of 'Messing With The Enemy'\u003cbr\u003eA must-read tale of cloak-and-dagger mercenary hackers, digital weapons of mass destruction and clandestine, ne'er-do-well government agencies -- Lawrence Ingrassia, author of 'Billion Dollar Brand Club'\u003cbr\u003eUsually, books like this are praised by saying that they read like a screenplay or a novel. Nicole Perlroth’s is better: her sensitivity to both technical issues and human behavior give this book an authenticity that makes its message - that cybersecurity issues threaten our privacy, our economy, and maybe our lives - even scarier -- Steven Levy, author of 'Hackers and Facebook'\u003cbr\u003eAn essential cautionary tale [that] exposes the motivations and misgivings of the people helping governments hack into our devices. After Perlroth's incisive investigation, there's no excuse for ignoring the costs of the cyber arms race -- Sarah Frier, Bloomberg, author of 'No Filter'\u003cbr\u003eWonderfully readable . . .  A rip-roaring story of hackers and bug-sellers and spies -- Steven M. Bellovin, Professor of Computer Science, Columbia University\u003cbr\u003eNicole Perlroth does what few other authors on the cyber beat can: she tells a highly technical, gripping story . . . A page-turner -- Nina Jankowicz, author of 'How to Lose the Information War'\u003cbr\u003eA whirlwind global tour that introduces us to the crazy characters and bizarre stories behind the struggle to control the internet. It would be unbelievable if it wasn't all so very true -- Alex Stamos, Director of the Stanford Internet Observatory and former head of security for Facebook and Yahoo","brand":"Bloomsbury Publishing PLC","offers":[{"title":"Default Title","offer_id":48867478667607,"sku":"9781526652539","price":10.44,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781526652539.jpg?v=1722283471"},{"product_id":"cult-of-the-dead-cow-how-the-original-hacking-supergroup-might-just-save-the-world-9781541724426","title":"Cult of the Dead Cow: How the Original Hacking","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003ci\u003eThe Cult of the Dead Cow\u003c\/i\u003e is the story of the oldest, most respected and most famous hacking group of all time. Its members invented the the concept of hacktivism, released both the top tool for cracking passwords and the reigning technique for controlling computers from afar, and spurred development of Snowden's anonymity tool of choice. With its origins in the earliest days of the Internet, the cDc is full of oddball characters--spies, activists, musicians, and politicians--who are now woven into the top ranks of the American establishment. \u003cbr\u003e\u003cbr\u003eToday, this small group and their followers represent the best hope for making technology a force for good instead of for surveillance and oppression. Like a modern (and real) illuminati, cDc members have had the ears of presidents, secretaries of defense, and the CEO of Google. \u003ci\u003eThe Cult of the Dead Cow\u003c\/i\u003e shows how we got into the mess we find ourselves in today, where governments and corporations hold immense power over individuals, and and how we are finally fighting back.\u003c\/p\u003e","brand":"PublicAffairs,U.S.","offers":[{"title":"Default Title","offer_id":48867549086039,"sku":"9781541724426","price":13.49,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781541724426.jpg?v=1722283820"},{"product_id":"the-hardware-hacking-handbook-breaking-embedded-security-with-hardware-attacks-9781593278748","title":"The Hardware Hacking Handbook: Breaking Embedded","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eThe Hardware Hacking Handbook is a deep dive into embedded security, perfect for readers interested in designing, analysing, and attacking devices. You'll start with a crash course in embedded security and hardware interfaces and learn how to set up a test lab. Real-world examples and hands-on labs throughout allow you to explore hardware interfaces and practice various attacks.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"I really wished such a book existed when I started with researching hardware hacking a few years ago. It introduces all the relevant background that’s needed for hardware hacking along with references to further reading (the references are really nice to have for more intermediate readers). It also provides many practical examples that helps you see why the concepts are important and how they are applied.\"\u003cbr\u003e\u003cb\u003e—Yifan Lu, Security Researcher\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"One of the most complete introductions to hardware hacking I’ve seen . . . provide[s] you something you wouldn't learn elsewhere.\"\u003cb\u003e\u003cbr\u003e—Arya Voronova, Hackaday\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eIntroduction\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 1:\u003c\/b\u003e Dental Hygiene: Introduction to Embedded Security\u003cbr\u003e\u003cb\u003eChapter 2: \u003c\/b\u003eReaching Out, Touching Me, Touching You: Hardware Peripheral Interfaces\u003cbr\u003e\u003cb\u003eChapter 3: \u003c\/b\u003eCasing the Joint: Identifying Components and Gathering Information\u003cbr\u003e\u003cb\u003eChapter 4:\u003c\/b\u003e Bull in a China Shop: Introducing Fault Injection\u003cbr\u003e\u003cb\u003eChapter 5: \u003c\/b\u003eDon’t Lick the Probe: How to Inject Faults\u003cbr\u003e\u003cb\u003eChapter 6: \u003c\/b\u003eBench Time: Fault Injection Lab\u003cbr\u003e\u003cb\u003eChapter 7: \u003c\/b\u003eX Marks the Spot: EMFI Memory Dumping of Trezor\u003cbr\u003e\u003cb\u003eChapter 8: \u003c\/b\u003eI’ve Got the Power: Introduction to Power Analysis\u003cbr\u003e\u003cb\u003eChapter 9: \u003c\/b\u003eBench Time: Simple Power Analysis\u003cbr\u003e\u003cb\u003eChapter 10: \u003c\/b\u003eSplitting the Difference: Differential Power Analysis\u003cbr\u003e\u003cb\u003eChapter 11: \u003c\/b\u003eAdvanced Power Analysis\u003cbr\u003e\u003cb\u003eChapter 12: \u003c\/b\u003eA DPA\/SCA Lab: Breaking an AES-256 Bootloader\u003cbr\u003e\u003cb\u003eChapter 13: \u003c\/b\u003eNo Kiddin’: Real-Life Examples\u003cbr\u003e\u003cb\u003eChapter 14: \u003c\/b\u003eThink of the Children: Countermeasures, Certifications, and Goodbytes\u003cbr\u003e\u003cb\u003eAppendix A:\u003c\/b\u003e Maxing Out Your Credit Card: Setting Up a Test Lab\u003cbr\u003e\u003cb\u003eAppendix B: \u003c\/b\u003eAll Your Base Are Belong to Us: Popular Pinouts","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":48867674259799,"sku":"9781593278748","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781593278748.jpg?v=1722284421"},{"product_id":"how-to-hack-like-a-legend-breaking-windows-9781718501508","title":"How To Hack Like A Legend: Breaking Windows","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eStep into the shoes of a master hacker as he breaks into an intelligent, highly defensive Windows environment. You'll be infiltrating the suspicious (fictional) offshoring company G \u0026amp; S Trust and their hostile Microsoft stronghold. While the target is fictional, the corporation's vulnerabilities are based on real-life weaknesses in today s advanced Windows defense systems. You'll experience all the thrills, frustrations, dead-ends, and eureka moments of the mission first-hand, while picking up practical, cutting-edge techniques for evading Microsoft's best security systems.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"\u003ci\u003eHow To Hack Like a Legend\u003c\/i\u003e is a well written, story lead, day in a life of a hacker taking you into his hacking mindset and showing the reader even failure can be turned into a successful hack. This sort of hands-on material is normally only ever gained through experiences in real life. Above all, being able to get all this information down on paper and wrapping it all up with a fictional story really shows Sparc knows what he’s talking about.\"\u003cbr\u003e\u003cb\u003e—Security Tutorials\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"Another great hacker plot by Spark Flow. This is the 7th book in his series on penetration testing, and like the rest it does not disappoint . . . Short, engaging, technical, and really fun.\"\u003cbr\u003e\u003cb\u003e—LockBoxx: A Hacker's Blog\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"A good addition to his series. It covers many more topics to the existing others. This book is available to everyone because all tools and techniques presented are open sources.\"\u003cbr\u003e\u003cb\u003e—OnlineBooksReview\u003cbr\u003e\u003c\/b\u003e\u003cbr\u003e\"What sets this book apart from other cyber security books is the unique plot it follows . . . The book is written for penetration testers and red teamers, but if you have some knowledge in IT do not hesitate to pick it up. It is a great read and Sparc Flow details step-by-step every line of code and obscure tip to make it understandable by everyone.\"\u003cbr\u003e\u003cb\u003e—Tech Guide and Reviews\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"A good introduction to the entire process of infiltrating and compromising a network from beginning to end, and the kind of logical and creative thinking needed to successfully compromise a well secured environment.\"\u003cb\u003e\u003cbr\u003e—Darlene Hibbs, Senior Cybersecurity Researcher, Fortra\u003c\/b\u003e","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":48868102439255,"sku":"9781718501508","price":24.64,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781718501508.jpg?v=1722286399"},{"product_id":"hacks-leaks-and-revelations-the-art-of-analyzing-hacked-and-leaked-data-9781718503120","title":"Hacks, Leaks, And Revelations: The Art of","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eIn the age of hacking and whistleblowing, the internet contains massive troves of leaked information containing goldmines of newsworthy revelations in the public interest - if you know how to unravel them. For investigative journalists or amateur researchers with or without prior programming knowledge, this book gives you the technical expertise to find and interrogate complex datasets, transforming unintelligible files into ground-breaking reports. Through hands-on assignments and examples that highlight real-world cases, information security expert and well-known investigative journalist Micah Lee guides you through the process of analysing leaked datasets from governments, companies, and political groups. You'll dig into hacked files from the BlueLeaks dataset of law enforcement records, analyse social media traffic from those behind the 2021 insurrection at the US Capitol, hear the exclusive story of privately leaked data from the anti-vaccine group America's Frontline Doctors, an\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e“Micah’s book is a fantastic and friendly introduction for journalists, activists, and anyone else who is interested in learning to analyze large data sets but has been too intimidated by the technical details. I hope this book will inspire more people to find the stories inside the data.”\u003cbr\u003e\u003cb\u003e—Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“Masterfully breaks down how to handle a data leak and provides the reader with hands-on examples to hone their skills. If only I had this book when I broke the news of the Epik data breach!”\u003cbr\u003e\u003cb\u003e—Steven Monacelli, Special Investigative Correspondent at the Texas Observer\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“For more than a decade, Micah Lee has been on the cutting edge of protecting journalists and their sources from surveillance. It's a gift to all of us that he has downloaded his wisdom into this highly readable and vitally important guide.”\u003cbr\u003e\u003cb\u003e—Julia Angwin, Investigative Journalist at The New York Times\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“Thanks to whistleblowing leaks, gold mines of valuable digital data now exist. There is no better account than Micah Lee’s lively and readable how-to guide for arming journalists and researchers with the tools necessary to find, excavate, and make sense of this rich data. Sourced from Lee’s experiences mining data for his hard-hitting journalistic exposes, readers will come away inspired and equipped to follow in his footsteps.”\u003cbr\u003e\u003cb\u003e—Gabriella Coleman, Harvard Professor, Founder of Hack_Curio, and Tor Project Board Member\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“As a journalist who has been working with data breaches for close to ten years, actually getting to grips with that data is often the hardest part of any reporting project. Lee's clear and concise book will be an invaluable resource for reporters or researchers just dipping into this sort of data, or those looking for new techniques. I will certainly be using some of the tools myself. Hacked and dumped datasets are rich sources of information that are in the public interest, and Lee's book will only increase the number of important stories others are able to extract from them.”\u003cbr\u003e\u003cb\u003e—Joseph Cox, Senior Staff Writer at Motherboard\/Vice Media\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“Seamlessly blends real-world stories of whistleblowers and data dumps with a top to bottom guide on how to approach those very scenarios yourself. From protecting sources to accessing leaked data, no page is wasted. A must-read for any researcher or journalist regardless of experience.” \u003cbr\u003e\u003cb\u003e—Mikael Thalen, Tech and Security Reporter at The Daily Dot\u003cbr\u003e\u003c\/b\u003e \u003cbr\u003e“The world is awash in hacked and leaked data, and any investigator or journalist hoping to handle it safely and find the newsworthy threads needs to buy this book. Micah's step-by-step approach to the ethics, safety and tooling is both approachable for the average person with even basic data skills and will also be useful for those with an advanced background. A guide like this was waiting to be written.”\u003cbr\u003e\u003cb\u003e—AJ Vicens, Reporter at CyberScoop\u003cbr\u003e\u003cbr\u003e\u003c\/b\u003e\"A comprehensive yet highly digestible resource that I would wholeheartedly recommend to anyone remotely interested by modern journalism [practices].\" \u003cbr\u003e\u003cb\u003e—Julien Voisin, Artificial Truth\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e“Of special interest for anyone concerned with the increasing issues around cyberspace and internet database security, \u003ci\u003eHacks, Leaks, and Revelations\u003c\/i\u003e must be considered basic, fundamental reading.”\u003cbr\u003e\u003cb\u003e—Midwest Book Review\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eIntroduction\u003cbr\u003e\u003cb\u003ePart 1: Sources and Datasets\u003cbr\u003e\u003c\/b\u003eChapter 1: Protecting Sources and Yourself\u003cbr\u003eChapter 2: Acquiring Datasets\u003cbr\u003e\u003cb\u003ePart 2: Tools of the Trade\u003cbr\u003e\u003c\/b\u003eChapter 3: The Command Line Interface\u003cbr\u003eChapter 4: Exploring Datasets in the Terminal\u003cbr\u003eChapter 5: Docker, Aleph, and Making Datasets Searchable\u003cbr\u003eChapter 6: Reading Other People's Emails\u003cbr\u003e\u003cb\u003ePart 3: Writing Code\u003cbr\u003e\u003c\/b\u003eChapter 7: An Introduction to Python\u003cbr\u003eChapter 8: Working with Data in Python\u003cbr\u003e\u003cb\u003ePart 4: Structured Data\u003cbr\u003e\u003c\/b\u003eChapter 9: BlueLeaks, Black Lives Matter, and the CSV File Format\u003cbr\u003eChapter 10: BlueLeaks Explorer\u003cbr\u003eChapter 11: Parler, the Insurrection of January 6, and the JSON File Format\u003cbr\u003eChapter 12: Epik Fail, Extremism Research, and SQL Databases\u003cbr\u003e\u003cb\u003ePart 5: Case Studies\u003cbr\u003e\u003c\/b\u003eChapter 13: Pandemic Profiteers and COVID-19 Disinformation\u003cbr\u003eChapter 14: Neo-Nazis and Their Chat Rooms\u003cbr\u003eAfterword\u003cbr\u003e\u003cb\u003eAppendixes\u003c\/b\u003e\u003cbr\u003eAppendix A: Using the Windows Subsystem for Linux\u003cbr\u003eAppendix B: Scraping the Web","brand":"No Starch Press,US","offers":[{"title":"Default Title","offer_id":48868103094615,"sku":"9781718503120","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781718503120.jpg?v=1722286403"},{"product_id":"cyber-war-will-not-take-place-9781849047128","title":"Cyber War Will Not Take Place","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e'Cyber war is coming,' announced a landmark RAND report in 1993. In 2005, the U.S. Air Force boasted it would now fly, fight, and win in cyberspace, the 'fifth domain' of warfare. This book takes stock, twenty years on: is cyber war really coming? Has war indeed entered the fifth domain?Cyber War Will Not Take Place cuts through the hype and takes a fresh look at cyber security. Thomas Rid argues that the focus on war and winning distracts from the real challenge of cyberspace: non-violent confrontation that may rival or even replace violence in surprising ways.The threat consists of three different vectors: espionage, sabotage, and subversion. The author traces the most significant hacks and attacks, exploring the full spectrum of case studies from the shadowy world of computer espionage and weaponised code. With a mix of technical detail and rigorous political analysis, the book explores some key questions: What are cyber weapons? How have they changed the meaning of violence? How likely and how dangerous is crowd-sourced subversive activity? Why has there never been a lethal cyber attack against a country's critical infrastructure?How serious is the threat of 'pure' cyber espionage, of exfiltrating data without infiltrating humans first? And who is most vulnerable: which countries, industries, individuals?\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003eIn Cyber War Will Not Take Place, Thomas Rid throws a well-timed bucket of cold water on an increasingly alarmist debate. Just as strategic bombing never fulfilled its promise, and even air power at its apogee -- Kosovo in 1999, or Libya two years ago -- only worked with old-fashioned boots on the ground, Rid argues that the promise of cyber war is equally illusory... What Rid does, with great skill, is to pivot the discussion away from cyber war and towards cyber weapons.' -Financial Times; 'Thomas Rid is one of Britain's leading authorities on, and sceptics about, cyber-warfare. His provocatively titled book attacks the hype and mystique about sabotage, espionage, subversion and other mischief on the internet. Rid agrees that these present urgent security problems but he dislikes talk of \"warfare\" and the militarisation of the debate about dangers in cyberspace. Computer code can do lots of things, but it is not a weapon of war.' - The Economist; 'This book will be welcomed by all those who have struggled to get the measure of the cyber-war threat. As Thomas Rid takes on the digital doomsters he also provides a comprehensive, authoritative and sophisticated analysis of the strategic quandaries created by the new technologies.' -Sir Lawrence Freedman, Professor of War Studies, King's College London","brand":"C Hurst \u0026 Co Publishers Ltd","offers":[{"title":"Default Title","offer_id":48868758192471,"sku":"9781849047128","price":15.19,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781849047128.jpg?v=1722289573"},{"product_id":"chinas-cyberwarfare-capability-9781617612183","title":"China's Cyberwarfare Capability","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eThe government of the People''s Republic of China (PRC) is a decade into a sweeping military modernisation program that has fundamentally transformed its ability to fight high tech wars. The Chinese military, using increasingly networked forces capable of communicating across service arms and among all echelons of command, is pushing beyond its traditional missions focused on Taiwan and toward a more regional defence posture. This book presents a comprehensive open source assessment of China''s capability to conduct computer network operations (CNO) both during peacetime and periods of conflict, and will hopefully serve as a useful reference to policymakers, China specialists, and information operations professionals.","brand":"Nova Science Publishers Inc","offers":[{"title":"Default Title","offer_id":48886910812503,"sku":"9781617612183","price":39.19,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781617612183.jpg?v=1722542138"},{"product_id":"the-unrevealed-secrets-of-hacking-cracking-hack-before-you-get-cracked-9788178063263","title":"The Unrevealed Secrets of Hacking \u0026 Cracking:","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Unicorn Books Pvt Ltd","offers":[{"title":"Default Title","offer_id":48889659851095,"sku":"9788178063263","price":10.0,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9788178063263.jpg?v=1722555344"},{"product_id":"cybersecurity-awareness-among-students-and-faculty-9780367144074","title":"Cybersecurity Awareness Among Students and","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cstrong\u003eRecipient of the SJSU San Jose State University Annual Author \u0026amp; Artist Awards 2019\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eIn modern times, all individuals need to be knowledgeable about cybersecurity. They must have practical skills and abilities to protect themselves in cyberspace. What is the level of awareness among college students and faculty, who represent the most technologically active portion of the population in any society? According to the Federal Trade Commission's 2016 Consumer Sentinel Network report, 19 percent of identity theft complaints came from people under the age of 29. About 74,400 young adults fell victim to identity theft in 2016. \u003c\/p\u003e\u003cp\u003eThis book reports the results of several studies that investigate student and faculty awareness and attitudes toward cybersecurity and the resulting risks. It proposes a plan of action that can help 26,000 higher education institutions worldwide with over 207 million college students, create security policies and educational programs that \u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e1. Introduction. 2. Research Methodology. 3. General Cybersecurity Awareness Among College Student Surveys. 4. Field Studies.\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":49401876480343,"sku":"9780367144074","price":52.24,"currency_code":"GBP","in_stock":true}]},{"product_id":"computer-forensics-jumpstart-9780470931660","title":"Computer Forensics JumpStart","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eEssential reading for launching a career in computer forensics\u003c\/b\u003e  \u003cp\u003eInternet crime is on the rise, catapulting the need for computer forensics specialists. This new edition presents you with a completely updated overview of the basic skills that are required as a computer forensics professional. The author team of technology security veterans introduces the latest software and tools that exist and they review the available certifications in this growing segment of IT that can help take your career to a new level. A variety of real-world practices take you behind the scenes to look at the root causes of security attacks and provides you with a unique perspective as you launch a career in this fast-growing field.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eExplores the profession of computer forensics, which is more in demand than ever due to the rise of Internet crime\u003c\/li\u003e \u003cli\u003eDetails the ways to conduct a computer forensics investigation\u003c\/li\u003e \u003cli\u003eHighlights tips and techniques for finding hidden data, capturin\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eIntroduction.  \u003cp\u003eChapter 1 The Need for Computer Forensics.\u003c\/p\u003e \u003cp\u003eChapter 2 Preparation—What to Do Before You Start.\u003c\/p\u003e \u003cp\u003eChapter 3 Computer Evidence.\u003c\/p\u003e \u003cp\u003eChapter 4 Common Tasks.\u003c\/p\u003e \u003cp\u003eChapter 5 Capturing the Data Image.\u003c\/p\u003e \u003cp\u003eChapter 6 Extracting Information from Data.\u003c\/p\u003e \u003cp\u003eChapter 7 Passwords and Encryption.\u003c\/p\u003e \u003cp\u003eChapter 8 Common Forensic Tools.\u003c\/p\u003e \u003cp\u003eChapter 9 Pulling It All Together.\u003c\/p\u003e \u003cp\u003eChapter 10 How to Testify in Court.\u003c\/p\u003e \u003cp\u003eAppendix A Answers to Review Questions.\u003c\/p\u003e \u003cp\u003eAppendix B Forensic Resources.\u003c\/p\u003e \u003cp\u003eAppendix C Forensic Certifications and More.\u003c\/p\u003e \u003cp\u003eAppendix D Forensic Tools 289\u003c\/p\u003e \u003cp\u003eGlossary.\u003c\/p\u003e \u003cp\u003eIndex.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49402460143959,"sku":"9780470931660","price":19.54,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780470931660.jpg?v=1730480475"},{"product_id":"masters-of-deception-9780471133551","title":"Masters of Deception","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eWhite-collar criminals continue to pick our pockets to the tune of$300 billion every year. These ''socially acceptable'' criminals robmore from companies and individuals with a pen or key stroke than astreet thug can plunder with a high-powered pistol. --from theIntroduction\u003cbr\u003e \u003cbr\u003e In Masters of Deception, former special agent and intelligenceofficer Louis Mizell addresses the growing problem of white-collarcrime in America. Using actual cases, Mizell exposes scores ofperpetrators and their modus operandi, and offers invaluable adviceon what to look for, how to avoid being a victim, and how to fightback.\u003cbr\u003e \u003cbr\u003e Praise for Louis Mizell and Masters of Deception\u003cbr\u003e \u003cbr\u003e Mizell stands out as a true expert in crime and terrorism whoearned his title fighting the bad guys in back alleys, courts,corporate suites, and the new global economy. No one else out therecan match his knowledge of what the bad guys are doing and how.--James Grady, author of Six Days of the Condor and WhiteFlame\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003eStealing Education.\u003cbr\u003e \u003cbr\u003e The Medical Maelstrom.\u003cbr\u003e \u003cbr\u003e Dishonest Lawyers.\u003cbr\u003e \u003cbr\u003e Cheating Charities.\u003cbr\u003e \u003cbr\u003e Insurance Fraud.\u003cbr\u003e \u003cbr\u003e The Religious Ruse.\u003cbr\u003e \u003cbr\u003e The Banking Mess.\u003cbr\u003e \u003cbr\u003e Appendix.\u003cbr\u003e \u003cbr\u003e Index.","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49402495172951,"sku":"9780471133551","price":20.4,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780471133551.jpg?v=1730480583"},{"product_id":"cyber-wars-9780749482008","title":"Cyber Wars","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eCharles Arthur\u003c\/b\u003e is a freelance journalist, and author of \u003ci\u003eDigital Wars: Apple, Google, Microsoft and the Battle for the Internet\u003c\/i\u003e, published by Kogan Page. From 2005-2014 he was technology editor at \u003ci\u003eThe Guardian\u003c\/i\u003e newspaper, where he worked on coverage of scores of stories including Wikileaks, Anonymous, and LulzSec. Previously he was science and technology editor at \u003ci\u003eThe Independent\u003c\/i\u003e, and before that worked at \u003ci\u003eNew Scientist, Business Magazine \u003c\/i\u003eand\u003ci\u003e Computer Weekly\u003c\/i\u003e.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"A terrifying analysis of the dark cyber underworld.\" * Aleks Krotoski, BAFTA and Emmy winner and presenter and writer of the BBC series Digital Human *\u003cbr\u003e\"Timely, well-written, informed, and entertaining. Reading this book will place you amongst those who really know where history suggests we are heading with cyber security. It won't surprise you to know the prospect isn't pretty. Essential reading for everyone who uses technology - and these days that's everyone.\" * Tim Vincent, CEO, Observer Solutions, and co-founder of the International Operational Technology Security Association *\u003cbr\u003e\"Drawing lessons from the avoidable mistakes of others, Arthur presents insights into the greatest information security failures of our time that no business of any size can afford to ignore.\" * Simon Moores, Chair, Annual International eCrime Congress, and visiting lecturer, Computing, Digital Forensics and Cybersecurity, Canterbury Christ Church University *\u003cbr\u003e\"This is not a difficult review for me to write as I absolutely loved this book which covered a number of the widest reported online frauds of the last twenty or so years and what was learned from them. It has certainly made think about my own online security and I suggest it will do likewise to others that read this. A solid five star effort.\" * Alan Gordon, NetGalley Reviewer *\u003cbr\u003e\"I found it a fascinating book. I wish that all history books were so inviting and intelligent.\" * Books In Brogan, NetGalley Reviewer *\u003cbr\u003e\"Charles Arthur's Cyber Wars takes the reader through some well-known and not so well-known hacks: Sony Pictures, HBGary, John Podesta's inbox, TJX, ransomware, TalkTalk, and Mirai. Each chapter concludes with some lessons and suggestions, but the reality is that we will never make every system secure. We can simply make it a tad harder for the hackers to penetrate \"our space\" and either gain access to our data or lock us out from it. The tales of woe told here explore the range of tools hackers have used. For those of us with zero hacking skills it's an enlightening, if depressing, read.\" * Brenda Jubin, Reading the Markets, NetGalley Reviewer *\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003cul\u003e\n\u003cli\u003eChapter - 00: Introduction;\t\t\t\t\t\u003c\/li\u003e\n\u003cli\u003eChapter - 01: Sony – Systems Wiped, Internal Documents Leaked and Network Completely Shut Down by \"The Guardians of Peace\";\t\t\t\t\t\u003c\/li\u003e\n\u003cli\u003eChapter - 02: TalkTalk – 157,000 Customer Details Stolen by a Hacker;\u003c\/li\u003e\n\u003cli\u003eChapter - 03: John Podesta – Gmail Account Hacked and Emails Sent to Wikileaks;\u003c\/li\u003e\n\u003cli\u003eChapter - 04: Mirai – The DDOS Hack that Revealed the Vulnerability of Internet of Things Devices;\u003c\/li\u003e\n\u003cli\u003eChapter - 05: HBGary – The Security Company Brought Down by Anonymous;\u003c\/li\u003e\n\u003cli\u003eChapter - 06: TK Maxx –  94m Credit Card Details Stolen;\t\t\t\t\t\u003c\/li\u003e\n\u003cli\u003eChapter - 07: Ransomware – Using Cryptography as a Weapon to Hold Your Data Hostage;\u003c\/li\u003e\n\u003cli\u003eChapter - 08: Conclusion\u003c\/li\u003e\n\u003c\/ul\u003e\u003c\/li\u003e\u003c\/ul\u003e","brand":"Kogan Page Ltd","offers":[{"title":"Default Title","offer_id":49404531867991,"sku":"9780749482008","price":17.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780749482008.jpg?v=1730486745"},{"product_id":"hands-on-hacking-9781119561453","title":"Hands on Hacking","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eForeword xviii\u003c\/p\u003e \u003cp\u003eIntroduction xx\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Hacking a Business Case 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAll Computers are Broken 2\u003c\/p\u003e \u003cp\u003eThe Stakes 4\u003c\/p\u003e \u003cp\u003eWhat’s Stolen and Why It’s Valuable 4\u003c\/p\u003e \u003cp\u003eThe Internet of Vulnerable Things 4\u003c\/p\u003e \u003cp\u003eBlue, Red, and Purple Teams 5\u003c\/p\u003e \u003cp\u003eBlue Teams 5\u003c\/p\u003e \u003cp\u003eRed Teams 5\u003c\/p\u003e \u003cp\u003ePurple Teams 7\u003c\/p\u003e \u003cp\u003eHacking is Part of Your Company’s Immune System 9\u003c\/p\u003e \u003cp\u003eSummary 11\u003c\/p\u003e \u003cp\u003eNotes 12\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Hacking Ethically and Legally 13\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eLaws That Affect Your Work 14\u003c\/p\u003e \u003cp\u003eCriminal Hacking 15\u003c\/p\u003e \u003cp\u003eHacking Neighborly 15\u003c\/p\u003e \u003cp\u003eLegally Gray 16\u003c\/p\u003e \u003cp\u003ePenetration Testing Methodologies 17\u003c\/p\u003e \u003cp\u003eAuthorization 18\u003c\/p\u003e \u003cp\u003eResponsible Disclosure 19\u003c\/p\u003e \u003cp\u003eBug Bounty Programs 20\u003c\/p\u003e \u003cp\u003eLegal Advice and Support 21\u003c\/p\u003e \u003cp\u003eHacker House Code of Conduct 22\u003c\/p\u003e \u003cp\u003eSummary 22\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Building Your Hack Box 23\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHardware for Hacking 24\u003c\/p\u003e \u003cp\u003eLinux or BSD? 26\u003c\/p\u003e \u003cp\u003eHost Operating Systems 27\u003c\/p\u003e \u003cp\u003eGentoo Linux 27\u003c\/p\u003e \u003cp\u003eArch Linux 28\u003c\/p\u003e \u003cp\u003eDebian 28\u003c\/p\u003e \u003cp\u003eUbuntu 28\u003c\/p\u003e \u003cp\u003eKali Linux 29\u003c\/p\u003e \u003cp\u003eVerifying Downloads 29\u003c\/p\u003e \u003cp\u003eDisk Encryption 31\u003c\/p\u003e \u003cp\u003eEssential Software 33\u003c\/p\u003e \u003cp\u003eFirewall 34\u003c\/p\u003e \u003cp\u003ePassword Manager 35\u003c\/p\u003e \u003cp\u003eEmail 36\u003c\/p\u003e \u003cp\u003eSetting Up VirtualBox 36\u003c\/p\u003e \u003cp\u003eVirtualization Settings 37\u003c\/p\u003e \u003cp\u003eDownloading and Installing VirtualBox 37\u003c\/p\u003e \u003cp\u003eHost-Only Networking 37\u003c\/p\u003e \u003cp\u003eCreating a Kali Linux VM 40\u003c\/p\u003e \u003cp\u003eCreating a Virtual Hard Disk 42\u003c\/p\u003e \u003cp\u003eInserting a Virtual CD 43\u003c\/p\u003e \u003cp\u003eVirtual Network Adapters 44\u003c\/p\u003e \u003cp\u003eLabs 48\u003c\/p\u003e \u003cp\u003eGuest Additions 51\u003c\/p\u003e \u003cp\u003eTesting Your Virtual Environment 52\u003c\/p\u003e \u003cp\u003eCreating Vulnerable Servers 53\u003c\/p\u003e \u003cp\u003eSummary 54\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Open Source Intelligence Gathering 55\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDoes Your Client Need an OSINT Review? 56\u003c\/p\u003e \u003cp\u003eWhat are You Looking For? 57\u003c\/p\u003e \u003cp\u003eWhere Do You Find It? 58\u003c\/p\u003e \u003cp\u003eOSINT Tools 59\u003c\/p\u003e \u003cp\u003eGrabbing Email Addresses from Google 59\u003c\/p\u003e \u003cp\u003eGoogle Dorking the Shadows 62\u003c\/p\u003e \u003cp\u003eA Brief Introduction to Passwd and Shadow Files 62\u003c\/p\u003e \u003cp\u003eThe Google Hacking Database 65\u003c\/p\u003e \u003cp\u003eHave You Been “Pwned” Yet? 66\u003c\/p\u003e \u003cp\u003eOSINT Framework Recon-ng 67\u003c\/p\u003e \u003cp\u003eRecon-ng Under the Hood 74\u003c\/p\u003e \u003cp\u003eHarvesting the Web 75\u003c\/p\u003e \u003cp\u003eDocument Metadata 76\u003c\/p\u003e \u003cp\u003eMaltego 80\u003c\/p\u003e \u003cp\u003eSocial Media Networks 81\u003c\/p\u003e \u003cp\u003eShodan 83\u003c\/p\u003e \u003cp\u003eProtecting Against OSINT 85\u003c\/p\u003e \u003cp\u003eSummary 86\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 The Domain Name System 87\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Implications of Hacking DNS 87\u003c\/p\u003e \u003cp\u003eA Brief History of DNS 88\u003c\/p\u003e \u003cp\u003eThe DNS Hierarchy 88\u003c\/p\u003e \u003cp\u003eA Basic DNS Query 89\u003c\/p\u003e \u003cp\u003eAuthority and Zones 92\u003c\/p\u003e \u003cp\u003eDNS Resource Records 92\u003c\/p\u003e \u003cp\u003eBIND9 95\u003c\/p\u003e \u003cp\u003eDNS Hacking Toolkit 98\u003c\/p\u003e \u003cp\u003eFinding Hosts 98\u003c\/p\u003e \u003cp\u003eWHOIS 98\u003c\/p\u003e \u003cp\u003eBrute-Forcing Hosts with Recon-ng 100\u003c\/p\u003e \u003cp\u003eHost 101\u003c\/p\u003e \u003cp\u003eFinding the SOA with Dig 102\u003c\/p\u003e \u003cp\u003eHacking a Virtual Name Server 103\u003c\/p\u003e \u003cp\u003ePort Scanning with Nmap 104\u003c\/p\u003e \u003cp\u003eDigging for Information 106\u003c\/p\u003e \u003cp\u003eSpecifying Resource Records 108\u003c\/p\u003e \u003cp\u003eInformation Leak CHAOS 111\u003c\/p\u003e \u003cp\u003eZone Transfer Requests 113\u003c\/p\u003e \u003cp\u003eInformation-Gathering Tools 114\u003c\/p\u003e \u003cp\u003eFierce 115\u003c\/p\u003e \u003cp\u003eDnsrecon 116\u003c\/p\u003e \u003cp\u003eDnsenum 116\u003c\/p\u003e \u003cp\u003eSearching for Vulnerabilities and Exploits 118\u003c\/p\u003e \u003cp\u003eSearchsploit 118\u003c\/p\u003e \u003cp\u003eOther Sources 119\u003c\/p\u003e \u003cp\u003eDNS Traffic Amplification 120\u003c\/p\u003e \u003cp\u003eMetasploit 121\u003c\/p\u003e \u003cp\u003eCarrying Out a Denial-of-Service Attack 125\u003c\/p\u003e \u003cp\u003eDoS Attacks with Metasploit 126\u003c\/p\u003e \u003cp\u003eDNS Spoofi ng 128\u003c\/p\u003e \u003cp\u003eDNS Cache Poisoning 129\u003c\/p\u003e \u003cp\u003eDNS Cache Snooping 131\u003c\/p\u003e \u003cp\u003eDNSSEC 131\u003c\/p\u003e \u003cp\u003eFuzzing 132\u003c\/p\u003e \u003cp\u003eSummary 134\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Electronic Mail 135\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe Email Chain 135\u003c\/p\u003e \u003cp\u003eMessage Headers 137\u003c\/p\u003e \u003cp\u003eDelivery Status Notifications 138\u003c\/p\u003e \u003cp\u003eThe Simple Mail Transfer Protocol 141\u003c\/p\u003e \u003cp\u003eSender Policy Framework 143\u003c\/p\u003e \u003cp\u003eScanning a Mail Server 145\u003c\/p\u003e \u003cp\u003eComplete Nmap Scan Results (TCP) 149\u003c\/p\u003e \u003cp\u003eProbing the SMTP Service 152\u003c\/p\u003e \u003cp\u003eOpen Relays 153\u003c\/p\u003e \u003cp\u003eThe Post Office Protocol 155\u003c\/p\u003e \u003cp\u003eThe Internet Message Access Protocol 157\u003c\/p\u003e \u003cp\u003eMail Software 158\u003c\/p\u003e \u003cp\u003eExim 159\u003c\/p\u003e \u003cp\u003eSendmail 159\u003c\/p\u003e \u003cp\u003eCyrus 160\u003c\/p\u003e \u003cp\u003ePHP Mail 160\u003c\/p\u003e \u003cp\u003eWebmail 161\u003c\/p\u003e \u003cp\u003eUser Enumeration via Finger 162\u003c\/p\u003e \u003cp\u003eBrute-Forcing the Post Office 167\u003c\/p\u003e \u003cp\u003eThe Nmap Scripting Engine 169\u003c\/p\u003e \u003cp\u003eCVE-2014-0160: The Heartbleed Bug 172\u003c\/p\u003e \u003cp\u003eExploiting CVE-2010-4345 180\u003c\/p\u003e \u003cp\u003eGot Root? 183\u003c\/p\u003e \u003cp\u003eUpgrading Your Shell 184\u003c\/p\u003e \u003cp\u003eExploiting CVE-2017-7692 185\u003c\/p\u003e \u003cp\u003eSummary 188\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 The World Wide Web of Vulnerabilities 191\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe World Wide Web 192\u003c\/p\u003e \u003cp\u003eThe Hypertext Transfer Protocol 193\u003c\/p\u003e \u003cp\u003eHTTP Methods and Verbs 195\u003c\/p\u003e \u003cp\u003eHTTP Response Codes 196\u003c\/p\u003e \u003cp\u003eStateless 198\u003c\/p\u003e \u003cp\u003eCookies 198\u003c\/p\u003e \u003cp\u003eUniform Resource Identifiers 200\u003c\/p\u003e \u003cp\u003eLAMP: Linux, Apache, MySQL, and PHP 201\u003c\/p\u003e \u003cp\u003eWeb Server: Apache 202\u003c\/p\u003e \u003cp\u003eDatabase: MySQL 203\u003c\/p\u003e \u003cp\u003eServer-Side Scripting: PHP 203\u003c\/p\u003e \u003cp\u003eNginx 205\u003c\/p\u003e \u003cp\u003eMicrosoft IIS 205\u003c\/p\u003e \u003cp\u003eCreepy Crawlers and Spiders 206\u003c\/p\u003e \u003cp\u003eThe Web Server Hacker’s Toolkit 206\u003c\/p\u003e \u003cp\u003ePort Scanning a Web Server 207\u003c\/p\u003e \u003cp\u003eManual HTTP Requests 210\u003c\/p\u003e \u003cp\u003eWeb Vulnerability Scanning 212\u003c\/p\u003e \u003cp\u003eGuessing Hidden Web Content 216\u003c\/p\u003e \u003cp\u003eNmap 217\u003c\/p\u003e \u003cp\u003eDirectory Busting 218\u003c\/p\u003e \u003cp\u003eDirectory Traversal Vulnerabilities 219\u003c\/p\u003e \u003cp\u003eUploading Files 220\u003c\/p\u003e \u003cp\u003eWebDAV 220\u003c\/p\u003e \u003cp\u003eWeb Shell with Weevely 222\u003c\/p\u003e \u003cp\u003eHTTP Authentication 223\u003c\/p\u003e \u003cp\u003eCommon Gateway Interface 225\u003c\/p\u003e \u003cp\u003eShellshock 226\u003c\/p\u003e \u003cp\u003eExploiting Shellshock Using Metasploit 227\u003c\/p\u003e \u003cp\u003eExploiting Shellshock with cURL and Netcat 228\u003c\/p\u003e \u003cp\u003eSSL, TLS, and Heartbleed 232\u003c\/p\u003e \u003cp\u003eWeb Administration Interfaces 238\u003c\/p\u003e \u003cp\u003eApache Tomcat 238\u003c\/p\u003e \u003cp\u003eWebmin 240\u003c\/p\u003e \u003cp\u003ephpMyAdmin 241\u003c\/p\u003e \u003cp\u003eWeb Proxies 242\u003c\/p\u003e \u003cp\u003eProxychains 243\u003c\/p\u003e \u003cp\u003ePrivilege Escalation 245\u003c\/p\u003e \u003cp\u003ePrivilege Escalation Using DirtyCOW 246\u003c\/p\u003e \u003cp\u003eSummary 249\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Virtual Private Networks 251\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat is a VPN? 251\u003c\/p\u003e \u003cp\u003eInternet Protocol Security 253\u003c\/p\u003e \u003cp\u003eInternet Key Exchange 253\u003c\/p\u003e \u003cp\u003eTransport Layer Security and VPNs 254\u003c\/p\u003e \u003cp\u003eUser Databases and Authentication 255\u003c\/p\u003e \u003cp\u003eSQL Database 255\u003c\/p\u003e \u003cp\u003eRADIUS 255\u003c\/p\u003e \u003cp\u003eLDAP 256\u003c\/p\u003e \u003cp\u003ePAM 256\u003c\/p\u003e \u003cp\u003eTACACS+ 256\u003c\/p\u003e \u003cp\u003eThe NSA and VPNs 257\u003c\/p\u003e \u003cp\u003eThe VPN Hacker’s Toolkit 257\u003c\/p\u003e \u003cp\u003eVPN Hacking Methodology 257\u003c\/p\u003e \u003cp\u003ePort Scanning a VPN Server 258\u003c\/p\u003e \u003cp\u003eHping3 259\u003c\/p\u003e \u003cp\u003eUDP Scanning with Nmap 261\u003c\/p\u003e \u003cp\u003eIKE-scan 262\u003c\/p\u003e \u003cp\u003eIdentifying Security Association Options 263\u003c\/p\u003e \u003cp\u003eAggressive Mode 265\u003c\/p\u003e \u003cp\u003eOpenVPN 267\u003c\/p\u003e \u003cp\u003eLDAP 275\u003c\/p\u003e \u003cp\u003eOpenVPN and Shellshock 277\u003c\/p\u003e \u003cp\u003eExploiting CVE-2017-5618 278\u003c\/p\u003e \u003cp\u003eSummary 281\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 Files and File Sharing 283\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat is Network-Attached Storage? 284\u003c\/p\u003e \u003cp\u003eFile Permissions 284\u003c\/p\u003e \u003cp\u003eNAS Hacking Toolkit 287\u003c\/p\u003e \u003cp\u003ePort Scanning a File Server 288\u003c\/p\u003e \u003cp\u003eThe File Transfer Protocol 289\u003c\/p\u003e \u003cp\u003eThe Trivial File Transfer Protocol 291\u003c\/p\u003e \u003cp\u003eRemote Procedure Calls 292\u003c\/p\u003e \u003cp\u003eRPCinfo 294\u003c\/p\u003e \u003cp\u003eServer Message Block 295\u003c\/p\u003e \u003cp\u003eNetBIOS and NBT 296\u003c\/p\u003e \u003cp\u003eSamba Setup 298\u003c\/p\u003e \u003cp\u003eEnum4Linux 299\u003c\/p\u003e \u003cp\u003eSambaCry (CVE-2017-7494) 303\u003c\/p\u003e \u003cp\u003eRsync 306\u003c\/p\u003e \u003cp\u003eNetwork File System 308\u003c\/p\u003e \u003cp\u003eNFS Privilege Escalation 309\u003c\/p\u003e \u003cp\u003eSearching for Useful Files 311\u003c\/p\u003e \u003cp\u003eSummary 312\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 UNIX 315\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eUNIX System Administration 316\u003c\/p\u003e \u003cp\u003eSolaris 316\u003c\/p\u003e \u003cp\u003eUNIX Hacking Toolbox 318\u003c\/p\u003e \u003cp\u003ePort Scanning Solaris 319\u003c\/p\u003e \u003cp\u003eTelnet 320\u003c\/p\u003e \u003cp\u003eSecure Shell 324\u003c\/p\u003e \u003cp\u003eRPC 326\u003c\/p\u003e \u003cp\u003eCVE-2010-4435 329\u003c\/p\u003e \u003cp\u003eCVE-1999-0209 329\u003c\/p\u003e \u003cp\u003eCVE-2017-3623 330\u003c\/p\u003e \u003cp\u003eHacker’s Holy Grail EBBSHAVE 331\u003c\/p\u003e \u003cp\u003eEBBSHAVE Version 4 332\u003c\/p\u003e \u003cp\u003eEBBSHAVE Version 5 335\u003c\/p\u003e \u003cp\u003eDebugging EBBSHAVE 335\u003c\/p\u003e \u003cp\u003eR-services 338\u003c\/p\u003e \u003cp\u003eThe Simple Network Management Protocol 339\u003c\/p\u003e \u003cp\u003eEwok 341\u003c\/p\u003e \u003cp\u003eThe Common UNIX Printing System 341\u003c\/p\u003e \u003cp\u003eThe X Window System 343\u003c\/p\u003e \u003cp\u003eCron and Local Files 347\u003c\/p\u003e \u003cp\u003eThe Common Desktop Environment 351\u003c\/p\u003e \u003cp\u003eEXTREMEPARR 351\u003c\/p\u003e \u003cp\u003eSummary 353\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Databases 355\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eTypes of Databases 356\u003c\/p\u003e \u003cp\u003eFlat-File Databases 356\u003c\/p\u003e \u003cp\u003eRelational Databases 356\u003c\/p\u003e \u003cp\u003eNonrelational Databases 358\u003c\/p\u003e \u003cp\u003eStructured Query Language 358\u003c\/p\u003e \u003cp\u003eUser-Defined Functions 359\u003c\/p\u003e \u003cp\u003eThe Database Hacker’s Toolbox 360\u003c\/p\u003e \u003cp\u003eCommon Database Exploitation 360\u003c\/p\u003e \u003cp\u003ePort Scanning a Database Server 361\u003c\/p\u003e \u003cp\u003eMySQL 362\u003c\/p\u003e \u003cp\u003eExploring a MySQL Database 362\u003c\/p\u003e \u003cp\u003eMySQL Authentication 373\u003c\/p\u003e \u003cp\u003ePostgreSQL 374\u003c\/p\u003e \u003cp\u003eEscaping Database Software 377\u003c\/p\u003e \u003cp\u003eOracle Database 378\u003c\/p\u003e \u003cp\u003eMongoDB 381\u003c\/p\u003e \u003cp\u003eRedis 381\u003c\/p\u003e \u003cp\u003ePrivilege Escalation via Databases 384\u003c\/p\u003e \u003cp\u003eSummary 392\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12 Web Applications 395\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe OWASP Top 10 396\u003c\/p\u003e \u003cp\u003eThe Web Application Hacker’s Toolkit 397\u003c\/p\u003e \u003cp\u003ePort Scanning a Web Application Server 397\u003c\/p\u003e \u003cp\u003eUsing an Intercepting Proxy 398\u003c\/p\u003e \u003cp\u003eSetting Up Burp Suite Community Edition 399\u003c\/p\u003e \u003cp\u003eUsing Burp Suite Over HTTPS 407\u003c\/p\u003e \u003cp\u003eManual Browsing and Mapping 412\u003c\/p\u003e \u003cp\u003eSpidering 415\u003c\/p\u003e \u003cp\u003eIdentifying Entry Points 418\u003c\/p\u003e \u003cp\u003eWeb Vulnerability Scanners 418\u003c\/p\u003e \u003cp\u003eZed Attack Proxy 419\u003c\/p\u003e \u003cp\u003eBurp Suite Professional 420\u003c\/p\u003e \u003cp\u003eSkipfish 421\u003c\/p\u003e \u003cp\u003eFinding Vulnerabilities 421\u003c\/p\u003e \u003cp\u003eInjection 421\u003c\/p\u003e \u003cp\u003eSQL Injection 422\u003c\/p\u003e \u003cp\u003eSQLmap 427\u003c\/p\u003e \u003cp\u003eDrupageddon 433\u003c\/p\u003e \u003cp\u003eProtecting Against SQL Injection 433\u003c\/p\u003e \u003cp\u003eOther Injection Flaws 434\u003c\/p\u003e \u003cp\u003eBroken Authentication 434\u003c\/p\u003e \u003cp\u003eSensitive Data Exposure 436\u003c\/p\u003e \u003cp\u003eXML External Entities 437\u003c\/p\u003e \u003cp\u003eCVE-2014-3660 437\u003c\/p\u003e \u003cp\u003eBroken Access Controls 439\u003c\/p\u003e \u003cp\u003eDirectory Traversal 440\u003c\/p\u003e \u003cp\u003eSecurity Misconfiguration 441\u003c\/p\u003e \u003cp\u003eError Pages and Stack Traces 442\u003c\/p\u003e \u003cp\u003eCross-Site Scripting 442\u003c\/p\u003e \u003cp\u003eThe Browser Exploitation Framework 445\u003c\/p\u003e \u003cp\u003eMore about XSS Flaws 450\u003c\/p\u003e \u003cp\u003eXSS Filter Evasion 450\u003c\/p\u003e \u003cp\u003eInsecure Deserialization 452\u003c\/p\u003e \u003cp\u003eKnown Vulnerabilities 453\u003c\/p\u003e \u003cp\u003eInsufficient Logging and Monitoring 453\u003c\/p\u003e \u003cp\u003ePrivilege Escalation 454\u003c\/p\u003e \u003cp\u003eSummary 455\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13 Microsoft Windows 457\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHacking Windows vs. Linux 458\u003c\/p\u003e \u003cp\u003eDomains, Trees, and Forests 458\u003c\/p\u003e \u003cp\u003eUsers, Groups, and Permissions 461\u003c\/p\u003e \u003cp\u003ePassword Hashes 461\u003c\/p\u003e \u003cp\u003eAntivirus Software 462\u003c\/p\u003e \u003cp\u003eBypassing User Account Control 463\u003c\/p\u003e \u003cp\u003eSetting Up a Windows VM 464\u003c\/p\u003e \u003cp\u003eA Windows Hacking Toolkit 466\u003c\/p\u003e \u003cp\u003eWindows and the NSA 467\u003c\/p\u003e \u003cp\u003ePort Scanning Windows Server 467\u003c\/p\u003e \u003cp\u003eMicrosoft DNS 469\u003c\/p\u003e \u003cp\u003eInternet Information Services 470\u003c\/p\u003e \u003cp\u003eKerberos 471\u003c\/p\u003e \u003cp\u003eGolden Tickets 472\u003c\/p\u003e \u003cp\u003eNetBIOS 473\u003c\/p\u003e \u003cp\u003eLDAP 474\u003c\/p\u003e \u003cp\u003eServer Message Block 474\u003c\/p\u003e \u003cp\u003eETERNALBLUE 476\u003c\/p\u003e \u003cp\u003eEnumerating Users 479\u003c\/p\u003e \u003cp\u003eMicrosoft RPC 489\u003c\/p\u003e \u003cp\u003eTask Scheduler 497\u003c\/p\u003e \u003cp\u003eRemote Desktop 497\u003c\/p\u003e \u003cp\u003eThe Windows Shell 498\u003c\/p\u003e \u003cp\u003ePowerShell 501\u003c\/p\u003e \u003cp\u003ePrivilege Escalation with PowerShell 502\u003c\/p\u003e \u003cp\u003ePowerSploit and AMSI 503\u003c\/p\u003e \u003cp\u003eMeterpreter 504\u003c\/p\u003e \u003cp\u003eHash Dumping 505\u003c\/p\u003e \u003cp\u003ePassing the Hash 506\u003c\/p\u003e \u003cp\u003ePrivilege Escalation 507\u003c\/p\u003e \u003cp\u003eGetting SYSTEM 508\u003c\/p\u003e \u003cp\u003eAlternative Payload Delivery Methods 509\u003c\/p\u003e \u003cp\u003eBypassing Windows Defender 512\u003c\/p\u003e \u003cp\u003eSummary 514\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 14 Passwords 517\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHashing 517\u003c\/p\u003e \u003cp\u003eThe Password Cracker’s Toolbox 519\u003c\/p\u003e \u003cp\u003eCracking 519\u003c\/p\u003e \u003cp\u003eHash Tables and Rainbow Tables 523\u003c\/p\u003e \u003cp\u003eAdding Salt 525\u003c\/p\u003e \u003cp\u003eInto the \u003ci\u003e\/etc\/shadow \u003c\/i\u003e526\u003c\/p\u003e \u003cp\u003eDifferent Hash Types 530\u003c\/p\u003e \u003cp\u003eMD5 530\u003c\/p\u003e \u003cp\u003eSHA-1 531\u003c\/p\u003e \u003cp\u003eSHA-2 531\u003c\/p\u003e \u003cp\u003eSHA256 531\u003c\/p\u003e \u003cp\u003eSHA512 531\u003c\/p\u003e \u003cp\u003ebcrypt 531\u003c\/p\u003e \u003cp\u003eCRC16\/CRC32 532\u003c\/p\u003e \u003cp\u003ePBKDF2 532\u003c\/p\u003e \u003cp\u003eCollisions 533\u003c\/p\u003e \u003cp\u003ePseudo-hashing 533\u003c\/p\u003e \u003cp\u003eMicrosoft Hashes 535\u003c\/p\u003e \u003cp\u003eGuessing Passwords 537\u003c\/p\u003e \u003cp\u003eThe Art of Cracking 538\u003c\/p\u003e \u003cp\u003eRandom Number Generators 539\u003c\/p\u003e \u003cp\u003eSummary 540\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 15 Writing Reports 543\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhat is a Penetration Test Report? 544\u003c\/p\u003e \u003cp\u003eCommon Vulnerabilities Scoring System 545\u003c\/p\u003e \u003cp\u003eAttack Vector 545\u003c\/p\u003e \u003cp\u003eAttack Complexity 546\u003c\/p\u003e \u003cp\u003ePrivileges Required 546\u003c\/p\u003e \u003cp\u003eUser Interaction 547\u003c\/p\u003e \u003cp\u003eScope 547\u003c\/p\u003e \u003cp\u003eConfidentiality, Integrity, and Availability Impact 547\u003c\/p\u003e \u003cp\u003eReport Writing as a Skill 549\u003c\/p\u003e \u003cp\u003eWhat Should a Report Include? 549\u003c\/p\u003e \u003cp\u003eExecutive Summary 550\u003c\/p\u003e \u003cp\u003eTechnical Summary 551\u003c\/p\u003e \u003cp\u003eAssessment Results 551\u003c\/p\u003e \u003cp\u003eSupporting Information 552\u003c\/p\u003e \u003cp\u003eTaking Notes 553\u003c\/p\u003e \u003cp\u003eDradis Community Edition 553\u003c\/p\u003e \u003cp\u003eProofreading 557\u003c\/p\u003e \u003cp\u003eDelivery 558\u003c\/p\u003e \u003cp\u003eSummary 559\u003c\/p\u003e \u003cp\u003eIndex 561\u003c\/p\u003e","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407084396887,"sku":"9781119561453","price":28.0,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119561453.jpg?v=1730498123"},{"product_id":"ceh-v11-certified-ethical-hacker-study-guide-practice-tests-set-9781119825395","title":"CEH v11 Certified Ethical Hacker Study Guide","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eMaster CEH v11 and identify your weak spots  As protecting information continues to be a growing concern for today's businesses, certifications in IT security have become highly desirable, even as the number of certifications has grown. Now you can set yourself apart with the Certified Ethical Hacker (CEH v11) certification. CEH v11 Certified Ethical Hacker Study Guide and Practice Tests Set provides you with all of the technical review you need of CEH skills PLUS SEVEN practice tests to prove your readiness for exam day.    About the CEH v11 Certified Ethical Hacker Study Guide The CEH v11 Certified Ethical Hacker Study Guide offers a comprehensive overview of the CEH certification requirements using concise and easy-to-follow instructions. Chapters are organized by exam objective, with a handy section that maps each objective to its corresponding chapter, so you can keep track of your progress. The text provides thorough coverage of all topics, along with challenging chapter review q","brand":"John Wiley \u0026 Sons Inc","offers":[{"title":"Default Title","offer_id":49407164023127,"sku":"9781119825395","price":46.0,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781119825395.jpg?v=1730498395"},{"product_id":"crypto-wars-9781398600690","title":"Crypto Wars","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eErica Stanford \u003c\/b\u003eis a crypto and future of money expert. The founder and CEO of the UK's most recommended crypto networking and events organization, Crypto Curry Club, she publishes the weekly Crypto Currier industry newsletter as well as \u003ci\u003eBlockchain Industry Review\u003c\/i\u003e. The advisor to several crypto start-ups, she is an in-demand speaker and commentator on the potential and use cases of digital currencies. She is the guest associate lecturer in cryptocurrency at Warwick Business School and has featured in \u003ci\u003eThe Express, Finance News, Coin Rivet \u003c\/i\u003eand on the BBC. She is based in London, England.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\"An accessible guide to the confusing and fast-growing world of crypto scams. If you're thinking of investing in cryptocurrency, read this first!\" * Jamie Bartlett, host of BBC podcast The Missing Cryptoqueen, author of The People Vs Tech, The Dark Net, Radicals and The Missing Cryptoqueen, presenter and journalist *\u003cbr\u003e\"Crypto has proved the quickest get-rich scheme in all history. Unfortunately, the easiest people to rip off are those hoping to get rich quick, so scam after inevitable scam has preyed on the sector. \u003cb\u003eErica Stanford's\u003c\/b\u003e page turner tells their bitter, but compelling stories.\" * Dominic Frisby, comedian, actor, MoneyWeek columnist and author of Daylight Robbery *\u003cbr\u003e\"\u003cb\u003eErica Stanford\u003c\/b\u003e covers everything that is oh so wrong and oh so right about the transformational world of cryptocurrencies. Prepare to laugh, cringe or be spooked. This book combines technology, business, mystery, fantasy and popular culture in a fascinating and enlightening way. And the best part: it's all true.\" * Anthony Day, Blockchain Partner, IBM, and host of Blockchain Won’t Save the World podcast *\u003cbr\u003e\"Fascinating read on the boom days of crypto's Initial Coin Offerings, analysing the hype that threatened to overshadow the technology. \u003cb\u003eErica Stanford\u003c\/b\u003e captures the mood and energy of the time in this greatly entertaining and insightful work.\" * Caroline Casey, Vice President, Innovation and Consumer Experience, Europe, Mastercard *\u003cbr\u003e\"In what other book could you read about the biggest Ponzi schemes in the world, espionage, an $800 billion bubble, fake death, cryptoqueens, gambling and porn - literally 50 shades of the dodgiest grey with regulators and the FBI in hot pursuit? \u003cb\u003eErica Stanford\u003c\/b\u003e brilliantly analyses the future of crypto in a world where the real future including security-backed tokens and CBDC's is only just beginning.\" * Bob Wigley, Chair UK Finance, Co-Chair, Cross Market Operational Resilience Group, Bank of England, Board Member, DIT and UK Home Office, NED, adjunct professor and author of Born Digital *\u003cbr\u003e\"The is a marvellous romp through the crazy world of cryptocurrency and its wackier elements. But as well as the fun, we get a glimpse into what might one day give the global financial system a run for its money.\" * Mike Butcher MBE, Editor-at-Large, TechCrunch *\u003cbr\u003e\"\u003cb\u003e\u003ci\u003eCrypto Wars\u003c\/i\u003e\u003c\/b\u003e is a fascinating and gripping account of human nature and its demons emerging from the frontiers of the crypto economy. It is mandatory reading for investors, regulators and builders of our financial future\" * Lex Sokolin, fintech futurist and philosopher, Founder, The Fintech Blueprint, and Head Economist, ConsenSys *\u003cbr\u003e\"This book is essential reading, especially for anyone thinking of dipping even their little toe into cryptocurrency.\" * Sara Vaughan, innovator and creator of global brands with purpose, positive change maker *\u003cbr\u003e\"\u003cb\u003e\u003ci\u003eErica Stanford\u003c\/i\u003e\u003c\/b\u003e takes readers through the complicated history of crypto hacks, scams and pump and dump schemes with such vivid detail and engaging narrative, you'll find it hard to put the book down.\" * Leslie Lamb, Head of Institutional Sales, Amber Group, and host of the Crypto Unstacked podcast *\u003cbr\u003e\"As the market booms it's timely that someone has done justice to the extraordinary story of crypto - this unputdownable book captures the fun and the ups and the downs. It's a mesmeric read.\" * Charlie Kerrigan, Partner and Global Head of Fintech, CMS *\u003cbr\u003e\"\u003cb\u003eErica Stanford's\u003c\/b\u003e entertaining exploration of the world of scams, grifts, frauds and fantasies serves as a reminder that while on the one hand there is nothing new under the sun, on the other hand we have barely begun to understand the impact of cryptocurrency.\" * David Birch, author of The Currency Cold War and international adviser and commentator on digital financial services *","brand":"Kogan Page Ltd","offers":[{"title":"Default Title","offer_id":49407731695959,"sku":"9781398600690","price":45.6,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781398600690.jpg?v=1730500352"},{"product_id":"fintech-wars-9781398617025","title":"Fintech Wars","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eJames da Costa\u003c\/b\u003e is the co-founder and COO of digital bank, Fingo. He is a researcher at Stanford University's Digital Economy Lab and a guest lecturer at the University of Warwick. He is an expert and leading voice in the Fintech space and has been recognized as a Forbes 30 Under 30 and an MIT Innovator Under 35.\u003cb\u003e \u003c\/b\u003eHe is a Diana Award recipient and is a Bill \u0026amp; Melinda Gates Foundation Goalkeeper. He is based in San Francisco, USA.","brand":"Kogan Page","offers":[{"title":"Default Title","offer_id":49407751291223,"sku":"9781398617025","price":13.49,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781398617025.jpg?v=1730500405"},{"product_id":"deconstruction-machines-writing-in-the-age-of-cyberwar-9781517902513","title":"Deconstruction Machines: Writing in the Age of","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eA bold new theory of cyberwar argues that militarized hacking is best understood as a form of deconstruction\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e From shadowy attempts to steal state secrets to the explosive destruction of Iranian centrifuges, cyberwar has been a vital part of statecraft for nearly thirty years. But although computer-based warfare has been with us for decades, it has changed dramatically since its emergence in the 1990s, and the pace of change is accelerating.\u003c\/p\u003e\u003cp\u003eIn \u003ci\u003eDeconstruction Machines\u003c\/i\u003e, Justin Joque inquires into the fundamental nature of cyberwar through a detailed investigation of what happens at the crisis points when cybersecurity systems break down and reveal their internal contradictions. He concludes that cyberwar is best envisioned as a series of networks whose constantly shifting connections shape its very possibilities. He ultimately envisions cyberwar as a form of writing, advancing the innovative thesis that cyber attacks should be seen as a militarized form of deconstruction in which computer programs are systems that operate within the broader world of texts. \u003c\/p\u003e\u003cp\u003eThroughout, Joque addresses hot-button subjects such as technological social control and cyber-resistance entities like Anonymous and Wikileaks while also providing a rich, detailed history of cyberwar. \u003ci\u003eDeconstruction Machines\u003c\/i\u003e provides a necessary new interpretation of deconstruction and timely analysis of media, war, and technology. \u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\"Deconstruction machines provides a powerful insight into how cyberwar serves to militarize writing, threatens civic infrastructure and thereby brings war into the code and software that governs our everyday lives.\" —\u003ci\u003eInternational Affairs\u003c\/i\u003e\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eContents\u003cbr\u003eForeword\u003cbr\u003eCatherine Malabou\u003cbr\u003eAcknowledgments\u003cbr\u003eIntroduction: Root Kit\u003cbr\u003e1. Buffer Overflow: The Space and Time of Cyberwar\u003cbr\u003e2. Injection Attack: Writing and the Information Catastrophe\u003cbr\u003e3. Distributed Denial of Service: Cybernetic Sovereignty\u003cbr\u003e4. Spear Phishing: Nodal Subjects\u003cbr\u003eConclusion: Firmware Vulnerabilities\u003cbr\u003eNotes\u003cbr\u003eIndex\u003cbr\u003e\u003c\/p\u003e","brand":"University of Minnesota Press","offers":[{"title":"Default Title","offer_id":49409696137559,"sku":"9781517902513","price":77.6,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781517902513.jpg?v=1730507712"},{"product_id":"deconstruction-machines-writing-in-the-age-of-cyberwar-9781517902520","title":"Deconstruction Machines: Writing in the Age of","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eA bold new theory of cyberwar argues that militarized hacking is best understood as a form of deconstruction\u003c\/b\u003e\u003cbr\u003e\u003cbr\u003e From shadowy attempts to steal state secrets to the explosive destruction of Iranian centrifuges, cyberwar has been a vital part of statecraft for nearly thirty years. But although computer-based warfare has been with us for decades, it has changed dramatically since its emergence in the 1990s, and the pace of change is accelerating.\u003c\/p\u003e\u003cp\u003eIn \u003ci\u003eDeconstruction Machines\u003c\/i\u003e, Justin Joque inquires into the fundamental nature of cyberwar through a detailed investigation of what happens at the crisis points when cybersecurity systems break down and reveal their internal contradictions. He concludes that cyberwar is best envisioned as a series of networks whose constantly shifting connections shape its very possibilities. He ultimately envisions cyberwar as a form of writing, advancing the innovative thesis that cyber attacks should be seen as a militarized form of deconstruction in which computer programs are systems that operate within the broader world of texts. \u003c\/p\u003e\u003cp\u003eThroughout, Joque addresses hot-button subjects such as technological social control and cyber-resistance entities like Anonymous and Wikileaks while also providing a rich, detailed history of cyberwar. \u003ci\u003eDeconstruction Machines\u003c\/i\u003e provides a necessary new interpretation of deconstruction and timely analysis of media, war, and technology. \u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\"Deconstruction machines provides a powerful insight into how cyberwar serves to militarize writing, threatens civic infrastructure and thereby brings war into the code and software that governs our everyday lives.\" —\u003ci\u003eInternational Affairs\u003c\/i\u003e\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eContents\u003cbr\u003eForeword\u003cbr\u003eCatherine Malabou\u003cbr\u003eAcknowledgments\u003cbr\u003eIntroduction: Root Kit\u003cbr\u003e1. Buffer Overflow: The Space and Time of Cyberwar\u003cbr\u003e2. Injection Attack: Writing and the Information Catastrophe\u003cbr\u003e3. Distributed Denial of Service: Cybernetic Sovereignty\u003cbr\u003e4. Spear Phishing: Nodal Subjects\u003cbr\u003eConclusion: Firmware Vulnerabilities\u003cbr\u003eNotes\u003cbr\u003eIndex\u003cbr\u003e\u003c\/p\u003e","brand":"University of Minnesota Press","offers":[{"title":"Default Title","offer_id":49409696170327,"sku":"9781517902520","price":20.69,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781517902520.jpg?v=1730507713"},{"product_id":"democracy-hacked-political-turmoil-and-information-warfare-in-the-digital-age-9781786074089","title":"Democracy Hacked: Political Turmoil and","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIn the space of one election cycle, authoritarian governments, moneyed elites and fringe hackers figured out how to game elections, bypass democratic processes, and turn social networks into battlefields. Facebook, Google and Twitter – where our politics now takes place – have lost control and are struggling to claw it back.\u003c\/p\u003e  \u003cp\u003ePrepare for a new strain of democracy. A world of datafied citizens, real-time surveillance, enforced wellness and pre-crime. Where switching your mobile platform will have more impact on your life than switching your government. Where freedom and privacy are seen as incompatible with social wellbeing and compulsory transparency.\u003c\/p\u003e  \u003cp\u003eAs our lives migrate online, we have become increasingly vulnerable to digital platforms founded on selling your attention to the highest bidder. Our laws don’t cover what is happening and our politicians don’t understand it. But if we don’t change the system now, we may not get another chance.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e‘Excellent.’\u003c\/p\u003e * \u003ci\u003eNew Statesman\u003c\/i\u003e *\u003cbr\u003e\u003cp\u003e‘\u003cem\u003eDemocracy Hacked\u003c\/em\u003e gets beyond the headlines – a compelling, informed and highly readable account of how democracy is being disrupted by the tech revolution, and what can be done to get us back on track. One of the best expositions I’ve read yet of what is the biggest political challenge of our generation.’\u003c\/p\u003e -- Jamie Bartlett, author of \u003ci\u003eThe People Vs Tech\u003c\/i\u003e and \u003ci\u003eThe Dark Net\u003c\/i\u003e\u003cbr\u003e\u003cp\u003e‘Enormously wide-ranging and deeply researched, this is the definitive account of how digital technology has changed the entire political landscape, with profound consequences for democracy. From Brexit to Trump, and from Estonia to the Philippines, Martin Moore uncovers the real stories behind the fake ones. You’ll discover that the truth is often stranger than fiction and that the future is more open than you think.’\u003c\/p\u003e -- David Runciman, author of \u003ci\u003eHow Democracy Ends\u003c\/i\u003e\u003cbr\u003e\u003cp\u003e‘The world is belatedly waking up to some frightening realities about the intersection of digital technologies and the health of democracies. Martin Moore’s book is a sharp wake-up call – ambitious in its sweep and urgent in its important message.’\u003c\/p\u003e -- Alan Rusbridger, author of \u003ci\u003eBreaking News\u003c\/i\u003e\u003cbr\u003e\u003cp\u003e‘Eye-opening… An important, timely, and clearly written look at a crucial subject.’\u003c\/p\u003e * \u003ci\u003eBooklist\u003c\/i\u003e *\u003cbr\u003e\u003cp\u003e‘Moore demonstrates how data has affected elections across the world, in the Philippines, Turkey, India, Iran, Britain and beyond... Engrossing, instructive, and urgently necessary.’\u003c\/p\u003e * \u003ci\u003eKirkus\u003c\/i\u003e *","brand":"Oneworld Publications","offers":[{"title":"Default Title","offer_id":49412256596311,"sku":"9781786074089","price":16.14,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781786074089.jpg?v=1730516167"},{"product_id":"conquer-the-web-the-ultimate-cybersecurity-guide-9781787198623","title":"Conquer the Web: The Ultimate Cybersecurity Guide","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eThis is the ultimate guide to protect your data on the web. From passwords to opening emails, everyone knows what they should do but do you do it?\u003c\/b\u003e\u003cp\u003e\u003cb\u003e''A must read for anyone looking to upskill their cyber awareness''\u003c\/b\u003e Steve Durbin, Managing Director, Information Security Forum\u003c\/p\u003e\u003cp\u003eTons of malicious content floods the internet which can compromise your system and your device, be it your laptop, tablet or phone.\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eHow often do you make payments online?\u003c\/li\u003e\n\u003cli\u003eDo you have children and want to ensure they stay safe online?\u003c\/li\u003e\n\u003cli\u003eHow often do you sit at a coffee shop and log onto their free WIFI?\u003c\/li\u003e\n\u003cli\u003eHow often do you use social media on the train or bus?\u003c\/li\u003e\n\u003c\/ul\u003e\u003cp\u003eIf you believe using an antivirus software will keep devices safe... you are wrong. This book will guide you and provide solutions to avoid common mistakes and to combat cyber attacks.\u003c\/p\u003e\u003cp\u003eThis Guide covers areas such as:\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eBuilding resilience into our IT Lifestyle\u003c\/li\u003e\n\u003cli\u003eOnline Identity\u003c\/li\u003e\n\u003cli\u003eCyber Abuse: Scenarios and Stories\u003c\/li\u003e\n\u003cli\u003eProtecting Devices\u003c\/li\u003e\n\u003cli\u003eDownload and share\u003c\/li\u003e\n\u003cli\u003eGaming, gamble and travel\u003c\/li\u003e\n\u003cli\u003eCopycat websites\u003c\/li\u003e\n\u003cli\u003eI Spy and QR Codes\u003c\/li\u003e\n\u003cli\u003eBanking, apps and Passwords\u003c\/li\u003e\n\u003c\/ul\u003e\u003cp\u003e\u003ci\u003eIncludes chapers from Nick Wilding, General Manager at AXELOS, Tim Mitchell, Content Director at Get Safe Online, Maureen Kendal, Director at Cybercare, Nick Ioannou, Founder of Boolean Logical, and CYBERAWARE.\u003c\/i\u003e\u003c\/p\u003e\u003cp\u003e\u003ci\u003e''Conquer the Web is a full and comprehensive read for anyone wanting to know more about cyber-security. It takes it time to explain the many acronyms and jargon that are associated with our industry, and goes into detail where necessary.''\u003c\/i\u003e\u003cb\u003e Sarah Jane MD of Layer8 Ltd\u003c\/b\u003e\u003c\/p\u003e\u003cp\u003e\u003ci\u003e''Online fraud, cyber bullying, identity theft and these are the unfortunate by products of the cyber age. The challenge is how do we protect ourselves in the online world?  Conquer the Web provides practical guidance in an easy to understand language that allows readers to take a small number of steps that will greatly increase their online security.  A must read for anyone looking to upskill their cyber awareness.''\u003c\/i\u003e\u003cb\u003e Steve Durbin MD of Information Security Forum Limited\u003c\/b\u003e\u003c\/p\u003e","brand":"Legend Press Ltd","offers":[{"title":"Default Title","offer_id":49412398383447,"sku":"9781787198623","price":13.49,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781787198623.jpg?v=1730516634"},{"product_id":"dot-cons-9781843920014","title":"Dot.cons","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eCyberspace opens up infinitely new possibilities to the deviant imagination. With access to the Internet and sufficient know-how you can, if you are so inclined, buy a bride, cruise gay bars, go on a global shopping spree with someone else's credit card, break into a bank's security system, plan a demonstration in another country and hack into the Pentagon − all on the same day. In more than any other medium, time and place are transcended, undermining the traditional relationship between physical context and social situation. \u003c\/p\u003e\u003cp\u003eThis book crosses the boundaries of sociological, criminological and cultural discourse in order to explore the implications of these massive transformations in information and communication technologies for the growth of criminal and deviant identities and behaviour on the Internet. This is a book not about computers, nor about legal controversies over the regulation of cyberspace, but about people and the new patterns of human identity, behaviour and association that are emerging as a result of the communications revolution.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e1. Crime, deviance and the disembodied self: transcending the dangers of corporeality 2. Policing the Net: crime, regulation and surveillance in cyberspace 3. Cyberpunters and cyberwhores: prostitution on the Internet 4. The electronic cloak: secret sexual deviance in cybersociety 5. Cyber-chattels: buying brides and babies on the Net 6. What a tangled web we weave: identity theft and the Internet 7. Cyberstalking: an international perspective 8. Maestros or misogynists? Gender and the social construction of hacking 9. Digital counter-cultures and the nature of electronic social and political movements 10. Investigating cybersociety: a consideration of the ethical and practical issues surrounding online research in chat rooms\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":49413460394327,"sku":"9781843920014","price":99.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781843920014.jpg?v=1730520235"},{"product_id":"computer-misuse-response-regulation-and-the-law-9781843923800","title":"Computer Misuse: Response, Regulation and the Law","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eThis book is concerned with the nature of computer misuse and the legal and extra-legal responses to it. It explores what is meant by the term 'computer misuse' and charts its emergence as a problem as well as its expansion in parallel with the continued progression in computing power, networking, reach and accessibility. In doing so, it surveys the attempts of the domestic criminal law to deal with some early manifestations of computer misuse and the consequent legislative passage of the Computer Misuse Act 1990. \u003c\/p\u003e\u003cp\u003eThis book will be of interest to students of IT law as well as to sociologists and criminologists, and those who have a professional concern with preventing computer misuse and fraud.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\u003cstrong\u003e'Provides a comprehensive, valuable and timely critical review of the legal and extra-legal governance of computer misuse.' \u003c\/strong\u003e\u003cem\u003e− Professor Martin Wasik CBE, Keele University\u003c\/em\u003e\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e1. Introduction \u003cstrong\u003ePart 1: Constructing the Problem of Computer Misuse \u003c\/strong\u003e 2. The Emergence of the Problem of Computer Misuse 3. The Evolution of the Problem of Computer Misuse 4. Computer Misuse and the Criminal Law \u003cstrong\u003ePart 2: The Governance of Computer Misuse \u003c\/strong\u003e 5. The Risk of Computer Misuse and its Governance 6. The Legal Governance of Computer Misuse: Beyond the Domestic Criminal Law 7. The Extra-legal Governance of Computer Misuse \u003cstrong\u003ePart 3: Examining the Solution\u003c\/strong\u003e 8. The Constellation of Control\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":49413461049687,"sku":"9781843923800","price":130.0,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781843923800.jpg?v=1730520237"},{"product_id":"cybercrime-prevention-theory-and-applications-9783030310684","title":"Cybercrime Prevention: Theory and Applications","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eThis book articulates how crime prevention research and practice can be reimagined for an increasingly digital world. This ground-breaking work explores how criminology can apply longstanding, traditional crime prevention techniques to the digital realm. It provides an overview of the key principles, concepts and research literature associated with crime prevention, and discusses the interventions most commonly applied to crime problems. The authors review the theoretical underpinnings of these and analyses evidence for their efficacy. \u003ci\u003eCybercrime Prevention\u003c\/i\u003e is split into three sections which examine primary prevention, secondary prevention and tertiary prevention. It provides a thorough discussion of what works and what does not, and offers a formulaic account of how traditional crime prevention interventions can be reimagined to apply to the digital realm. \u003cbr\u003e                 \u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e \u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eSeries Editor Preface\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 1: SETTING THE SCENE\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eApproaches to crime prevention\u003c\/p\u003e\u003cbr\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eFactors associated with cyber-dependent offending\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eParameters of the review\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eOverview of the book\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003ePART I: PRIMARY FORMS OF PREVENTION\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 2: SITUATIONAL CRIME PREVENTION\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 3: UNIVERSAL COMMUNICATION STRATEGIES\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003ePART II: SECONDARY FORMS OF PREVENTION\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 4: EDUCATIONAL WORKSHOPS\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003eFuture applications and adaptations to digital contexts\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 5: MENTORING PROGRAMS\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 6: TARGETED WARNINGS AND POLICE CAUTIONS\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003eTheoretical underpinnings of the intervention\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cbr\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003ePART III: TERTIARY FORMS OF PREVENTION\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 7: POSITIVE DIVERSIONS\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 8: RESTORATIVE JUSTICE\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cbr\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eTheoretical underpinnings of the intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCurrent applications\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eEvidence base for intervention\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eFuture applications and adaptations to digital contexts\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCHAPTER 9: DESIGNING AND EVALUATING CRIME PREVENTION SOLUTIONS FOR THE DIGITAL AGE\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eNavigating the cybercrime intervention minefield\u003c\/p\u003e\u003cbr\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eSelecting the appropriate study design\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eSourcing the best possible data\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eBeing attentive to ethical issues\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eAcknowledging generalisability concerns\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eCharting a path forward for researchers and practitioners\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eReferences\u003c\/p\u003e\u003cbr\u003e\u003cp\u003e\u003c\/p\u003e","brand":"Springer Nature Switzerland AG","offers":[{"title":"Default Title","offer_id":49415617642839,"sku":"9783030310684","price":52.24,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9783030310684.jpg?v=1730527532"},{"product_id":"hacken-fur-dummies-9783527717958","title":"Hacken für Dummies","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eUm einen Hacker zu überlisten, müssen Sie sich in dessen Denkweise hineinversetzen. Deshalb lernen Sie mit diesem Buch, wie ein Bösewicht zu denken. Der Fachmann für IT-Sicherheit Kevin Beaver teilt mit Ihnen sein Wissen über Penetrationstests und typische Schwachstellen in IT-Systemen. Er zeigt Ihnen, wo Ihre Systeme verwundbar sein könnten, sodass Sie im Rennen um die IT-Sicherheit die Nase vorn behalten. Denn nur wenn Sie die Schwachstellen in Ihren Systemen kennen, können Sie sich richtig dagegen schützen und die Hacker kommen bei Ihnen nicht zum Zug! \u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eÜber den Autor 9\u003c\/p\u003e \u003cp\u003e\u003cb\u003eEinführung\u003c\/b\u003e \u003cb\u003e23\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eÜber dieses Buch 24\u003c\/p\u003e \u003cp\u003eTörichte Annahmen über den Leser 24\u003c\/p\u003e \u003cp\u003eSymbole, die in diesem Buch verwendet werden 25\u003c\/p\u003e \u003cp\u003eWie es weitergeht 25\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil I: Den Grundstock für Sicherheitstests legen\u003c\/b\u003e \u003cb\u003e27\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 1 Einführung in Schwachstellen- und Penetrationstests 29\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBegriffserklärungen 29\u003c\/p\u003e \u003cp\u003e»Hacker« 30\u003c\/p\u003e \u003cp\u003e»Böswillige Benutzer« 31\u003c\/p\u003e \u003cp\u003eWie aus arglistigen Angreifern ethische Hacker werden 32\u003c\/p\u003e \u003cp\u003eEthisches Hacken im Vergleich zur Auditierung 32\u003c\/p\u003e \u003cp\u003eBetrachtungen zu Richtlinien 33\u003c\/p\u003e \u003cp\u003eCompliance und regulatorische Aspekte 33\u003c\/p\u003e \u003cp\u003eWarum eigene Systeme hacken? 33\u003c\/p\u003e \u003cp\u003eDie Gefahren verstehen, denen Ihre Systeme ausgesetzt sind 34\u003c\/p\u003e \u003cp\u003eNicht-technische Angriffe 35\u003c\/p\u003e \u003cp\u003eAngriffe auf Netzwerkinfrastrukturen 35\u003c\/p\u003e \u003cp\u003eAngriffe auf Betriebssysteme 36\u003c\/p\u003e \u003cp\u003eAngriffe auf Anwendungen und spezielle Funktionen 36\u003c\/p\u003e \u003cp\u003ePrinzipien bei Sicherheitsbewertungen 36\u003c\/p\u003e \u003cp\u003eEthisch arbeiten 37\u003c\/p\u003e \u003cp\u003eDie Privatsphäre respektieren 37\u003c\/p\u003e \u003cp\u003eBringen Sie Ihre Systeme nicht zum Absturz 38\u003c\/p\u003e \u003cp\u003eDie Arbeitsabläufe bei Schwachstellen- und Penetrationstests 38\u003c\/p\u003e \u003cp\u003eDie Planformulierung 39\u003c\/p\u003e \u003cp\u003eDie Auswahl von Werkzeugen 41\u003c\/p\u003e \u003cp\u003ePlanumsetzung 43\u003c\/p\u003e \u003cp\u003eErgebnisauswertung 43\u003c\/p\u003e \u003cp\u003eWie es weitergeht 44\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 2 Die Denkweise von Hackern nachvollziehen\u003c\/b\u003e \u003cb\u003e45\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIhre Gegenspieler 45\u003c\/p\u003e \u003cp\u003eWer in Computersysteme einbricht 48\u003c\/p\u003e \u003cp\u003eHacker mit unterschiedlichen Fähigkeiten 48\u003c\/p\u003e \u003cp\u003eDie Motivation der Hacker 49\u003c\/p\u003e \u003cp\u003eWarum machen sie das? 50\u003c\/p\u003e \u003cp\u003eAngriffe planen und ausführen 53\u003c\/p\u003e \u003cp\u003eAnonymität wahren 55\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 3 Einen Plan für Ihre Sicherheitstests entwickeln 57\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eZielsetzungen festlegen 57\u003c\/p\u003e \u003cp\u003eFestlegen, welche Systeme getestet werden sollen 60\u003c\/p\u003e \u003cp\u003eTeststandards formulieren 62\u003c\/p\u003e \u003cp\u003eZeitpläne für Ihre Tests festlegen 63\u003c\/p\u003e \u003cp\u003eSpezifische Tests ausführen 63\u003c\/p\u003e \u003cp\u003eTests blind oder mit Hintergrundwissen durchführen 65\u003c\/p\u003e \u003cp\u003eStandortauswahl 65\u003c\/p\u003e \u003cp\u003eAuf entdeckte Schwachstellen reagieren 66\u003c\/p\u003e \u003cp\u003eTörichte Annahmen 66\u003c\/p\u003e \u003cp\u003eWerkzeuge für Sicherheitsgutachten auswählen 67\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 4 Die Methodik des Hackens\u003c\/b\u003e \u003cb\u003e69\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDie Bühne für das Testen vorbereiten 69\u003c\/p\u003e \u003cp\u003eSehen, was andere sehen 71\u003c\/p\u003e \u003cp\u003eSysteme scannen 72\u003c\/p\u003e \u003cp\u003eHosts 73\u003c\/p\u003e \u003cp\u003eOffene Ports 73\u003c\/p\u003e \u003cp\u003eFeststellen, was über offene Ports läuft 74\u003c\/p\u003e \u003cp\u003eSchwachstellen bewerten 76\u003c\/p\u003e \u003cp\u003eIn das System eindringen 78\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil II: Erste Sicherheitstests durchführen 79\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 5 Daten sammeln 81\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eÖffentlich verfügbare Daten sammeln 81\u003c\/p\u003e \u003cp\u003eSoziale Medien 81\u003c\/p\u003e \u003cp\u003eSuche im Web 82\u003c\/p\u003e \u003cp\u003eWebcrawler 83\u003c\/p\u003e \u003cp\u003eWebsites 84\u003c\/p\u003e \u003cp\u003eNetzwerkstrukturen abbilden 84\u003c\/p\u003e \u003cp\u003eWhois 85\u003c\/p\u003e \u003cp\u003eDatenschutzrichtlinien 86\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 6 Social Engineering\u003c\/b\u003e \u003cb\u003e87\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEine Einführung in Social Engineering 87\u003c\/p\u003e \u003cp\u003eErste Tests im Social Engineering 88\u003c\/p\u003e \u003cp\u003eWarum Social Engineering für Angriffe genutzt wird 89\u003c\/p\u003e \u003cp\u003eDie Auswirkungen verstehen 90\u003c\/p\u003e \u003cp\u003eVertrauen aufbauen 91\u003c\/p\u003e \u003cp\u003eDie Beziehung ausnutzen 92\u003c\/p\u003e \u003cp\u003eSocial-Engineering-Angriffe durchführen 94\u003c\/p\u003e \u003cp\u003eEin Ziel festlegen 95\u003c\/p\u003e \u003cp\u003eInformationen suchen 95\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Social Engineering 99\u003c\/p\u003e \u003cp\u003eRichtlinien 99\u003c\/p\u003e \u003cp\u003eAufmerksamkeit und Schulung der Nutzer 100\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 7 Physische Sicherheit\u003c\/b\u003e \u003cb\u003e103\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGrundlegende physische Sicherheitsschwachstellen identifizieren 104\u003c\/p\u003e \u003cp\u003ePhysische Schwachstellen in den eigenen Büros aufspüren 105\u003c\/p\u003e \u003cp\u003eGebäudeinfrastruktur 105\u003c\/p\u003e \u003cp\u003eVersorgung 107\u003c\/p\u003e \u003cp\u003eRaumgestaltung und Nutzung der Büros 108\u003c\/p\u003e \u003cp\u003eNetzwerkkomponenten und Computer 110\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 8 Kennwörter 115\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSchwachstellen bei Kennwörtern verstehen 116\u003c\/p\u003e \u003cp\u003eOrganisatorische Schwachstellen von Kennwörtern 116\u003c\/p\u003e \u003cp\u003eTechnische Schwachstellen bei Kennwörtern 117\u003c\/p\u003e \u003cp\u003eKennwörter knacken 118\u003c\/p\u003e \u003cp\u003eKennwörter auf herkömmliche Weise knacken 118\u003c\/p\u003e \u003cp\u003eKennwörter technisch anspruchsvoll ermitteln 121\u003c\/p\u003e \u003cp\u003eKennwortgeschützte Dateien knacken 130\u003c\/p\u003e \u003cp\u003eWeitere Optionen, an Kennwörter zu gelangen 132\u003c\/p\u003e \u003cp\u003eMit schlechten Kennwörtern ins Unheil 136\u003c\/p\u003e \u003cp\u003eAllgemeine Gegenmaßnahmen beim Knacken von Kennwörtern 137\u003c\/p\u003e \u003cp\u003eKennwörter speichern 138\u003c\/p\u003e \u003cp\u003eKennwortrichtlinien erstellen 138\u003c\/p\u003e \u003cp\u003eAndere Gegenmaßnahmen ergreifen 140\u003c\/p\u003e \u003cp\u003eBetriebssysteme sichern 141\u003c\/p\u003e \u003cp\u003eWindows 141\u003c\/p\u003e \u003cp\u003eLinux und Unix 142\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil III: Netzwerkhosts hacken\u003c\/b\u003e \u003cb\u003e143\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 9 Netzwerkinfrastruktur 145\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSchwachstellen der Netzwerkinfrastruktur 146\u003c\/p\u003e \u003cp\u003eWerkzeuge auswählen 147\u003c\/p\u003e \u003cp\u003eScanner und Analysatoren 147\u003c\/p\u003e \u003cp\u003eSchwachstellenbestimmung 148\u003c\/p\u003e \u003cp\u003eDas Netzwerk scannen und durchwühlen 148\u003c\/p\u003e \u003cp\u003ePortscans 149\u003c\/p\u003e \u003cp\u003eSNMP scannen 155\u003c\/p\u003e \u003cp\u003eBanner-Grabbing 157\u003c\/p\u003e \u003cp\u003eFirewall-Regeln testen 158\u003c\/p\u003e \u003cp\u003eNetzwerkdaten untersuchen 160\u003c\/p\u003e \u003cp\u003eDer Angriff auf die MAC-Adresse 166\u003c\/p\u003e \u003cp\u003eDenial-of-Service-Angriffe testen 173\u003c\/p\u003e \u003cp\u003eBekannte Schwachstellen von Routern, Switches und Firewalls erkennen 175\u003c\/p\u003e \u003cp\u003eUnsichere Schnittstellen ermitteln 175\u003c\/p\u003e \u003cp\u003eAspekte der Preisgabe von Daten durch SSL und TLS 176\u003c\/p\u003e \u003cp\u003eEinen allgemeinen Netzwerkverteidigungswall einrichten 176\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 10 Drahtlose Netzwerke\u003c\/b\u003e \u003cb\u003e179\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDie Folgen von WLAN-Schwachstellen verstehen 180\u003c\/p\u003e \u003cp\u003eDie Auswahl Ihrer Werkzeuge 180\u003c\/p\u003e \u003cp\u003eDrahtlose Netzwerke aufspüren 182\u003c\/p\u003e \u003cp\u003eSie werden weltweit erkannt 182\u003c\/p\u003e \u003cp\u003eLokale Funkwellen absuchen 183\u003c\/p\u003e \u003cp\u003eAngriffe auf WLANs erkennen und Gegenmaßnahmen ergreifen 185\u003c\/p\u003e \u003cp\u003eVerschlüsselter Datenverkehr 187\u003c\/p\u003e \u003cp\u003eWi-Fi Protected Setup 193\u003c\/p\u003e \u003cp\u003eDie drahtlosen Geräte von Schurken 195\u003c\/p\u003e \u003cp\u003eMAC-Spoofing 200\u003c\/p\u003e \u003cp\u003ePhysische Sicherheitsprobleme 204\u003c\/p\u003e \u003cp\u003eAngreifbare WLAN-Arbeitsstationen 205\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 11 Mobilgeräte\u003c\/b\u003e \u003cb\u003e207\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSchwachstellen von Mobilgeräten abschätzen 207\u003c\/p\u003e \u003cp\u003eKennwörter von Laptops knacken 208\u003c\/p\u003e \u003cp\u003eAuswahl der Werkzeuge 208\u003c\/p\u003e \u003cp\u003eGegenmaßnahmen anwenden 213\u003c\/p\u003e \u003cp\u003eTelefone, Smartphones und Tablets knacken 214\u003c\/p\u003e \u003cp\u003eiOS-Kennwörter knacken 215\u003c\/p\u003e \u003cp\u003eDisplay-Sperre bei Android-Geräten einrichten 219\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen das Knacken von Kennwörtern 219\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil IV: Betriebssysteme hacken\u003c\/b\u003e \u003cb\u003e221\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 12 Windows\u003c\/b\u003e \u003cb\u003e223\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWindows-Schwachstellen 224\u003c\/p\u003e \u003cp\u003eWerkzeugauswahl 225\u003c\/p\u003e \u003cp\u003eKostenlose Microsoft-Werkzeuge 225\u003c\/p\u003e \u003cp\u003eKomplettlösungen 226\u003c\/p\u003e \u003cp\u003eAufgabenspezifische Werkzeuge 226\u003c\/p\u003e \u003cp\u003eDaten über Ihre Windows-Systemschwachstellen sammeln 227\u003c\/p\u003e \u003cp\u003eDas System untersuchen 227\u003c\/p\u003e \u003cp\u003eNetBIOS 230\u003c\/p\u003e \u003cp\u003eNull-Sessions entdecken 233\u003c\/p\u003e \u003cp\u003eZuordnung, auch Mapping oder Einhängen 233\u003c\/p\u003e \u003cp\u003eInformationen sammeln 234\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Null-Session-Hacks 236\u003c\/p\u003e \u003cp\u003eFreigabeberechtigungen überprüfen 237\u003c\/p\u003e \u003cp\u003eWindows-Vorgaben 237\u003c\/p\u003e \u003cp\u003eTesten 238\u003c\/p\u003e \u003cp\u003eFehlende Patches nutzen 239\u003c\/p\u003e \u003cp\u003eMetasploit verwenden 241\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen das Ausnutzen fehlender Patches 245\u003c\/p\u003e \u003cp\u003eAuthentifizierte Scans ablaufen lassen 247\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 13 Linux und macOS\u003c\/b\u003e \u003cb\u003e249\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eLinux-Schwachstellen verstehen 250\u003c\/p\u003e \u003cp\u003eWerkzeugauswahl 250\u003c\/p\u003e \u003cp\u003eDaten über Ihre System-Schwachstellen unter Linux und macOS sammeln 251\u003c\/p\u003e \u003cp\u003eDas System durchsuchen 251\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen das Scannen des Systems 255\u003c\/p\u003e \u003cp\u003eNicht benötigte und unsichere Dienste ermitteln 256\u003c\/p\u003e \u003cp\u003eSuchläufe 256\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Angriffe auf nicht benötigte Dienste 258\u003c\/p\u003e \u003cp\u003eDie Dateien .rhosts und hosts.equiv schützen 260\u003c\/p\u003e \u003cp\u003eHacks, die die Dateien hosts.equiv und .rhosts verwenden 261\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Angriffe auf die Dateien .rhosts und hosts.equiv 262\u003c\/p\u003e \u003cp\u003eDie Sicherheit von NFS überprüfen 263\u003c\/p\u003e \u003cp\u003eNFS-Hacks 263\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Angriffe auf NFS 264\u003c\/p\u003e \u003cp\u003eDateiberechtigungen überprüfen 264\u003c\/p\u003e \u003cp\u003eDas Hacken von Dateiberechtigungen 264\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Angriffe auf Dateiberechtigungen 265\u003c\/p\u003e \u003cp\u003eSchwachstellen für Pufferüberläufe finden 266\u003c\/p\u003e \u003cp\u003eAngriffe 266\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Buffer-Overflow-Angriffe 266\u003c\/p\u003e \u003cp\u003ePhysische Sicherheitsmaßnahmen überprüfen 267\u003c\/p\u003e \u003cp\u003ePhysische Hacks 267\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen physische Angriffe auf die Sicherheit 267\u003c\/p\u003e \u003cp\u003eAllgemeine Sicherheitstests durchführen 268\u003c\/p\u003e \u003cp\u003eSicherheitsaktualisierungen für Linux 269\u003c\/p\u003e \u003cp\u003eAktualisierungen der Distributionen 270\u003c\/p\u003e \u003cp\u003eUpdate-Manager für mehrere Plattformen 270\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil V: Anwendungen hacken 271\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 14 Kommunikations- und Benachrichtigungssysteme 273\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGrundlagen der Schwachstellen bei Messaging-Systemen 273\u003c\/p\u003e \u003cp\u003eErkennung und Abwehr von E-Mail-Angriffen 274\u003c\/p\u003e \u003cp\u003eE-Mail-Bomben 274\u003c\/p\u003e \u003cp\u003eBanner 278\u003c\/p\u003e \u003cp\u003eSMTP-Angriffe 280\u003c\/p\u003e \u003cp\u003eDie besten Verfahren, Risiken bei E-Mails zu minimieren 290\u003c\/p\u003e \u003cp\u003eVoice over IP verstehen 292\u003c\/p\u003e \u003cp\u003eVoIP-Schwachstellen 292\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen VoIP-Schwachstellen 296\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 15 Webanwendungen und Apps für Mobilgeräte\u003c\/b\u003e \u003cb\u003e299\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDie Werkzeuge für Webanwendungen auswählen 300\u003c\/p\u003e \u003cp\u003eWeb-Schwachstellen auffinden 301\u003c\/p\u003e \u003cp\u003eVerzeichnis traversieren 301\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Directory Traversals 305\u003c\/p\u003e \u003cp\u003eEingabe-Filter-Angriffe 305\u003c\/p\u003e \u003cp\u003eMaßnehmen gegen Eingabeangriffe 313\u003c\/p\u003e \u003cp\u003eAngriffe auf Standardskripte 314\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen Angriffe auf Standardskripte 315\u003c\/p\u003e \u003cp\u003eUnsichere Anmeldeverfahren 316\u003c\/p\u003e \u003cp\u003eMaßnahmen gegen unsichere Anmeldesysteme 319\u003c\/p\u003e \u003cp\u003eAllgemeine Sicherheitsscans bei Webanwendungen durchführen 320\u003c\/p\u003e \u003cp\u003eRisiken bei der Websicherheit minimieren 321\u003c\/p\u003e \u003cp\u003eSicherheit durch Obskurität 321\u003c\/p\u003e \u003cp\u003eFirewalls einrichten 322\u003c\/p\u003e \u003cp\u003eQuellcode analysieren 323\u003c\/p\u003e \u003cp\u003eSchwachstellen von Apps für Mobilgeräte aufspüren 323\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 16 Datenbanken und Speichersysteme\u003c\/b\u003e \u003cb\u003e325\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDatenbanken untersuchen 325\u003c\/p\u003e \u003cp\u003eWerkzeuge wählen 326\u003c\/p\u003e \u003cp\u003eDatenbanken im Netzwerk finden 326\u003c\/p\u003e \u003cp\u003eDatenbankkennwörter knacken 327\u003c\/p\u003e \u003cp\u003eDatenbanken nach Schwachstellen durchsuchen 329\u003c\/p\u003e \u003cp\u003eBewährte Vorkehrungen zur Minimierung der\u003c\/p\u003e \u003cp\u003eicherheitsrisiken bei Datenbanken 329\u003c\/p\u003e \u003cp\u003eSicherheit für Speichersysteme 330\u003c\/p\u003e \u003cp\u003eWerkzeuge wählen 331\u003c\/p\u003e \u003cp\u003eSpeichersysteme im Netzwerk finden 331\u003c\/p\u003e \u003cp\u003eSensiblen Text in Netzwerkdateien aufspüren 332\u003c\/p\u003e \u003cp\u003eBewährte Vorgehensweisen zur Minimierung von Sicherheitsrisiken bei der Datenspeicherung 335\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil VI: Aufgaben nach den Sicherheitstests\u003c\/b\u003e \u003cb\u003e337\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 17 Die Ergebnisse präsentieren\u003c\/b\u003e \u003cb\u003e339\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDie Ergebnisse zusammenführen 339\u003c\/p\u003e \u003cp\u003eSchwachstellen Prioritäten zuweisen 341\u003c\/p\u003e \u003cp\u003eBerichterstellung 342\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 18 Sicherheitslücken beseitigen\u003c\/b\u003e \u003cb\u003e345\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBerichte zu Maßnahmen werden lassen 345\u003c\/p\u003e \u003cp\u003ePatchen für Perfektionisten 346\u003c\/p\u003e \u003cp\u003ePatch-Verwaltung 347\u003c\/p\u003e \u003cp\u003ePatch-Automatisierung 347\u003c\/p\u003e \u003cp\u003eSysteme härten 348\u003c\/p\u003e \u003cp\u003eDie Sicherheitsinfrastrukturen prüfen 349\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 19 Sicherheitsprozesse verwalten\u003c\/b\u003e \u003cb\u003e351\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDen Prozess der Sicherheitsbestimmung automatisieren 351\u003c\/p\u003e \u003cp\u003eBösartige Nutzung überwachen 352\u003c\/p\u003e \u003cp\u003eSicherheitsprüfungen auslagern 354\u003c\/p\u003e \u003cp\u003eDie sicherheitsbewusste Einstellung 356\u003c\/p\u003e \u003cp\u003eAuch andere Sicherheitsmaßnahmen nicht vernachlässigen 357\u003c\/p\u003e \u003cp\u003e\u003cb\u003eTeil VII: Der Top-Ten-Teil 359\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 20 Zehn Tipps für die Unterstützung der Geschäftsleitung\u003c\/b\u003e \u003cb\u003e361\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSorgen Sie für Verbündete und Geldgeber 361\u003c\/p\u003e \u003cp\u003eGeben Sie nicht den Aufschneider 361\u003c\/p\u003e \u003cp\u003eZeigen Sie, warum es sich das Unternehmen nicht leisten kann, gehackt zu werden 362\u003c\/p\u003e \u003cp\u003eBetonen Sie allgemeine Vorteile der Sicherheitstests 363\u003c\/p\u003e \u003cp\u003eZeigen Sie, wie insbesondere Sicherheitstests Ihrem Unternehmen helfen 363\u003c\/p\u003e \u003cp\u003eEngagieren Sie sich für das Unternehmen 364\u003c\/p\u003e \u003cp\u003eZeigen Sie sich glaubwürdig 364\u003c\/p\u003e \u003cp\u003eReden Sie wie ein Manager 364\u003c\/p\u003e \u003cp\u003eDemonstrieren Sie den Wert Ihrer Anstrengungen 365\u003c\/p\u003e \u003cp\u003eSeien Sie flexibel und anpassungsfähig 365\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 21 Zehn Gründe, warum nur Hacken effective Tests ermöglicht\u003c\/b\u003e \u003cb\u003e367\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eDie Schurken hegen böse Absichten, nutzen beste Werkzeuge und entwickeln neue Methoden 367\u003c\/p\u003e \u003cp\u003eEinhaltung von Vorschriften und Regeln bedeutet in der IT mehr als Prüfungen mit anspruchsvollen Checklisten 367\u003c\/p\u003e \u003cp\u003eSchwachstellen- und Penetrationstests ergänzen Audits und Sicherheitsbewertungen 368\u003c\/p\u003e \u003cp\u003eKunden und Partner interessiert die Sicherheit Ihrer Systeme 368\u003c\/p\u003e \u003cp\u003eDas Gesetz des Durchschnitts arbeitet gegen Ihr Unternehmen 368\u003c\/p\u003e \u003cp\u003eSicherheitsprüfungen verbessern das Verständnis für geschäftliche Bedrohungen 369\u003c\/p\u003e \u003cp\u003eBei Einbrüchen können Sie auf etwas zurückgreifen 369\u003c\/p\u003e \u003cp\u003eIntensive Tests enthüllen die schlechten Seiten Ihrer Systeme 370\u003c\/p\u003e \u003cp\u003eSie sind auf die Vorteile kombinierter Schwachstellen- und Penetrationstests angewiesen 370\u003c\/p\u003e \u003cp\u003eSorgfältiges Testen kann Schwachstellen aufdecken, die ansonsten vielleicht lange übersehen worden wären 370\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 22  Zehn tödliche Fehler\u003c\/b\u003e \u003cb\u003e371\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eKeine Genehmigung vorab einholen 371\u003c\/p\u003e \u003cp\u003eDavon ausgehen, dass im Testverlauf alle Schwachstellen gefunden werden 371\u003c\/p\u003e \u003cp\u003eAnzunehmen, alle Sicherheitslöcher beseitigen zu können 372\u003c\/p\u003e \u003cp\u003eTests nur einmal ausführen 372\u003c\/p\u003e \u003cp\u003eGlauben, alles zu wissen 372\u003c\/p\u003e \u003cp\u003eTests nicht aus der Sicht von Hackern betrachten 373\u003c\/p\u003e \u003cp\u003eDie falschen Systeme testen 373\u003c\/p\u003e \u003cp\u003eNicht die richtigen Werkzeuge verwenden 373\u003c\/p\u003e \u003cp\u003eSich zur falschen Zeit mit Produktivsystemen befassen 374\u003c\/p\u003e \u003cp\u003eTests Dritten überlassen und sich dann nicht weiter darum kümmern 374\u003c\/p\u003e \u003cp\u003e\u003cb\u003eKapitel 23 Anhang: Werkzeuge und Ressourcen\u003c\/b\u003e \u003cb\u003e375\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAllgemeine Hilfen 375\u003c\/p\u003e \u003cp\u003eAnspruchsvolle Malware 376\u003c\/p\u003e \u003cp\u003eBluetooth 376\u003c\/p\u003e \u003cp\u003eDatenbanken 376\u003c\/p\u003e \u003cp\u003eDoS-Schutz (Denial of Service) 377\u003c\/p\u003e \u003cp\u003eDrahtlose Netzwerke 377\u003c\/p\u003e \u003cp\u003eExploits 378\u003c\/p\u003e \u003cp\u003eGesetze und Vorschriften 378\u003c\/p\u003e \u003cp\u003eHacker-Zeugs 378\u003c\/p\u003e \u003cp\u003eKennwörter knacken 378\u003c\/p\u003e \u003cp\u003eKeylogger 379\u003c\/p\u003e \u003cp\u003eLinux 379\u003c\/p\u003e \u003cp\u003eLive-Toolkits 380\u003c\/p\u003e \u003cp\u003eMessaging 380\u003c\/p\u003e \u003cp\u003eMobil 380\u003c\/p\u003e \u003cp\u003eNetzwerke 381\u003c\/p\u003e \u003cp\u003ePatch-Management 382\u003c\/p\u003e \u003cp\u003eProtokollanalyse 383\u003c\/p\u003e \u003cp\u003eQuellcode-Analyse 383\u003c\/p\u003e \u003cp\u003eSchwachstellendatenbanken 383\u003c\/p\u003e \u003cp\u003eSocial Engineering und Phishing 384\u003c\/p\u003e \u003cp\u003eSpeicherung 384\u003c\/p\u003e \u003cp\u003eSysteme härten 384\u003c\/p\u003e \u003cp\u003eVerschiedenes 384\u003c\/p\u003e \u003cp\u003eVoice over IP 385\u003c\/p\u003e \u003cp\u003eWachsamkeit der Benutzer 385\u003c\/p\u003e \u003cp\u003eWebsites und Webanwendungen 385\u003c\/p\u003e \u003cp\u003eWindows 386\u003c\/p\u003e \u003cp\u003eWLAN 386\u003c\/p\u003e \u003cp\u003eWörterbuchdateien und Wortlisten 387\u003c\/p\u003e \u003cp\u003eZertifizierungen 388\u003c\/p\u003e \u003cp\u003eStichwortverzeichnis 389\u003c\/p\u003e","brand":"Wiley-VCH Verlag GmbH","offers":[{"title":"Default Title","offer_id":49419474239831,"sku":"9783527717958","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"ransomware-9781491967881","title":"Ransomware","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003eThe biggest online threat to businesses and consumers today is ransomware, a category of malware that can encrypt your computer files until you pay a ransom to unlock them. With this practical book, you'll learn how easily ransomware infects your system and what steps you can take to stop the attack before it sets foot in the network.","brand":"O'Reilly Media","offers":[{"title":"Default Title","offer_id":49531035156823,"sku":"9781491967881","price":25.59,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781491967881.jpg?v=1731881439"},{"product_id":"cybercrime-and-digital-forensics-9780367360078","title":"Cybercrime and Digital Forensics","description":"\u003cp\u003eThis book offers a comprehensive and integrative introduction to cybercrime. It provides an authoritative synthesis of the disparate literature on the various types of cybercrime, the global investigation and detection of cybercrime and the role of digital information, and the wider role of technology as a facilitator for social relationships between deviants and criminals. It includes coverage of: \u003c\/p\u003e\u003cp\u003eâ key theoretical and methodological perspectives; \u003c\/p\u003e\u003cp\u003eâ computer hacking and malicious software; \u003c\/p\u003e\u003cp\u003eâ digital piracy and intellectual theft; \u003c\/p\u003e\u003cp\u003eâ economic crime and online fraud; \u003c\/p\u003e\u003cp\u003eâ pornography and online sex crime; \u003c\/p\u003e\u003cp\u003eâ cyber-bullying and cyber-stalking; \u003c\/p\u003e\u003cp\u003eâ cyber-terrorism and extremism; \u003c\/p\u003e\u003cp\u003eâ the rise of the Dark Web;\u003c\/p\u003e\u003cp\u003eâ digital forensic investigation and its legal context around the world; \u003c\/p\u003e\u003cp\u003eâ the law enforcement response to cybercrime transnationally; \u003c\/p\u003e\u003cp\u003eâ cybercrime policy and legislation across the globe. \u003c\/p\u003e\u003cp\u003eThe new edition has\u003c\/p\u003e","brand":"Taylor \u0026 Francis","offers":[{"title":"Default Title","offer_id":51017880174935,"sku":"9780367360078","price":35.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780367360078.jpg?v=1750774971"},{"product_id":"the-human-factor-of-cybercrime-9781032087191","title":"The Human Factor of Cybercrime","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eCybercrimes are often viewed as technical offenses that require technical solutions, such as antivirus programs or automated intrusion detection tools. However, these crimes are committed by individuals or networks of people which prey upon human victims and are detected and prosecuted by criminal justice personnel. As a result, human decision-making plays a substantial role in the course of an offence, the justice response, and policymakers'' attempts to legislate against these crimes. This book focuses on the human factor in cybercrime: its offenders, victims, and parties involved in tackling cybercrime. \u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003eThe distinct nature of cybercrime has consequences for the entire spectrum of crime and raises myriad questions about the nature of offending and victimization. For example, are cybercriminals the same as traditional offenders, or are there new offender types with distinct characteristics and motives? What foreground and situational characteristics influence the d\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003ePart I: Background\u003c\/strong\u003e; 1. It ain’t what it is, its the way that they do it? Why we still don’t understand cybercrime \u003ci\u003eMike McGuire; \u003c\/i\u003e2. Contributions of Criminological Theory to the Understanding of Cybercrime Offending and Victimization \u003ci\u003eAdam Bossler; \u003c\/i\u003e3. The Open And Dark Web: Facilitating Cybercrime And Technology-Enabled Offenses \u003ci\u003eClaudia Flamand and David Décary-Hétu; \u003c\/i\u003e\u003cb\u003ePart II: Victims; \u003c\/b\u003e4. Predictors of Cybercrime Victimization: Causal Effects or Biased Associations? \u003ci\u003eSteve van de Weijer; \u003c\/i\u003e5. Virtual Danger: An Overview of Interpersonal Cybercrimes \u003ci\u003eJordana Navarro; \u003c\/i\u003e6. Sexual Violence in Digital Society: Understanding the Human and Technosocial Factors \u003ci\u003eAnastasia Powell, Asher Flynn and Nicola Henry; \u003c\/i\u003e\u003cb\u003ePart III: Offenders; \u003c\/b\u003e7. Cybercrime subcultures: Contextualizing offenders and the nature of the offence \u003ci\u003eThomas J. Holt; \u003c\/i\u003e8. On Social Engineering \u003ci\u003eKevin Steinmetz, Richard Goe, and Alexandra Pimentel; \u003c\/i\u003e9. Contrasting cyber-dependent and traditional offenders: a comparison on criminological explanations and potential prevention methods \u003ci\u003eMarleen Weulen Kranenbarg; \u003c\/i\u003e10. Financial cybercrimes and situational crime prevention \u003ci\u003eRutger Leukfeldt and Jurjen Jansen; \u003c\/i\u003e11. Modelling Cybercrime Development: The case of Vietnam \u003ci\u003eJonathan Lusthaus; \u003c\/i\u003e12. Humanizing the Cybercriminal: Markets, Forums, and the Carding Subculture \u003ci\u003eCraig Webber and Michael Yip; \u003c\/i\u003e13. The Roles of ‘Old’ and ‘New’ Media Tools and Technologies in the Facilitation of Violent Extremism and Terrorism \u003ci\u003eRyan Scrivens and Maura Conway; \u003c\/i\u003e14. Child Sex Abuse Images and Exploitation Materials \u003ci\u003eRoderic Broadhurst; \u003c\/i\u003e\u003cb\u003ePart IV : Policing; \u003c\/b\u003e15. Policing Cybercrime: Responding to the Growing Problem and Considering Future Solutions \u003ci\u003eCassandra Dodge and George Burruss; \u003c\/i\u003e16. Responding to individual fraud: Perspectives of the Fraud Justice Network \u003ci\u003eCassandra Cross; \u003c\/i\u003e17. The Ecology of Cybercrime \u003ci\u003eBenoît Dupont; \u003c\/i\u003e18. Displacing big data: How criminals cheat the system \u003ci\u003eAlice Hutchings, Sergio Pastrana and Richard Clayton\u003c\/i\u003e\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51018831135063,"sku":"9781032087191","price":39.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"against-cybercrime-9781032235097","title":"Against Cybercrime","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eThis book advances a theoretically informed realist criminology of computer crime. Looking beyond current strategies of online crime control, this book argues for a new sort of policy that addresses the root causes of computer crime and criminality, reduces the harms experienced by the victims of such crimes, and does not unduly contribute to state and corporate power and surveillance.\u003c\/p\u003e\u003cp\u003eDrawing both on the proponents of realist criminology and on those who have leveled critiques of the approach, Steinmetz illustrates the contours of a realist criminology of computer crime by considering definitions of harm with online crime, the idiosyncrasies of online locality and community, the social relations of computer crime, the tension between piecemeal reform and structural changes, and other matters. Furthermore, Steinmetz surveys the methodological dimensions of computer crime research, offers a critique of positivist computational criminology, and posits an agenda for computer crim\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e'Steinmetz performs two impressive feats here – revitalizing realist criminology through an incisive engagement with pragmatism, and then mobilizing it to develop a digital criminology that is both realistic about online harms and critical about the workings of power. The result? A major advance in our understanding of crime and technology.'\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eMajid Yar\u003c\/strong\u003e, \u003cem\u003eProfessor Emeritus of Criminology, Lancaster University\u003c\/em\u003e \u003c\/p\u003e\u003cp\u003e'Intellectually generous and seductively synthetic, Steinmetz’s \u003ci\u003eAgainst Cybercrime \u003c\/i\u003edares to imagine a new criminology of online worlds. Rejecting rigidity and abstraction, he offers instead a powerful mix of realist criminology, cultural criminology, and pragmatism designed to situate the particulars of digital crime within larger contemporary forces.'\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eJeff Ferrell\u003c\/strong\u003e, \u003cem\u003eAuthor of\u003c\/em\u003e \u003ci\u003eDrift: Illicit Mobility and Uncertain Knowledge.\u003c\/i\u003e\u003c\/p\u003e\u003cp\u003e'Against Cybercrime is well-thought-out, provocatively written, and provides a timely and exciting contribution to an under-theorized area in criminology. Steinmetz’s \"realist criminology of computer crimes\" implores us to address the root causes of crime through harm-reduction strategies that avoid increasing state power and surveillance. This is an important book - a must-read for academics and policymakers, alike.' \u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eJayne Mooney,\u003c\/strong\u003e \u003cem\u003eProfessor of Sociology, John Jay College of Criminal Justice and the Graduate Center, CUNY\u003c\/em\u003e\u003c\/p\u003e\u003cp\u003e\u003cem\u003e'Against Cybercrime\u003c\/em\u003e engages readers in a frank, compelling, and accessible conversation about the need to take computer crimes seriously while taking privacy, freedom, and related matters seriously. Readers will walk away with a greater understanding of the challenges associated with computer crime and demand more concrete solutions, as Steinmetz proposes, than what other cybercriminology perspectives currently provide.'\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eJordana Navarro\u003c\/strong\u003e, \u003cem\u003eAssistant Professor of Criminal Justice, The Citadel\u003c\/em\u003e\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eAcknowledgments\u003c\/p\u003e\u003cp\u003eIntroduction\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003ePART I: \u003c\/strong\u003e\u003cstrong\u003eFoundations\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eRealist Criminology: An Overview\u003c\/p\u003e\u003cp\u003eEschewing Critical Realism\u003c\/p\u003e\u003cp\u003eEmbracing Pragmatism\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003ePART II: \u003c\/strong\u003e\u003cstrong\u003eA Realist Criminology of Computer Crime\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eToward a Realist Criminology of Computer Crime\u003c\/p\u003e\u003cp\u003eThe Mundanity of Computational Criminology\u003c\/p\u003e\u003cp\u003eRealist Criminological Methods \u003c\/p\u003e\u003cp\u003eWhat Is to be Done about Computer Crime?\u003c\/p\u003e\u003cp\u003eWhere Do We Go from Here?\u003c\/p\u003e\u003cp\u003eIndex\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51018918068567,"sku":"9781032235097","price":128.25,"currency_code":"GBP","in_stock":true}]},{"product_id":"the-dark-mafia-9781032244365","title":"The Dark Mafia","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eThis book explores how organized crime has adapted and evolved in sync with ever-expanding technologies to update its popular image and to conduct its covert operations. It shows how organized crime operates in dark virtual spaces and how it can now form a dynamic interactive system with legitimate online spaces, solidifying its criminal exploits and resources, and making them attractive to a new generation of computer users. Focusing on Italian Mafias, Russian and Georgian criminal groups and drug cartels, and Asian crime syndicates such as Yakuza and Triads, this book aims to describe and explain the reasons behind the continuity of online and offline crime, taking into consideration whether or not internet culture has radically changed the way we perceive organized crime and if so how, and thus how the shift in popular imagery that the internet has brought about affects its actual illegal activities. We also consider how organized crime has shifted its locale from the physical to the virtual, how cybercrime has allowed criminal organizations to adapt and reinvent themselves, and how the police now use technology against organized crime.\u003c\/p\u003e\u003cp\u003eTo better understand the new generation of criminals, it is becoming increasingly urgent to understand the latest technologies and how criminals utilize them. \u003ci\u003eThe Dark Mafia \u003c\/i\u003eis an engaging and accessible introduction to understanding virtual organized crime. It will appeal to students and scholars of criminology, sociology, policing, and all those interested in the digital age of organized crime.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTrade Review\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e\"Nicaso and Danesi provide an excellent, empirically rich insight into the complexities of organized crime groups in the digital field. Their book is a refreshing and engaging addition to both cybercrime and organized crime literature.\"\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eAnita Lavorgna\u003c\/strong\u003e, \u003cem\u003eAssociate Professor, University of Bologna\u003c\/em\u003e\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIntroduction 1.The Mafia in Cyberspace 2.Hybrid Criminality 3. Dark Mafia 4. Cool Mafia 5.From Mythologies to Memetics and Beyond\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51018919674199,"sku":"9781032244365","price":34.19,"currency_code":"GBP","in_stock":true}]},{"product_id":"global-financial-investigations-9781032493763","title":"Global Financial Investigations","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eAdopting a case-based approach, \u003ci\u003eGlobal Financial Investigations\u003c\/i\u003e introduces readers to the fascinating world of forensic accounting and investigating transnational financial crimes, providing an overview of core concepts and current industry trends, together with practical guidance to equip students with the knowledge required to combat complex financial crimes.\u003c\/p\u003e\u003cp\u003eBy exploring the different types of financial investigations led by various law enforcement agencies, this accessible text covers a breadth of forensic accounting and broader financial crime issues, from investigating illicit trade and reconstructing financial records, to conducting regulatory investigations. Supported by real-world cases from different geographic regions, students will learn the practical hands-on forensic accounting and financial investigation skills required in todayâs work environment.\u003c\/p\u003e\u003cp\u003eLearning features include:\u003c\/p\u003e\u003cul\u003e \u003cli\u003ea wealth of practical examples highlighting explanations of the\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"Taylor \u0026 Francis","offers":[{"title":"Default Title","offer_id":51019087511895,"sku":"9781032493763","price":44.64,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781032493763.jpg?v=1750779259"},{"product_id":"dark-world-9781032518893","title":"Dark World","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eDiscover the hidden depths of the digital underworld in this comprehensive, interdisciplinary exploration of the dark web.\u003c\/p\u003e\u003cp\u003eIdeal for security agencies, professionals, counter-terrorism experts, and policymakers alike, this work offers invaluable insights that will enhance understanding and fortify strategies. By shedding particular light on the nuances of the dark market,' this book provides readers with a detailed understanding of the dark web, encompassing both its sinister underbelly and unexpected potential.\u003c\/p\u003e\u003cp\u003eThis book also uncovers the latest trends and cutting-edge mitigation techniques. From illicit transactions to thriving business ventures, it examines the key domains and sectors that thrive within this clandestine environment. This book consolidates myriad perspectives on security and threats on the dark web.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e1. Cybersecurity and The Dark Web. 2. A Guide to The Dark and Deep Web. 3. Dark Web Access with TOR Browser. 4. The Dark Web's Perils. 5. Cybercrime on The Dark Web. 6. Red Room Deep Web. 7. Terrorist Acts on The Surface and Dark Web. 8. Dark Web Markets. 9. We Are Anonymous. 10. Hitman for Hire. 11. The Positive and Evil Side of The Dark Web. 12. Techniques for Analyzing Dark Web Content. 13. Information Extraction from Dark Web Contents and Logs. 14. Dark Web Forensics. 15. OSINT Opensource Intelligence. 16. Emerging Dark Web Trends and Mitigation Techniques. 17. The Dark Web's Future. 18. Your Business on The Dark Web. Glossary. Bibliography.\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51019099570519,"sku":"9781032518893","price":44.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"the-link-between-specific-forms-of-online-and-offline-victimization-9781032552361","title":"The Link between Specific Forms of Online and","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eThis book features the empirical work of internationally known scholars, providing an in-depth examination of the overlap between online and offline victimization and offending.\u003c\/p\u003e\u003cp\u003eThe vast expanse of the Internet has provided a limitless playground for offenders to prey on those unaware of their predators, or well as those who are intimately familiar with their offenders. However, the Internet does not isolate offenders into mutually exclusive categories. Instead, it has allowed many offenders to use both offline and online platforms to commit crime. It also opened up more opportunity for violation of victims. This volume features two divisions of the American Society of Criminology, the Division of Victimology and Division of Cybercrime, who have joined forces to sponsor a special issue on the overlap between forms of online and offline victimization and offending. International scholars in this book provide a notable spectrum of different forms of this phenomenon, as well as p\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003eIntroduction 1. Intimate Risks: Examining Online and Offline Abuse, Homicide Flags, and Femicide 2. Deepfakes and Domestic Violence: Perpetrating Intimate Partner Abuse Using Video 3. Assessing the Overlap between Cyberstalking Victimization and Face-to-face Sexual Victimization among South Korean Middle and High School Students 4. Mapping as Harm Reduction: Using GIS to Map Chatter Associated with Sex Work 5. Self-Control, Risky Behavior, and Dating Application-Facilitated Victimization by 6. Understanding the Overlap of Online Offending and Victimization: Using Cluster Analysis to Examine Group Differences 7. Exploring Fear of Crime for Those Targeted by Romance Fraud 8. Online Consumer Fraud Victimization and Reporting: A Quantitative Study of the Predictors and Motives 9. The Financial Leash: Cyberfinancial Abuse within Intimate Relationships 10. Adapting and Applying Offline Theory to Online Victimization: A Test of the Shadow of Sexual Assault Hypothesis with Fear of Online Victimization 11. Convergence of Traditional and Online Property Crime Victimization in a City with Little Offline Crime\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51019114316119,"sku":"9781032552361","price":128.25,"currency_code":"GBP","in_stock":true}]},{"product_id":"the-ciso-playbook-9781032762074","title":"The CISO Playbook","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eA CISO is the ultimate guardian of an organization''s digital assets. As a cybersecurity leader ,a CISO must possess a unique balance of executive leadership, technical knowledge, strategic vision, and effective communication skills. The ever-evolving cyberthreat landscape demands a resilient, proactive approach coupled with a keen ability to anticipate attack angles and implement protective security mechanisms. Simultaneously, a cybersecurity leader must navigate the complexities of balancing security requirements with business objectives, fostering a culture of cybersecurity awareness, and ensuring compliance with regulatory frameworks.\u003c\/p\u003e\u003cp\u003e\u003cem\u003eThe CISO Playbook\u003c\/em\u003e aims to provide nothing but real-world advice and perspectives to both up-and-coming cybersecurity leaders as well as existing ones looking to grow. The book does not approach cybersecurity leadership from the perspective of the academic, or what it should be, but more from that which it really is. Moreover, it\u003c\/p\u003e","brand":"CRC Press","offers":[{"title":"Default Title","offer_id":51019200954711,"sku":"9781032762074","price":42.74,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781032762074.jpg?v=1750779585"},{"product_id":"systematic-security-9781041018124","title":"Systematic Security","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eIn todayâs rapidly evolving digital landscape, safeguarding critical data and systems has never been more vitalâor more challenging. \u003ci\u003eSystematic Security: A CISOâs Playbook\u003c\/i\u003e by Timur Qader offers a groundbreaking guide to building a resilient and scalable security practice from the ground up. Blending real-world experience with practical insights, this book lays out a phased approach to security implementation.\u003c\/p\u003e\u003cp\u003eTimur begins with describing the current state of security and the landscape security professionals find themselves in that offer both opportunity and risk. He goes on to systematically address strategic design, operational efficiency, risk-based modeling, and a rapidly growing regulatory landscape. This essential resource provides step-by-step strategies for implementing a comprehensive security framework. Whether you're launching a new security program or transforming an existing one, this book delivers actionable insights on governance, compliance, and advanced security operations.\u003c\/p\u003e\u003cp\u003eDrawing on years of hands-on experience, Timur shares practical advice on:\u003c\/p\u003e\u003cul\u003e \u003cli\u003eEstablishing a structured roadmap with clear milestones and deliverables.\u003c\/li\u003e \u003cli\u003eBuilding effective governance and compliance teams to address evolving regulations.\u003c\/li\u003e \u003cli\u003eDeveloping security operations through advanced techniques like Zero Trust and Data Protection Capabilities.\u003c\/li\u003e \u003cli\u003eNavigating complex relationships with stakeholders, executives, and regulators.\u003c\/li\u003e \u003cli\u003eCreating metrics and scorecards to measure and continuously improve security posture.\u003c\/li\u003e \u003c\/ul\u003e\u003cp\u003eMore than just a technical manual, \u003ci\u003eSystematic Security\u003c\/i\u003e is a leadership toolkit for todayâs security executives. It highlights the mindset, collaboration, and communication skills needed to succeed in high-pressure environments. With tips on presenting to boards, handling audits, and managing compliance, this book prepares readers for the challenges of modern cybersecurity leadership.\u003c\/p\u003e\u003cp\u003eWhether youâre an aspiring CISO, a security professional, or a business leader looking to fortify your organizationâs defenses, \u003ci\u003eSystematic Security\u003c\/i\u003e delivers the strategies and tools to create lasting security excellence.\u003c\/p\u003e\u003cp\u003eTimur Qaderâs candid, experience-driven approach ensures this book is not just informative but indispensable for anyone serious about protecting data, systems, and reputations in a world of escalating security threats.\u003c\/p\u003e\u003cp\u003ePrepare to lead with confidence, foster innovation, and build a future-proof security strategy that aligns with organizational goals and industry best practices. With \u003ci\u003eSystematic Security\u003c\/i\u003e, success isnât just a possibilityâitâs a repeatable process.\u003c\/p\u003e","brand":"CRC Press","offers":[{"title":"Default Title","offer_id":51019361878359,"sku":"9781041018124","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"bit-by-bit-9781087897899","title":"Bit By Bit","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Indy Pub","offers":[{"title":"Default Title","offer_id":51019370496343,"sku":"9781087897899","price":29.24,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781087897899.jpg?v=1750780052"},{"product_id":"cybercrime-9781138541788","title":"Cybercrime","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eNow in its second edition, \u003ci\u003eCybercrime: Key Issues and Debates\u003c\/i\u003e provides a valuable overview of this fast-paced and growing area of law. As technology develops and internet-enabled devices become ever more prevalent, new opportunities exist for that technology to be exploited by criminals. One result of this is that cybercrime is increasingly recognised as a distinct branch of criminal law. \u003c\/p\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eThe book offers readers a thematic and critical overview of cybercrime, introducing the key principles and clearly showing the connections between topics as well as highlighting areas subject to debate. Written with an emphasis on the law in the UK but considering in detail the Council of Europe's important Convention on Cybercrime, this text also covers the jurisdictional aspects of cybercrime in international law. Themes discussed include crimes against computers, property, offensive content, and offences against the person, and, new to this edition, cybercrime investigation.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e1. Cybercrime \u003cstrong\u003ePart I: Crimes Against Computers \u003c\/strong\u003e2. Hacking and Malware: Targeting the Technology 3. Targeting Data 4. From Hacktivism to Cyberwarfare: Weaponising Cyberspace \u003cstrong\u003ePart II: \"Property\" \u003c\/strong\u003e5. Intellectual and Virtual Property 6. Fraud \u003cstrong\u003ePart III: Offensive Content \u003c\/strong\u003e7. Hate and Harm 8. Sexualised Content 1: Adult pornography 9. Sexualised Content 2: Child pornography \u003cstrong\u003ePart IV: Offences Against the Person \u003c\/strong\u003e10. Offences Against the Person \u003cstrong\u003ePart V: Investigating Cybercrime \u003c\/strong\u003e11. Jurisdiction 12.Policing Cybercrime: Structures 13. Policing Cybercrime: Investigative Powers\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51019497111895,"sku":"9781138541788","price":999.99,"currency_code":"GBP","in_stock":false}]},{"product_id":"cybersecurity-what-you-need-to-know-about-computer-and-cyber-security-social-engineering-the-internet-of-things-an-essential-guide-to-ethical-hacking-for-beginners-9781647481742","title":"Cybersecurity: What You Need to Know About","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Bravex Publications","offers":[{"title":"Default Title","offer_id":51020228854103,"sku":"9781647481742","price":22.49,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781647481742.jpg?v=1750782831"},{"product_id":"cybersecurity-exposed-the-cyber-house-rules-9781911452096","title":"Cybersecurity Exposed: The Cyber House Rules","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Cyber Simplicity Ltd","offers":[{"title":"Default Title","offer_id":51020796985687,"sku":"9781911452096","price":9.99,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9781911452096.jpg?v=1750784411"},{"product_id":"cybersecurity-in-the-covid19-pandemic-9780367721435","title":"Cybersecurity in the COVID19 Pandemic","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e\u003cp\u003eThis book demystifies Cybersecurity concepts using real-world cybercrime incidents from the pandemic to illustrate how threat actors perpetrated computer fraud against valuable information assets particularly healthcare, financial, commercial, travel, academic, and social networking data.\u003c\/p\u003e\u003cbr\u003e\u003cbr\u003e\u003cb\u003eTable of Contents\u003c\/b\u003e\u003cbr\u003e\u003cp\u003e1. COVID-19 Pandemic, the Game Changer\u003c\/p\u003e\u003cp\u003e2. Nature\u003c\/p\u003e\u003cp\u003e3. Cybersecurity Roles in a Pandemic\u003c\/p\u003e\u003cp\u003e4. Cyberspace at Risk\u003c\/p\u003e\u003cp\u003e5. Challenges of Managing Cybersecurity at Covid-19\u003c\/p\u003e\u003cp\u003e6. Cyberattack Mitigations During the Pandemic\u003c\/p\u003e\u003cp\u003e7. Cybersecurity in Post Covid-19 Digital Era\u003c\/p\u003e\u003cp\u003e8. Conclusion and Recommendations\u003c\/p\u003e","brand":"Taylor \u0026 Francis Ltd","offers":[{"title":"Default Title","offer_id":51037053157719,"sku":"9780367721435","price":19.99,"currency_code":"GBP","in_stock":true}]},{"product_id":"rinsed-9780241624869","title":"Rinsed","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e'Rinsed is a triumph. If you want to understand how the chaotic world around us really works, read this book!' MILES JOHNSON, AUTHOR OF CHASING SHADOWS'A riveting look at not only the nuts and bolts of cons and crimes but the techniques detectives use to stalk cyber criminals' FINANCIAL TIMES'Gripping' THE ECONOMIST There's an old saying: 'a rising tide lifts all boats'. It's normally couched in positive terms; that overall economic improvement will benefit everyone. In the case of hi-tech money laundering, however, it offers a dark vision of the future. The better these launderers become at their work, the more crime of all types will be enabled. It's time to understand where the water is rising, before it washes over us all.   Money laundering has been around for centuries. For as long as people have been willing to steal money, there's been an industry ready to wash it. But recent tech innovations have created vastly complex new systems for laundering that threaten to overwhelm auth","brand":"Penguin Books Ltd","offers":[{"title":"Default Title","offer_id":51358995939671,"sku":"9780241624869","price":12.32,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9780241624869.jpg?v=1754123150"},{"product_id":"digital-forensics-for-enterprises-beyond-kali-linux-9789365895902","title":"Digital Forensics for Enterprises Beyond Kali","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Bpb Publications","offers":[{"title":"Default Title","offer_id":51360816300375,"sku":"9789365895902","price":33.24,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9789365895902.jpg?v=1754128510"},{"product_id":"mastering-cybersecurity-defense-9789365897869","title":"Mastering CyberSecurity Defense","description":"\u003cb\u003eBook Synopsis\u003c\/b\u003e\u003cbr\u003e","brand":"Bpb Publications","offers":[{"title":"Default Title","offer_id":51360816824663,"sku":"9789365897869","price":33.24,"currency_code":"GBP","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0817\/1739\/5799\/files\/9789365897869.jpg?v=1754128511"}],"url":"https:\/\/bookcurl.com\/collections\/computer-fraud-and-hacking.oembed?page=3","provider":"Book Curl","version":"1.0","type":"link"}