|
Penetration is the art of gaining access to a machine or
system in an unauthorised manner. It bears stating that
penetrating of a system or data without consent of the
owners of the system or data is generally regarded as an
illegal activity in most countries. Penetration skills are
used by Security Professionals to test a systems security
and analyse where the system can be hardened. The cyber
security penetration books reviewed here, cover some of the
classic penetration books and techniques of computer system
exploitation.
Security Penetration Book Reviews
- Hacking the Art of Exploitation
Hacking the Art of Exploitation, gets straight into the meat
of technical penetration and software bug exploits.
Shellcode is examined in a very accessible fashion, Stack
and Heap Overflows are shown, encryption, assembly, C
coding, network hijacking, Hacking the Art of Exploitation
touches on many different cyber security core basics. The
book is written with a good pace, the reader is expected to
be a competent programmer in C and assembly, and the
exploits shown are designed to work on Linux operating
system, though of course applicable to other operating
systems.- Nmap Network Scanning
- The Shellcoder's Handbook
- File System Forensic Analysis
- Gray Hat Hacking
Gray Hat Hacking explores both the ethics of hacking, and
penetration analysis, along with low level techniques of
penetration. Gray Hat Hacking is written with a very clear
and informative style, and the exploits shown are standard
fare but given a good examination. Gray Hat Hacking is an
excellent addition to any penetrators bookshelf.- The Database Hacker's Handbook
- Malicious Cryptography
Malicious Cryptography takes a walk on the wild side of
cryptography. Cryptography has often been seen as a white
knight in the security world, but it can be used for
malicious purposed and Malicious Cryptography delves
straight into that. Malicious Cryptography is a highly
informative text and really does push the boundaries of
cyber security and its perception.- Nessus Network Auditing
- Fuzzing
Fuzzing is about a technique quite widespread in the
security field, though not often written about. Fuzzing is
the testing of software using a somewhat random set of input
data, looking for input that will cause a program to fail or
exhibit unusual behaviour. Fuzzing is a great introduction
to the books namesake, and the various fuzzing methods are
looked at with a fair amount of detail.- The Rootkit Arsenal
- The Web Application Hacker's Handbook
- Designing BSD Rootkits
- WI-FOO
- Maximum Security
- Viruses Revealed
- Silence on the Wire
- Hacking Exposed
- Aggressive Network Self Defense
Aggressive Network Self Defense is a fictional (infotainment) look
at what happens when Administrators strike back against crackers. Is the
best defense, offense? Aggressive Network Self Defense looks
at how victims of unauthorised computer access can respond
from a Penetration Testing perspective. Aggressive Network
Self Defense is a good book on Cyber Security, and there are quite a few
techniques looked at that are useful in Development and Administration.- The Art of Deception
The Art of Deception is a look into the social engineering
side of cyber security. Social engineering is known as
hacking or cracking the wet ware, people are often the
weakest link in the chain when it comes to security.
Exploiting technical vulnerabilities may they be
architectural flaws or implementation bugs can have
widespread effect, but they tend to be costly and privy only
to the initiated and highly competent programmers. Social
engineering can normally force an penetration into an
organisation's systems bypassing the technical security and
just getting a user to permit entry.- Hack Attacks Revealed
- Hacking Exposed Linux
Hacking Exposed Linux edition is a standard hacking and
cracking book for computer system penetration against Linux
based systems. All the main points of penetration are
examined in the book. Cracking tools are explained and
methods of hardening are also looked at. The writing style
of Hacking Exposed Linux is clear and informative, and this
makes a good book for people wishing to get a handle on
penetrating Linux systems and using Linux systems to
penetrate other operating systems.- The Cuckoo's Egg
The Cuckoo's Egg is Clifford Stoll's account of being
part of the sharp end of a penetration enacted by a
group of crackers under the moniker of Project Equaliser.
The Cuckoo's Egg is an entertaining and informative
read looking at how system administrators may respond
to an unauthorised access to their systems.- Stealing the Network How to Own the Box
- Stealing the Network How to Own a Continent
- Stealing the Network How to Own an Identity
- Google Hacking
- CyberPunk
CyberPunk is a book of three stories; Kevin's exploits in
the world of cyberspace, Pengo and his supposed attempts to
sell secrets to East Germany and the Soviet Block, and RTM's
misguided and infamous worm that took down the Net.
CyberPunk is an enjoyable read, it is an adventure story,
but it did bring into focus some of the happenings in
cyberspace before it was commonly known. Looking for some
light entertainment in the cybersecurity field, CyberPunk
delivers.- The Mezonic Agenda
- The Black Science
- Get Anyone to Do Anything
|
|
Web Development and Web Design by Poised Solutions IT Practice