As technology has developed, computer hackers have become increasingly sophisticated, mastering the ability to hack into even the most impenetrable systems. The best way to secure a system is to understand the tools hackers use and know how to circumvent them. Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It provides hands-on instruction to a host of techniques used to hack into a variety of systems.
Exposing hacker methodology with concrete examples, this book shows you how to outwit computer predators at their own game. Among the many things you’ll learn:
- How to get into a Windows operating system without having the username or password
- Vulnerabilities associated with passwords and how to keep them out of the hands of hackers
- How hackers use the techniques of computer forensic examiners to wreak havoc on individuals and companies
- Hiding one’s IP address to avoid detection
- Manipulating data to and from a web page or application for nefarious reasons
- How to find virtually anything on the internet
- How hackers research the targets they plan to attack
- How network defenders collect traffic across the wire to indentify intrusions
- Using Metasploit to attack weaknesses in systems that are unpatched or have poorly implemented security measures
The book profiles a variety of attack tools and examines how Facebook and other sites can be used to conduct social networking attacks. It also covers techniques utilized by hackers to attack modern operating systems, such as Windows 7, Windows Vista, and Mac OS X. The author explores a number of techniques that hackers can use to exploit physical access, network access, and wireless vectors. Using screenshots to clarify procedures, this practical manual uses step-by-step examples and relevant analogies to facilitate understanding, giving you an insider’s view of the secrets of hackers.
Table of Contents
Hacking Windows OS
Obtaining Windows Passwords
Imaging and Extraction
Bypassing Web Filters
Manipulating the Web
Finding It All on the Net
Capturing Network Traffic
Research Time: Finding the Vulnerabilities
Other Attack Tools
Social Engineering with Web 2.0
Hac the Macs
Jesse Varsalone has been teaching for 18 years. He taught high school for eight years, five in the Baltimore City Public Schools. After teaching high school, Jesse started teaching computer classes at the Computer Career Institutes at Johns Hopkins University and Stevenson University. He currently teaches online as an adjunct professor at Champlain College in Burlington, Vermont. Jesse holds a number of certifications in the IT field.
Matthew McFadden researches, develops, and instructs network intrusion investigations. Matthew has spent several years in the field of information technology specializing in information assurance and security, network intrusion, malware analysis, and forensics. Matthew has performed research projects, consulted, and presented, and has worked in network administration. He also holds industry IT certifications.
"If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information needed to run a large set of hacking tools. ... the book walks the reader through the process of how to use hacking tools and how to make sense of their output. ... a really good reference for someone experienced in the topic who wants to improve their expertise."
— Ben Rothke, author of Computer Security: 20 Things Every Employee Should Know
"A fascinating catalog of the techniques hackers use to get information from networks and computers … of great interest to the security research community."
— Computing Reviews, June 2012