Muutke küpsiste eelistusi

Art of Attack: Attacker Mindset for Security Professionals [Pehme köide]

3.77/5 (121 hinnangut Goodreads-ist)
(Social-Engineer, LLC)
  • Formaat: Paperback / softback, 304 pages, kõrgus x laius x paksus: 229x152x20 mm, kaal: 408 g
  • Ilmumisaeg: 16-Sep-2021
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1119805465
  • ISBN-13: 9781119805465
Teised raamatud teemal:
  • Pehme köide
  • Hind: 28,76 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 33,84 €
  • Säästad 15%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 2-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
Art of Attack: Attacker Mindset for Security ProfessionalsSuurem pilt
  • Formaat: Paperback / softback, 304 pages, kõrgus x laius x paksus: 229x152x20 mm, kaal: 408 g
  • Ilmumisaeg: 16-Sep-2021
  • Kirjastus: John Wiley & Sons Inc
  • ISBN-10: 1119805465
  • ISBN-13: 9781119805465
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781119805465.html
Märksõnad:

Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers 

In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage.  Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker.  

The book shows you the laws of the mindset and the techniques attackers use, from persistence to “start with the end” strategies and non-linear thinking, that make them so dangerous. You’ll discover: 

  • A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques 
  • The unique tells and signs of an attack and how to avoid becoming a victim of one 
  • What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against 

Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker. 

About the Author v
Acknowledgments vii
Introduction xv
PART I THE ATTACKER MINDSET
1(62)
Chapter 1 What Is The Attacker Mindset?
3(14)
Using the Mindset
6(3)
The Attacker and the Mindset
9(2)
AMs Is a Needed Set of Skills
11(5)
A Quick Note on Scope
13(3)
Summary
16(1)
Key Message
16(1)
Chapter 2 Offensive Vs. Defensive Attacker Mindset
17(20)
The Offensive Attacker Mindset
20(11)
Comfort and Risk
22(1)
Planning Pressure and Mental Agility
23(3)
Emergency Conditioning
26(5)
Defensive Attacker Mindset
31(4)
Consistency and Regulation
31(1)
Anxiety Control
32(2)
Recovery, Distraction, and Maintenance
34(1)
OAMs and DAMs Come Together
35(1)
Summary
35(2)
Key Message
36(1)
Chapter 3 The Attacker Mindset Framework
37(26)
Development
39(13)
Phase 1
43(4)
Phase 2
47(1)
Application
48(3)
Preloading
51(1)
"Right Time, Right Place" Preload
51(1)
Ethics
52(5)
Intellectual Ethics
53(1)
Reactionary Ethics
53(4)
Social Engineering and Security
57(3)
Social Engineering vs. AMs
59(1)
Summary
60(3)
Key Message
60(3)
PART II THE LAWS AND SKILLS
63(108)
Chapter 4 The Laws
65(18)
Law 1 Start with the End in Mind
65(10)
End to Start Questions
66(2)
Robbing a Bank
68(2)
Bringing It All together
70(1)
The Start of the End
71(1)
Clarity
71(1)
Efficiency
72(1)
The Objective
72(1)
How to Begin with the End in Mind
73(2)
Law 2 Gather, Weaponize, and Leverage Information
75(2)
Law 3 Never Break Pretext
77(3)
Law 4 Every Move Made Benefits the Objective
80(1)
Summary
81(2)
Key Message
82(1)
Chapter 5 Curiosity, Persistence, And Agility
83(16)
Curiosity
86(1)
The Exercise: Part 1
87(2)
The Exercise: Part 2
89(3)
Persistence
92(3)
Skills and Common Sense
95(3)
Professional Common Sense
95(3)
Summary
98(1)
Key Message
98(1)
Chapter 6 Information Processing: Observation And Thinking Techniques
99(36)
Your Brain vs. Your Observation
102(5)
Observation vs. Heuristics
107(2)
Heuristics
107(1)
Behold Linda
108(1)
Observation vs. Intuition
109(5)
Using Reasoning and Logic
112(2)
Observing People
114(2)
Observation Exercise
116(6)
AMs and Observation
122(1)
Tying It All Together
123(1)
Critical and Nonlinear Thinking
124(3)
Vector vs. Arc
127(1)
Education and Critical Thinking
128(1)
Workplace Critical Thinking
128(1)
Critical Thinking and Other Psychological Constructs
129(2)
Critical Thinking Skills
130(1)
Nonlinear Thinking
131(1)
Tying Them Together
132(1)
Summary
133(2)
Key Message
134(1)
Chapter 7 Information Processing In Practice
135(36)
Reconnaissance
136(9)
Recon: Passive
145(4)
Recon: Active
149(1)
OSINT
150(5)
OSINT Over the Years
150(3)
Intel Types
153(1)
Alternative Data in OSINT
154(1)
Signal vs. Noise
155(15)
Weaponizing of Information
158(2)
Tying Back to the Objective
160(10)
Summary
170(1)
Key Message
170(1)
PART III TOOLS AND ANATOMY
171(70)
Chapter 8 Attack Strategy
173(32)
Attacks in Action
175(2)
Strategic Environment
177(2)
The Necessity of Engagement and Winning
179(4)
The Attack Surface
183(1)
Vulnerabilities
183(1)
AMs Applied to the Attack Vectors
184(19)
Phishing
184(1)
Mass Phish
185(1)
Spearphish
186(1)
Whaling
187(3)
Vishing
190(5)
Smishing/Smshing
195(1)
Impersonation
196(3)
Physical
199(1)
Back to the Manhattan Bank
200(3)
Summary
203(2)
Key Message
203(2)
Chapter 9 Psychology In Attacks
205(36)
Setting The Scene: Why Psychology Matters
205(5)
Ego Suspension, Humility & Asking for Help
210(7)
Humility
215(1)
Asking for Help
216(1)
Introducing the Target-Attacker Window Model
217(4)
Four TAWM Regions
218(3)
Target Psychology
221(12)
Optimism Bias
225(3)
Confirmation Bias and Motivated Reasoning
228(3)
Framing Effect
231(2)
Thin-Slice Assessments
233(3)
Default to Truth
236(3)
Summary
239(2)
Key Message
239(2)
PART IV AFTER AMs
241(32)
Chapter 10 Staying Protected---The Individual
243(14)
Attacker Mindset for Ordinary People
243(3)
Behavioral Security
246(4)
Amygdala Hijacking
250(2)
Analyze Your Attack Surface
252(4)
Summary
256(1)
Key Message
256(1)
Chapter 11 Staying Protected---The Business
257(16)
Indicators of Attack
258(1)
Nontechnical Measures
258(3)
Testing and Red Teams
261(2)
Survivorship Bias
261(2)
The Complex Policy
263(1)
Protection
264(1)
Antifragile
264(2)
The Full Spectrum of Crises
266(3)
AMs on the Spectrum
268(1)
Final Thoughts
269(1)
Summary
270(3)
Key Message
271(2)
Index 273
MAXIE REYNOLDS is Technical Team Lead for Social-Engineer, LLC leading their efforts as a physical pentester and social engineer. She is a certified Ethical Hacker, Digital Forensic Investigator, and Social Engineer. She holds degrees in Computer Science, Underwater Robotics, and is qualified in Quantum Computing. She has worked as a physical pentester for banks, transport agencies, and other industries.