Muutke küpsiste eelistusi

Gray Hat C: A Hacker's Guide to Creating and Automating Security Tools [Pehme köide]

3.81/5 (69 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 304 pages, kõrgus x laius: 234x178 mm
  • Ilmumisaeg: 15-May-2017
  • Kirjastus: No Starch Press,US
  • ISBN-10: 1593277598
  • ISBN-13: 9781593277598
Teised raamatud teemal:
Gray Hat C: A Hacker's Guide to Creating and Automating Security ToolsSuurem pilt
  • Formaat: Paperback / softback, 304 pages, kõrgus x laius: 234x178 mm
  • Ilmumisaeg: 15-May-2017
  • Kirjastus: No Starch Press,US
  • ISBN-10: 1593277598
  • ISBN-13: 9781593277598
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781593277598.html
Märksõnad:

Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like performing vulnerability scans, malware analysis, and incident response. With some help from Mono, you can write your own practical security tools that will run on Mac, Linux, and even mobile devices.

Following a crash course in C# and some of its advanced features, you'll learn how to:

  • Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injection
  • Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads
  • Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections
  • Write a .NET decompiler for Mac and Linux
  • Parse and read offline registry hives to dump system information
  • Automate the security tools Arachni and Metasploit using their MSGPACK RPCs

Streamline and simplify your work day with Gray Hat C# and C#'s extensive repertoire of powerful tools and libraries.

Arvustused

Gray Hat C# is a highly valuable resource that will help you make the most of your SDLC via practical examples. This book will teach you how to integrate with a plethora of widely used and established security tools. Test harder, and ship with confidence. Tasos Laskos, Creator of Arachni

An immersive read that leaves the reader with an excellent understanding of the potential of C#. Infosecurity Magazine

Perry's explanations of what the code does are excellent. If you're trying to test projects to see where vulnerabilities lie so you can close down the holes, I highly recommend this title. I Programmer

Foreword xii
Matt Graeber
Preface xvii
Why Should I Trust Mono? xviii
Who Is This Book For? xviii
Organization of This Book xix
Acknowledgments xxi
A Final Note xxi
1 C# Crash Course
1(14)
Choosing an IDE
1(1)
A Simple Example
2(2)
Introducing Classes and Interfaces
4(5)
Creating a Class
4(1)
Creating an Interface
4(1)
Subclassing from an Abstract Class and Implementing an Interface
5(2)
Tying Everything Together with the Main() Method
7(1)
Running the Main() Method
8(1)
Anonymous Methods
9(3)
Assigning a Delegate to a Method
9(1)
Updating the Firefighter Class
9(1)
Creating Optional Arguments
10(1)
Updating the Main() Method
11(1)
Running the Updated Main() Method
12(1)
Integrating with Native Libraries
12(1)
Conclusion
13(2)
2 Fuzzing And Exploiting XSS And SQL Injection
15(38)
Setting Up the Virtual Machine
16(3)
Adding a Host-Only Virtual Network
16(1)
Creating the Virtual Machine
17(1)
Booting the Virtual Machine from the BadStore ISO
17(2)
SQL Injections
19(1)
Cross-Site Scripting
20(2)
Fuzzing GET Requests with a Mutational Fuzzer
22(3)
Tainting the Parameters and Testing for Vulnerabilities
23(1)
Building the HTTP Requests
23(2)
Testing the Fuzzing Code
25(1)
Fuzzing POST Requests
25(6)
Writing a POST Request Fuzzer
27(1)
The Fuzzing Begins
28(1)
Fuzzing Parameters
29(2)
Fuzzing JSON
31(7)
Setting Up the Vulnerable Appliance
31(1)
Capturing a Vulnerable JSON Request
31(2)
Creating the JSON Fuzzer
33(4)
Testing the JSON Fuzzer
37(1)
Exploiting SQL Injections
38(13)
Performing a UNION-Based Exploit by Hand
38(2)
Performing a UNION-Based Exploit Programmatically
40(3)
Exploiting Boolean-Blind SQL Vulnerabilities
43(8)
Conclusion
51(2)
3 Fuzzing Soap Endpoints
53(28)
Setting Up the Vulnerable Endpoint
54(1)
Parsing the WSDL
55(13)
Creating a Class for the WSDL Document
55(1)
Writing the Initial Parsing Methods
56(2)
Writing a Class for the SOAP Type and Parameters
58(2)
Creating the SoapMessage Class to Define Sent Data
60(1)
Implementing a Class for Message Parts
61(1)
Defining Port Operations with the SoapPortType Class
62(1)
Implementing a Class for Port Operations
63(1)
Defining Protocols Used in SOAP Bindings
64(1)
Compiling a List of Operation Child Nodes
65(1)
Finding the SOAP Services on Ports
66(2)
Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities
68(11)
Fuzzing Individual SOAP Services
69(3)
Fuzzing the HTTP POST SOAP Port
72(3)
Fuzzing the SOAP XML Port
75(3)
Running the Fuzzer
78(1)
Conclusion
79(2)
4 Writing Connect-Back, Binding, And Metasploit Payloads
81(22)
Creating a Connect-Back Payload
82(3)
The Network Stream
82(2)
Running the Command
84(1)
Running the Payload
85(1)
Binding a Payload
85(3)
Accepting Data, Running Commands, and Returning Output
86(1)
Executing Commands from the Stream
87(1)
Using UDP to Attack a Network
88(6)
The Code for the Target's Machine
89(3)
The Attacker's Code
92(2)
Running x86 and x86-64 Metasploit Payloads from C#
94(8)
Setting Up Metasploit
94(2)
Generating Payloads
96(1)
Executing Native Windows Payloads as Unmanaged Code
96(2)
Executing Native Linux Payloads
98(4)
Conclusion
102(1)
5 Automating Nessus
103(12)
REST and the Nessus API
104(1)
The NessusSession Class
105(4)
Making the HTTP Requests
106(1)
Logging Out and Cleaning Up
107(1)
Testing the NessusSession Class
108(1)
The NessusManager Class
109(1)
Performing a Nessus Scan
110(3)
Conclusion
113(2)
6 Automating Nexpose
115(18)
Installing Nexpose
116(2)
Activation and Testing
117(1)
Some Nexpose Parlance
118(1)
The NexposeSession Class
118(6)
The ExecuteCommand() Method
120(3)
Logging Out and Disposing of Our Session
123(1)
Finding the API Version
123(1)
Driving the Nexpose API
124(1)
The NexposeManager Class
124(2)
Automating a Vulnerability Scan
126(2)
Creating a Site with Assets
126(1)
Starting a Scan
127(1)
Creating a PDF Site Report and Deleting the Site
128(1)
Putting It All Together
128(3)
Starting the Scan
129(1)
Generating a Report and Deleting the Site
129(1)
Running the Automation
130(1)
Conclusion
131(2)
7 Automating Openvas
133(14)
Installing OpenVAS
134(1)
Building the Classes
134(1)
The OpenVASSession Class
134(6)
Authenticating with the OpenVAS Server
135(1)
Creating a Method to Execute OpenVAS Commands
136(1)
Reading the Server Message
137(1)
Setting Up the TCP Stream to Send and Receive Commands
138(1)
Certificate Validation and Garbage Collection
138(1)
Getting the OpenVAS Version
139(1)
The OpenVASManager Class
140(6)
Getting Scan Configurations and Creating Targets
141(3)
Wrapping Up the Automation
144(1)
Running the Automation
145(1)
Conclusion
146(1)
8 Automating Cuckoo Sandbox
147(20)
Setting Up Cuckoo Sandbox
148(1)
Manually Running the Cuckoo Sandbox API
148(3)
Starting the API
148(1)
Checking Cuckoo's Status
149(2)
Creating the CuckooSession Class
151(6)
Writing the ExecuteCommand() Methods to Handle HTTP Requests
151(2)
Creating Multipart HTTP Data with the GetMultipartFormData() Method
153(2)
Processing File Data with the FileParameter Class
155(1)
Testing the CuckooSession and Supporting Classes
156(1)
Writing the CuckooManager Class
157(6)
Writing the CreateTask() Method
157(2)
The Task Details and Reporting Methods
159(1)
Creating the Task Abstract Class
160(1)
Sorting and Creating Different Class Types
161(2)
Putting It Together
163(1)
Testing the Application
164(1)
Conclusion
165(2)
9 Automating Sqlmap
167(24)
Running sqlmap
168(5)
The sqlmap REST API
169(1)
Testing the sqlmap API with curl
170(3)
Creating a Session for sqlmap
173(4)
Creating a Method to Execute a GET Request
174(1)
Executing a POST Request
175(1)
Testing the Session Class
176(1)
The SqlmapManager Class
177(5)
Listing sqlmap Options
179(1)
Making a Method to Perform Scans
180(2)
The New MainQ Method
182(1)
Reporting on a Scan
182(1)
Automating a Full sqlmap Scan
183(2)
Integrating sqlmap with the SOAP Fuzzer
185(5)
Adding sqlmap GET Request Support to the SOAP Fuzzer
185(2)
Adding sqlmap POST Request Support
187(1)
Calling the New Methods
188(2)
Conclusion
190(1)
10 Automating Clamav
191(16)
Installing ClamAV
192(1)
The ClamAV Native Library vs. the clamd Network Daemon
193(1)
Automating with ClamAV's Native Library
193(8)
Setting Up the Supporting Enumerations and Classes
194(2)
Accessing ClamAV's Native Library Functions
196(1)
Compiling the ClamAV Engine
197(1)
Scanning Files
198(2)
Cleaning Up
200(1)
Testing the Program by Scanning the EICAR File
200(1)
Automating with clamd
201(5)
Installing the clamd Daemon
202(1)
Starting the clamd Daemon
202(1)
Creating a Session Class for clamd
203(1)
Creating a clamd Manager Class
204(1)
Testing with clamd
205(1)
Conclusion
206(1)
11 Automating Metasploit
207(16)
Running the RPC Server
208(1)
Installing Metasploitable
209(1)
Getting the MSGPACK Library
209(3)
Installing the NuGet Package Manager for MonoDevelop
210(1)
Installing the MSGPACK Library
211(1)
Referencing the MSGPACK Library
211(1)
Writing the MetasploitSession Class
212(5)
Creating the Executed Method for HTTP Requests and Interacting with MSGPACK
213(2)
Transforming Response Data from MSGPACK
215(2)
Testing the session Class
217(1)
Writing the MetasploitManager Class
217(2)
Putting It All Together
219(3)
Running the Exploit
220(1)
Interacting with the Shell
221(1)
Popping Shells
221(1)
Conclusion
222(1)
12 Automating Arachni
223(18)
Installing Arachni
223(1)
The Arachni REST API
224(3)
Creating the ArachniHTTPSession Class
225(1)
Creating the ArachniHTTPManager Class
226(1)
Putting the Session and Manager Classes Together
227(1)
The Arachni RPC
228(9)
Manually Running the RPC
229(1)
The ArachniRPCSession Class
230(2)
The Supporting Methods for ExecuteCommand()
232(2)
The ExecuteCommand() Method
234(2)
The ArachniRPCManager Class
236(1)
Putting It All Together
237(2)
Conclusion
239(2)
13 Decompiling And Reversing Managed Assemblies
241(8)
Decompiling Managed Assemblies
242(2)
Testing the Decompiler
244(1)
Using monodis to Analyze an Assembly
245(2)
Conclusion
247(2)
14 Reading Offline Registry Hives
249(16)
The Registry Hive Structure
250(1)
Getting the Registry Hives
250(2)
Reading the Registry Hive
252(7)
Creating a Class to Parse a Registry Hive File
252(1)
Creating a Class for Node Keys
253(5)
Making a Class to Store Value Keys
258(1)
Testing the Library
259(1)
Dumping the Boot Key
259(5)
The GetBootKey() Method
259(2)
The GetValueKey() Method
261(1)
The GetNodeKey() Method
261(1)
The StringToByteArray() Method
262(1)
Getting the Boot Key
262(1)
Verifying the Boot Key
263(1)
Conclusion
264(1)
Index 265
Brandon Perry is the co-author of Wicked Cool Shell Scripts, 2nd Edition (No Starch Press). He started writing C# applications with the advent of the open source .NET implementation called Mono. In his free time, he enjoys writing modules for the Metasploit framework, parsing binary files, and fuzzing things.