چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

Practical Forensic Imaging : Securing Digital Evidence with Linux Tools

Bruce Nikkel

قیمت نهایی

۴۴٬۰۰۰ تومان۴۹٬۰۰۰ تومان۱۰٪ تخفیف
  • تخفیف زمان‌دار−۵٬۰۰۰ تومان

۵٬۰۰۰ تومان صرفه‌جویی نسبت به قیمت اصلی

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Bruce Nikkel
سال انتشار
۲۰۱۶
فرمت
EPUB
زبان
انگلیسی
حجم فایل
۱۹٫۳ مگابایت
شابک
9781457198847، 9781593272890، 9781593272906، 9781593273750، 9781593273958، 9781593274306، 9781593275099، 9781593275341، 9781593275679، 9781593276454، 9781593277031، 9781593277703، 9781593277932، 9781593278007، 9781593278014، 9781593278021، 9785446109388، 9785604072301، 1457198843، 1593272898، 1593272901، 1593273754، 1593273959، 1593274300، 1593275099، 159327534X، 1593275676، 1593276451، 1593277032، 1593277709، 1593277938، 1593278004، 1593278012، 1593278020، 5446109384، 5604072303

دربارهٔ کتاب

Malware Analysis Is Big Business, And Attacks Can Cost A Company Dearly. When Malware Breaches Your Defenses, You Need To Act Quickly To Cure Current Infections And Prevent Future Ones From Occurring. For Those Who Want To Stay Ahead Of The Latest Malware, Practical Malware Analysis Will Teach You The Tools And Techniques Used By Professional Analysts. With This Book As Your Guide, You'll Be Able To Safely Analyze, Debug, And Disassemble Any Malicious Software That Comes Your Way. You'll Learn How To: –set Up A Safe Virtual Environment To Analyze Malware –quickly Extract Network Signatures And Host-based Indicators –use Key Analysis Tools Like Ida Pro, Ollydbg, And Windbg –overcome Malware Tricks Like Obfuscation, Anti-disassembly, Anti-debugging, And Anti-virtual Machine Techniques –use Your Newfound Knowledge Of Windows Internals For Malware Analysis –develop A Methodology For Unpacking Malware And Get Practical Experience With Five Of The Most Popular Packers –analyze Special Cases Of Malware With Shellcode, C++, And 64-bit Code Hands-on Labs Throughout The Book Challenge You To Practice And Synthesize Your Skills As You Dissect Real Malware Samples, And Pages Of Detailed Dissections Offer An Over-the-shoulder Look At How The Pros Do It. You'll Learn How To Crack Open Malware To See How It Really Works, Determine What Damage It Has Done, Thoroughly Clean Your Network, And Ensure That The Malware Never Comes Back. Malware Analysis Is A Cat-and-mouse Game With Rules That Are Constantly Changing, So Make Sure You Have The Fundamentals. Whether You're Tasked With Securing One Network Or A Thousand Networks, Or You're Making A Living As A Malware Analyst, You'll Find What You Need To Succeed In Practical Malware Analysis. "Forensic image acquisition is an important part of post-mortem incident response and evidence collection. Digital forensic investigators acquire, preserve, and manage digital evidence to support civil and criminal cases, examine organizational policy violations, resolve disputes, and analyze cyber attacks. "Practical Forensic Imaging" takes a detailed look at how to secure and manage digital evidence using Linux-based command line tools. This essential guide walks you through the entire forensic acquisition process and covers a wide range of practical scenarios and situations related to the imaging of storage media.You'll learn how to: Use Linux and command line tools to perform to forensic imaging of magnetic hard disks, SSD and flash, optical discs, magnetic tapes, and legacy technologies.Protect attached evidence media from accidental alteration and modification by using hardware and software write blockers, and ensuring read-only access.Manage large forensic image files, storage capacity planning, image format conversion, compression, splitting, duplication, secure transfer and storage, and secure disposal.Preserve and verify evidence integrity with cryptographic hashing and piece-wise hashing, public key signatures, and RFC-3161 time-stamping. Work with new drive and interface technologies such as NVME, SATA Express, 4K-native sector drives, Hybrid SSDs, SAS, UASP/USB3x, Thunderbolt, and more.Manage drive security such as ATA passwords, encrypted thumb drives, Opal self encrypting drives, Bitlocker, FileVault, Truecrypt, and others.Acquire usable images from more complex or challenging situations such as RAID systems, virtual machine images, and damaged media. With its unique focus on digital forensic acquisition and evidence preservation, "Practical Forensic Imaging" is a valuable resource for experienced digital forensic investigators wanting to advance their Linux skills, and experienced Linux administrators wanting to learn digital forensics." Forensic image acquisition is an important part of postmortem incident response and evidence collection. Digital forensic investigators acquire, preserve, and manage digital evidence to support civil and criminal cases; examine organizational policy violations; resolve disputes; and analyze cyber attacks. Practical Forensic Imaging takes a detailed look at how to secure and manage digital evidence using Linux-based command line tools. This essential guide walks you through the entire forensic acquisition process and covers a wide range of practical scenarios and situations related to the imaging of storage media. You'll learn how to: -Perform forensic imaging of magnetic hard disks, SSDs and flash drives, optical discs, magnetic tapes, and legacy technologies -Protect attached evidence media from accidental modification -Manage large forensic image files, storage capacity, image format conversion, compression, splitting, duplication, secure transfer and storage, and secure disposal -Preserve and verify evidence integrity with cryptographic and piecewise hashing, public key signatures, and RFC-3161 timestamping -Work with newer drive and interface technologies like NVME, SATA Express, 4K-native sector drives, SSHDs, SAS, UASP/USB3x, and Thunderbolt -Manage drive security such as ATA passwords; encrypted thumb drives; Opal self-encrypting drives; OS-encrypted drives using BitLocker, FileVault, and TrueCrypt; and others -Acquire usable images from more complex or challenging situations such as RAID systems, virtual machine images, and damaged media With its unique focus on digital forensic acquisition and evidence preservation, Practical Forensic Imaging is a valuable resource for experienced digital forensic investigators wanting to advance their Linux skills and experienced Linux administrators wanting to learn digital forensics. This is a must-have reference for every digital forensics lab. Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring. For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way. You'll learn how to: Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases of malware with shellcode, C++, and 64-bit code Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back. Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis . No source code? No problem. With IDA Pro, the interactive disassembler, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use.Hailed by the creator of IDA Pro as'profound, comprehensive, and accurate,'the second edition of The IDA Pro Book covers everything from the very first steps to advanced automation techniques. You'll find complete coverage of IDA's new Qt-based user interface, as well as increased coverage of the IDA debugger, the Bochs debugger, and IDA scripting (especially using IDAPython). But because humans are still smarter than computers, you'll even learn how to use IDA's latest interactive and scriptable interfaces to your advantage.Save time and effort as you learn to:–Navigate, comment, and modify disassembly–Identify known library routines, so you can focus your analysis on other areas of the code–Use code graphing to quickly make sense of cross references and function calls–Extend IDA to support new processors and filetypes using the SDK–Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more–Use IDA's built-in debugger to tackle hostile and obfuscated codeWhether you're analyzing malware, conducting vulnerability research, or reverse engineering software, a mastery of IDA is crucial to your success. Take your skills to the next level with this 2nd edition of The IDA Pro Book. Modern cars are more computerized than ever. Infotainment and navigation systems, Wi-Fi, automatic software updates, and other innovations aim to make driving more convenient. But vehicle technologies haven't kept pace with today's more hostile security environment, leaving millions vulnerable to attack. The Car Hacker's Handbook will give you a deeper understanding of the computer systems and embedded software in modern vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and between devices and systems. Then, once you have an understanding of a vehicle's communication network, you'll learn how to intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more. With a focus on low-cost, open source hacking tools such as Metasploit, Wireshark, Kayak, can-utils, and ChipWhisperer, The Car Hacker's Handbook will show you how to: -Build an accurate threat model for your vehicle -Reverse engineer the CAN bus to fake engine signals -Exploit vulnerabilities in diagnostic and data-logging systems -Hack the ECU and other firmware and embedded systems -Feed exploits through infotainment and vehicle-to-vehicle communication systems -Override factory settings with performance-tuning techniques -Build physical and virtual test benches to try out exploits safely If you're curious about automotive security and have the urge to hack a two-ton computer, make The Car Hacker's Handbook your first stop.

IDA Pro is a commercial disassembler and debugger used by reverse engineers to dissect compiled computer programs, and is the industry standard tool for analysis of hostile code. The IDA Pro Book provides a comprehensive, top-down overview of IDA Pro and its use for reverse engineering software. Author Chris Eagle, a recognized expert in the field, takes readers from the basics of disassembly theory to the complexities of using IDA Pro in real-world situations. Topics are introduced in the order most frequently encountered, allowing experienced users to easily jump in at the most appropriate point. Eagle covers a variety of real-world reverse engineering challenges and offers strategies to deal with them, such as disassembly manipulation, graphing, and effective use of cross references. This second edition of The IDA Pro Book has been completely updated and revised to cover the new features and cross-platform interface of IDA Pro 6.0. Other additions include expanded coverage of the IDA Pro Debugger, IDAPython, and the IDA Pro SDK.

Chris Eagle is a Senior Lecturer and Associate Chairman of Computer Science at the Naval Postgraduate School in Monterey, CA. He is a co-author of Gray Hat Hacking and has spoken at numerous security conferences, including Blackhat, Defcon, Toorcon, and Shmoocon.

Network security is not simply about building impenetrable walls—determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks—no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.You'll learn how to:–Determine where to deploy NSM platforms, and size them for the monitored networks–Deploy stand-alone or distributed NSM installations–Use command line and graphical packet analysis tools, and NSM consoles–Interpret network evidence from server-side and client-side intrusions–Integrate threat intelligence into NSM software to identify sophisticated adversariesThere's no foolproof way to keep attackers out of your network. But when they get in, you'll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be. Network security is not simply about building impenetrable wallsdetermined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring , Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networksno prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. You'll learn how Determine where to deploy NSM platforms, and size them for the monitored networks Deploy stand-alone or distributed NSM installations Use command line and graphical packet analysis tools, and NSM consoles Interpret network evidence from server-side and client-side intrusions Integrate threat intelligence into NSM software to identify sophisticated adversaries Theres no foolproof way to keep attackers out of your network. But when they get in, youll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be. Unlike some operating systems, Linux doesn’t try to hide the important bits from you—it gives you full control of your computer. But to truly master Linux, you need to understand its internals, like how the system boots, how networking works, and what the kernel actually does. In this completely revised second edition of the perennial best seller How Linux Works, author Brian Ward makes the concepts behind Linux internals accessible to anyone curious about the inner workings of the operating system. Inside, you’ll find the kind of knowledge that normally comes from years of experience doing things the hard way. You’ll learn: –How Linux boots, from boot loaders to init implementations (systemd, Upstart, and System V) –How the kernel manages devices, device drivers, and processes –How networking, interfaces, firewalls, and servers work –How development tools work and relate to shared libraries –How to write effective shell scripts You’ll also explore the kernel and examine key system tasks inside user space, including system calls, input and output, and filesystems. With its combination of background, theory, real-world examples, and patient explanations, How Linux Works will teach you what you need to know to solve pesky problems and take control of your operating system. No source code? No problem. With IDA Pro, the interactive disassembler, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use. Hailed by the creator of IDA Pro as "profound, comprehensive, and accurate," the second edition of The IDA Pro Book covers everything from the very first steps to advanced automation techniques. You'll find complete coverage of IDA's new Qt-based user interface, as well as increased coverage of the IDA debugger, the Bochs debugger, and IDA scripting (especially using IDAPython). But because humans are still smarter than computers, you'll even learn how to use IDA's latest interactive and scriptable interfaces to your advantage In this completely revised second edition, Brian Ward makes accessible the concepts behind Linux internals to anyone curious about the inner workings of the operating system. Readers will learn: how Linux boots, from boot loaders to init implementations (systemd, Upstart, and System V); how the kernel manages devices, device drivers, and processes; how networking, interfaces, firewalls, and servers work; how development tools work and relate to shared libraries; how to write effective shell scripts. Readers also will explore the kernel and examine key system tasks inside user space, including system calls, input and output, and filesystems. -- Edited summary from book There are more than 100 malicious computer attacks every second, resulting in tens of billions of dollars in economic damages each year. Among security professionals, the skills required to quickly analyze and assess these attacks are in high demand. Practical Malware Analysis provides a rapid introduction to the tools and methods used to dissect malicious software (malware), showing readers how to discover, debug, and disassemble these threats. The book goes on to examine how to overcome the evasive techniques?stealth, code obfuscation, encryption, file packing, and others?that malware author Network security is not simply about building impenetrable walls - determined attackers will eventually overcome traditional defenses. The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions. In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks - no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an 2. Reversing and Disassembly Tools; Classification Tools; file; PE Tools; PEiD; Summary Tools; nm; ldd; objdump; otool; dumpbin; c++filt; Deep Inspection Tools; strings; Disassemblers; Summary; 3. IDA Pro Background; Hex-Rays' Stance on Piracy; Obtaining IDA Pro; IDA Versions; IDA Licenses; Purchasing IDA; Upgrading IDA; IDA Support Resources; Your IDA Installation; Windows Installation; OS X and Linux Installation; IDA and SELinux; 32-bit vs. 64-bit IDA; The IDA Directory Layout; Thoughts on IDA's User Interface; Summary; II. Basic IDA Usage; 4. Getting Started with IDA; Launching IDA Brief Contents: xix xxiii The Big Picture Basic Commands and Directory Hierarchy Devices Disks and Filesystems System Configuration: Logging, System Time, Batch Jobs, and Users A Closer Look at Processes and Resource Utilization Understanding Your Network and Its Configuration Network Applications and Services Introduction to Shell Scripts Moving Files Across the Network User Environments A Brief Survey of the Linux Desktop Development Tools Introduction to Compiling Software from C Source Code Building on the Basics 351 355 Storage media overview for postmortem acquisition -- Linux as a forensic acquisition platform -- Forensic image formats and acquisition tools -- Forensic imaging preparation and setup -- Attaching physical media to an acquisition host -- Forensic image acquisition -- Forensic image management -- Accessing logical, virtual, and operating system encrypted images -- Extracting subsets of forensic images "A technical guide that shows how to identify network security risks, exploit software vulnerabilities, and gain a deeper understanding of vehicle software. Covers how navigation systems can be hacked to take control of vehicles, system interconnectivity, and how to bypass dealership restrictions to diagnose and troubleshoot problems"-- Provided by publisher Policies and guidelines Threat modeling Vehicle communications Utilizing the Linux SocketCAN interface Diagnostic communications CAN Bus RE ECU hacking ECU test benches Infotainment systems Vehicle to vehicle Weaponizing TPMS Keysystems Hotwiring Embedded system attack Performance tuning. If you're curious about automotive security and have the urge to hack a two-ton computer, this detailed resource will give you a deeper understanding of the computer systems and embedded software in modern vehicles. -- Edited summary from book Provides Information On Ways To Use Wireshark To Capture And Analyze Packets, Covering Such Topics As Building Customized Capture And Display Filters, Graphing Traffic Patterns, And Building Statistics And Reports-- This revised and expanded third edition of Practical Packet Analysis shows you how to use Wireshark to capture raw network traffic, filter and analyze packets, and diagnose common network problems. The "hows" and "whys" of How Linux Works: for administrators, programmers, and enthusiasts who want to understand the inner workings of the best operating system. This title teaches IT and security staff how to leverage powerful network security monitoring tools and concepts to identify threats quickly and effectively I wrote this book because I believe you should be able to learn what your computer does.

قیمت نهایی

۴۴٬۰۰۰ تومان