O’Reilly Network Security Tools Free Download

Posted on: 29th September 2009 by it-hacked.com in Ebooks

O'Reilly Network Security Tools
Preface
These days, software vulnerabilities are announced to the public before vendors have a chance to provide a patch to customers. Therefore, it has become important, if not absolutely necessary, for an organization to routinely assess its network to measure its security posture.
But how does one go about performing a thorough network assessment? Network security books today typically teach you only how to use the out-of-the-box functionality provided by existing network security tools, which is often limited. Malicious attackers, however, are sophisticated enough to understand that the real power of the most popular network security tools does not lie in their out-of-the-box functionality, but in the framework that allows you to extend and tweak their functionality. These sophisticated attackers also know how to quickly write their own tools to break into remote networks. The aim of this book is to teach you how to tweak existing and powerful open source assessment tools and how to write your own tools to protect your networks and data from the most experienced attackers.

Table of Contents:
Copyright
Preface
Audience
Assumptions This Book Makes
Contents of This Book
Conventions Used in This Book
Using Code Examples
We’d Like to Hear from You
Safari Enabled
Acknowledgments
Part I: Modifying and Hacking Security Tools
Chapter 1. Writing Plug-ins for Nessus
Section 1.1. The Nessus Architecture
Section 1.2. Installing Nessus
Section 1.3. Using Nessus
Section 1.4. The NASL Interpreter
Section 1.5. Hello World
Section 1.6. Datatypes and Variables
Section 1.7. Operators
Section 1.8. if…else
Section 1.9. Loops
Section 1.10. Functions
Section 1.11. Predefined Global Variables
Section 1.12. Important NASL Functions
Section 1.13. Nessus Plug-ins
Chapter 2. Developing Dissectors and Plug-ins for the Ettercap Network Sniffer
Section 2.1. Installing and Using Ettercap
Section 2.2. Writing an Ettercap Dissector
Section 2.3. Writing an Ettercap Plug-in
Chapter 3. Extending Hydra and Nmap
Section 3.1. Extending Hydra
Section 3.2. Adding Service Signatures to Nmap
Chapter 4. Writing Plug-ins for the Nikto Vulnerability Scanner
Section 4.1. Installing Nikto
Section 4.2. Using Nikto
Section 4.3. Nikto Under the Hood
Section 4.4. Existing Nikto Plug-ins
Section 4.5. Adding Custom Entries to the Plug-in Databases
Section 4.6. Using LibWhisker
Section 4.7. Writing an NTLM Plug-in for Brute-Force Testing
Section 4.8. Writing a Standalone Plug-in to Attack Lotus Domino
Chapter 5. Writing Modules for the Metasploit Framework
Section 5.1. Introduction to MSF
Section 5.2. Overview of Stack Buffer Overflows
Section 5.3. Writing Exploits for MSF
Section 5.4. Writing a Module for the MnoGoSearch Overflow
Section 5.5. Writing an Operating System Fingerprinting Module for MSF
Chapter 6. Extending Code Analysis to the Webroot
Section 6.1. Attacking Web Applications at the Source
Section 6.2. Toolkit 101
Section 6.3. PMD
Section 6.4. Extending PMD
Part II: Modifying and Hacking Security Tools
Chapter 7. Fun with Linux Kernel Modules
Section 7.1. Hello World
Section 7.2. Intercepting System Calls
Section 7.3. Hiding Processes
Section 7.4. Hiding from netstat
Chapter 8. Developing Web Assessment Tools and Scripts
Section 8.1. Web Application Environment
Section 8.2. Designing the Scanner
Section 8.3. Building the Log Parser
Section 8.4. Building the Scanner
Section 8.5. Using the Scanner
Section 8.6. Complete Source Code
Chapter 9. Automated Exploit Tools
Section 9.1. SQL Injection Exploits
Section 9.2. The Exploit Scanner
Section 9.3. Using the Scanner
Chapter 10. Writing Network Sniffers
Section 10.1. Introduction to libpcap
Section 10.2. Getting Started with libpcap
Section 10.3. libpcap and 802.11 Wireless Networks
Section 10.4. libpcap and Perl
Section 10.5. libpcap Library Reference
Chapter 11. Writing Packet-Injection Tools
Section 11.1. Introduction to libnet
Section 11.2. Getting Started with libnet
Section 11.3. Advanced libnet Functions
Section 11.4. Combining libnet and libpcap
Section 11.5. Introducing AirJack