Description
Attacking Network Protocols is a deep-dive into network vulnerability discovery from James Forshaw, Microsoft's top bug hunter. This comprehensive guide looks at networking from an attacker's perspective to help you find, exploit, and ultimately protect vulnerabilities.Part I starts with a rundown of networking basics and traffic capture, as it builds a foundation for analyzing a network. Part II moves on to protocol analysis, both static and dynamic; you'll learn about common protocol structures, cryptography, and protocol security, and how to reverse engineer code with IDA Pro, ILSpy, and Javasnoop. Part III focuses on finding and exploiting vulnerabilities, including an overview of common bug classes, fuzzing, debugging, exhaustion attacks, and how to develop custom tools. Forshaw ends with an overview of the best tools for analyzing and exploiting networks. By the book's end, you'll have a deep understanding of how to analyze network communication and where to look for vulnerabilities.You'll learn how to--Capture, manipulate, and spoof packets both passively and on the wire-Reverse engineer code, brute force passwords, and decrypt traffic-Exploit vulnerabilities with denial-of-service attacks, authentication and authorization bypasses, and memory corruptions-Use capture and analysis tools like IDA Pro, Wireshark, and CANAPE-Strengthen your exploits by rerouting network traffic, exploiting compression, and controlling data flowAttacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to exploit and secure network vulnerabilities.
About the Author
James Forshaw is a freelancing debugging cowboy with ten years of experience in the security field, from cracking game consoles to exposing a $100,000 exploit for Microsoft. He's the creator of the protocol capture tool, CANAPE, and gives talks at hacker conferences like Black Hat and Chaos Computer Congress.
Reviews
"One of the best, if not the best, reference books on this material."
-Andrew Swoboda, Tripwire
"Very readable and accessible...worth reading even if your only interest in network security is as an applications developer."
-I Programmer
"Whether you're a pen tester, fuzzer, or a serene developer seeking understanding of what not to do, this book is an excellent beginner's guide."
-Sven Dietrich, IEEE Cipher, Cipher Book Review
"Concise and easy to follow."
-Nicky Lim, Goodreads Reviewer
Book Information
ISBN 9781593277505
Author James Forshaw
Format Paperback
Page Count 408
Imprint No Starch Press,US
Publisher No Starch Press,US
About the Author
James Forshaw is a freelancing debugging cowboy with ten years of experience in the security field, from cracking game consoles to exposing a $100,000 exploit for Microsoft. He's the creator of the protocol capture tool, CANAPE, and gives talks at hacker conferences like Black Hat and Chaos Computer Congress.
Reviews
"One of the best, if not the best, reference books on this material."
-Andrew Swoboda, Tripwire
"Very readable and accessible...worth reading even if your only interest in network security is as an applications developer."
-I Programmer
"Whether you're a pen tester, fuzzer, or a serene developer seeking understanding of what not to do, this book is an excellent beginner's guide."
-Sven Dietrich, IEEE Cipher, Cipher Book Review
"Concise and easy to follow."
-Nicky Lim, Goodreads Reviewer
Book Information
ISBN 9781593277505
Author James Forshaw
Format Paperback
Page Count 408
Imprint No Starch Press,US
Publisher No Starch Press,US
