Hacking Exposed ^{5th Ed.}

The fifth edition of this world-renowned security reference offers completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using the proven Hacking Exposed methodology, the book show you, step by step, how to locate and patch system vulnerabilities and explains what you need to know to stay vigilant in today's 24x7 digital world.

• Part I: Casing the Establishment
• Case Study: Googling Your Way to Insecurity
1. Footprinting
• What Is Footprinting?
• Why Is Footprinting Necessary?
• Internet Footprinting
• Step 1: Determine the Scope of Your Activities
• Step 2: get Proper Authorization
• Step 3: Publicly Available Information
• Step 4: WHOIS and DNS Enumeration
• Step 5: DNS Interrogation
• Step 6: Network Reconnaissance
• Summary
2. Scanning
• Determining if the System Is Alive
• Determining Which Services Are Running or Listening
• Scan Types
• Identifying TCP and UDP Services Running
• Windows-Based Port Scanners
• Port Scanning Breakdown
• Detecting the Operating Syste,
• Active Stack Fingerprinting
• Passive Stack Fingerprinting
• Summary
3. Enumeration
• Basic Banner grabbing
• Enumerating Common Network Services
• Summary
• Part II: System Hacking
• Case Study: I Have a Mac — I Must Be Secure!
4. Hacking Windows
• Overview
• What's Not Covered
• • Proprietary Windows Networking Protocols Attacks
  • Windows Inter Service Implementations
• Authenticated Attacks
• Privilege Escalation
• Pilfering
• Remote Control and Back Doors
• Port Redirection
• General Countermeasures to Authenticated Compromise
• Covering Tracks
• Windows Security Features
• Keeping Up with Patches
• Group Policy
• IPSec
• runas
• .NET Framework
• Windows Fireall
• The Encrypting File System (EFS)
• Windows XP Service Pack 2
• Coda: The Burden of Windows Security
• Summary
5. Hacking UNIX
• The Quest for Root
• A Brief Review
• Vulnerability Mapping
• Remote Access vs. Local Access
• Remote Access
• Data Driven Attacks
• I Want My Shell
• Common Types of Remote Attacks
• Local Access
• After Hacking Root
• Rootkit Recovery
• Summary
6. Remote Connectivity and VOIP Hacking
• Preparing to Dial Up
• Wardialing
• Hardware
• Legal Issues
• Peripheral Costs
• Software
• Brute-force Scripting — The Homegrown Way
• PBX Hacking
• Voicemail Hacking
• Virtual Private Network (VPN) Hacking
• Voice over IP Hacking
• Most Common Attacks
• Summary
• Part III: Network Hacking
• Case Study: Wireless Insecurities
7. Network Devices
• Discovery
• Detection
• Autonomous System Lockup
• Normal traceroute
• traceroute with ASN Information
• show ip bgp
• Public Newsgroups
• Service Detection
• Network Vulnerability
• OSI Layer 1
• OSI Layer 2
• Switch Sniffing
• OSI Layer 3
• dsniff
• Misconfigurations
• Route Protocol Hacking
• Management Protocol Hacking
• Summary
8. Wireless Hacking
• Wireless Footprinting
• Equipment
• Wireless Scanning and Enumeration
• Wireless Sniffers
• Wireless Monitoring Tools
• Identifying Wireless Network Defenses and Countermeasures
• SSID
• MAC Access Control
• Gaining Access (Hacking 802.11)
• MAC Access Control
• Attacks Against the WEP Algorithm
• Securimh WEP
• Tools That Exploit WEP Weaknesses
• LEAP Attacks
• Denial of Service (DoS) Attacks
• An 802.1x Overview
• Additional Resources
• Summary
9. Firewalls
• Firewall Landscape
• Firewall Identification
• Advanced Firewall Discovery
• Scanning Through Firewalls
• Packet Filtering
• Application Proxy Vulnerabilities
• WinGate Vulnerabilities
• Summary
10. Denial of Service (DoS) Attacks
• Common DoS Attack Techniques
• Old-School DoS: Vulnerabilities
• Modern DoS: Capacity Depletion
• DoS Countermeasures
• A Quick Note on Practical Goals
• Resisting DoS
• Detecting DoS
• Responding to DoS
• Summary
• Part IV: Software Hacking
• Case Study: Only the Elite…
11. Hacking Code
• Common Exploit Techniques
• Buffer Overflows and Design Flaws
• Input Validation Attacks
• Common Countermeasures
• People: Changing the Culture
• Process: Security in the Development Lifecycle (SDL)
• Technology
• Recommended Further reading
• Summary
12. Web Hacking
• Web Server Hacking
• Sample Files
• Source Code Disclosures
• Cononicalization Attacks
• Server Extensions
• Buffer Overflows
• Web Server Vulnerability Scanners
• Web Application Hacking
• Finding Vulnerable Web Apps with Google
• Web Crawling
• Web Application Assessment
• Common Web Application Vulnerabilities
• Summary
13. Hacking the Internet User
• Internet Client Vulnerabilities
• A Brief History of Internet Client Hacking
• Java Script and Active Scripting
• Cookies
• Cross-Site Scripting (XSS)
• Cross-Frame/Domain Vulnerabilities
• SSL Attacks
• Payloads and Drop Points
• E-mail Hacking
• Instant Messaging
• Microsoft Internet Client Exploits and Countermeasures
• General Microsoft Client-Side Countermeasures
• Why Not Use Non-Microsoft Clients?
• Non-Microsoft Internet Clients
• Online Services
• Socio-Technical Attacks: Phishing and Identity Theft
• Phishing Techniques
• Annoying and Deceptive Software
• Common Insertion Techniques
• Blocking, Detecting, and Cleaning Annoying and Deceptive Software
• Malware
• Malware Variants and Common Techniques
• Detecting and Cleaning Malware
• Physical Security for End Users
• Summary
• Part V: Appendixes

1. Ports
2. Top 14 Security Vulnerabilities

I just discovered that I own the fifth edition as well as the second edition. Still a very practical and good book about IT security. And you can detect how the authors thinking has matured. Still a book to have on the self, if you're into IT Securit.