Some of our recommended readings:
This book dissects the known breaches and digs into the root causes while providing insights into how it might have been avoided.
The skills and tools for collecting, verifying and correlating information from different types of systems is an essential skill when tracking down hackers. This book explores Open Source Intelligence Gathering (OSINT) inside out from multiple perspectives, including those of hackers and seasoned intelligence experts. OSINT refers to the techniques and tools required to harvest publicly available data concerning a person or an organization. With several years of experience of tracking hackers with OSINT, the author whips up a classical plot-line involving a hunt for a threat actor. While taking the audience through the thrilling investigative drama, the author immerses the audience with in-depth knowledge of state-of-the-art OSINT tools and techniques. Technical users will want a basic understanding of the Linux command line in order to follow the examples. But a person with no Linux or programming experience can still gain a lot from this book through the commentaries.
This book’s unique digital investigation proposition is a combination of story-telling, tutorials, and case studies. The book explores digital investigation from multiple angles:
- Through the eyes of the author who has several years of experience in the subject.
- Through the mind of the hacker who collects massive amounts of data from multiple online sources to identify targets as well as ways to hit the targets.
- Through the eyes of industry leaders.
This book is ideal for:
Investigation professionals, forensic analysts, and CISO/CIO and other executives wanting to understand the mindset of a hacker and how seemingly harmless information can be used to target their organization.
Security analysts, forensic investigators, and SOC teams looking for new approaches on digital investigations from the perspective of collecting and parsing publicly available information.
CISOs and defense teams will find this book useful because it takes the perspective of infiltrating an organization from the mindset of a hacker. The commentary provided by outside experts will also provide them with ideas to further protect their organization’s data.
Understand the process of setting up a successful cyber threat intelligence (CTI) practice within an established security team. This book shows you how threat information that has been collected, evaluated, and analyzed is a critical component in protecting your organization’s resources. Adopting an intelligence-led approach enables your organization to nimbly react to situations as they develop. Security controls and responses can then be applied as soon as they become available, enabling prevention rather than response. There are a lot of competing approaches and ways of working, but this book cuts through the confusion. Author Aaron Roberts introduces the best practices and methods for using CTI successfully. This book will help not only senior security professionals, but also those looking to break into the industry. You will learn the theories and mindset needed to be successful in CTI. This book covers the cybersecurity wild west, the merits and limitations of structured intelligence data, and how using structured intelligence data can, and should, be the standard practice for any intelligence team. You will understand your organizations’ risks, based on the industry and the adversaries you are most likely to face, the importance of open-source intelligence (OSINT) to any CTI practice, and discover the gaps that exist with your existing commercial solutions and where to plug those gaps, and much more.
What You Will Learn Know the wide range of cybersecurity products and the risks and pitfalls aligned with blindly working with a vendorUnderstand critical intelligence concepts such as the intelligence cycle, setting intelligence requirements, the diamond model, and how to apply intelligence to existing security informationUnderstand structured intelligence (STIX) and why it’s important, and aligning STIX to ATT&CK and how structured intelligence helps improve final intelligence reportingKnow how to approach CTI, depending on your budgetPrioritize areas when it comes to funding and the best approaches to incident response, requests for information, or ad hoc reportingCritically evaluate services received from your existing vendors, including what they do well, what they don’t do well (or at all), how you can improve on this, the things you should consider moving in-house rather than outsourcing, and the benefits of finding and maintaining relationships with excellent vendors
Who This Book Is For
Senior security leaders in charge of cybersecurity teams who are considering starting a threat intelligence team, those considering a career change into cyber threat intelligence (CTI) who want a better understanding of the main philosophies and ways of working in the industry, and security professionals with no prior intelligence experience but have technical proficiency in other areas (e.g., programming, security architecture, or engineering)
How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.
System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.
Learn how to effectively test system components, including:
- Common services such as SSH, FTP, Kerberos, SNMP, and LDAP
- Microsoft services, including NetBIOS, SMB, RPC, and RDP
- SMTP, POP3, and IMAP email services
- IPsec and PPTP services that provide secure network access
- TLS protocols and features providing transport security
- Web server software, including Microsoft IIS, Apache, and Nginx
- Frameworks including Rails, Django, Microsoft ASP.NET, and PHP
- Database servers, storage protocols, and distributed key-value stores
A complete reference guide to mastering Nmap and its scripting engine, covering practical tasks for IT personnel, security engineers, system administrators, and application security enthusiasts
- Learn how to use Nmap and other tools from the Nmap family with the help of practical recipes
- Discover the latest and most powerful features of Nmap and the Nmap Scripting Engine
- Explore common security checks for applications, Microsoft Windows environments, SCADA, and mainframes
Nmap is one of the most powerful tools for network discovery and security auditing used by millions of IT professionals, from system administrators to cybersecurity specialists. This third edition of the Nmap: Network Exploration and Security Auditing Cookbook introduces Nmap and its family – Ncat, Ncrack, Ndiff, Zenmap, and the Nmap Scripting Engine (NSE) – and guides you through numerous tasks that are relevant to security engineers in today’s technology ecosystems.
The book discusses some of the most common and useful tasks for scanning hosts, networks, applications, mainframes, Unix and Windows environments, and ICS/SCADA systems. Advanced Nmap users can benefit from this book by exploring the hidden functionalities within Nmap and its scripts as well as advanced workflows and configurations to fine-tune their scans. Seasoned users will find new applications and third-party tools that can help them manage scans and even start developing their own NSE scripts. Practical examples featured in a cookbook format make this book perfect for quickly remembering Nmap options, scripts and arguments, and more.
By the end of this Nmap book, you will be able to successfully scan numerous hosts, exploit vulnerable areas, and gather valuable information.
What you will learn
- Scan systems and check for the most common vulnerabilities
- Explore the most popular network protocols
- Extend existing scripts and write your own scripts and libraries
- Identify and scan critical ICS/SCADA systems
- Detect misconfigurations in web servers, databases, and mail servers
- Understand how to identify common weaknesses in Windows environments
- Optimize the performance and improve results of scans
Who this book is for
This Nmap cookbook is for IT personnel, security engineers, system administrators, application security enthusiasts, or anyone who wants to master Nmap and its scripting engine. This book is also recommended for anyone looking to learn about network security auditing, especially if they’re interested in understanding common protocols and applications in modern systems. Advanced and seasoned Nmap users will also benefit by learning about new features, workflows, and tools. Basic knowledge of networking, Linux, and security concepts is required before taking up this book.