没有合适的资源?快使用搜索试试~ 我知道了~
首页渗透测试实战:shellcode技术详解
渗透测试实战:shellcode技术详解
5星 · 超过95%的资源 需积分: 23 58 下载量 186 浏览量
更新于2024-07-18
1
收藏 20.44MB PDF 举报
"《渗透测试与壳代码》是一本由Hamza Megahed所著的专业书籍,专门探讨在网络层和操作系统级别的漏洞检测、利用以及安全防护。这本书在2018年由Packt Publishing出版,版权受到保护,未经许可不得复制、存储或以任何形式传播,除非用于嵌入在批评性文章或评论中。作者和出版社对书中提供的信息尽力确保准确性,但不承担因信息错误导致的直接或间接损害的责任。 本书涵盖了Shellcode技术在渗透测试中的核心应用,Shellcode是一种小型可执行代码片段,常用于攻击者利用系统漏洞进行远程控制或权限提升。它主要关注网络漏洞利用技术,如缓冲区溢出攻击(Buffer Overflow Attack),通过将恶意Shellcode注入到目标程序的内存中,从而实现攻击目标。读者可以从中学习如何设计、分析和实施有效的渗透测试策略,以及如何防范此类攻击。 作者Vijin Borich担任了本书的委派编辑,表明这本书不仅提供了理论知识,还可能包含实用的工具和技术演示,适合对网络安全感兴趣的渗透测试人员、安全研究员以及开发人员深入理解系统安全的深层次工作。 为了确保阅读体验,此资源的PDF版本经过了多个软件的兼容性测试,包括FoxitReader、PDF-XChangeViewer、SumatraPDF和Firefox,确认可以正常打开。如果你发现任何版权问题,应直接联系上传者或通过CSDN平台进行处理,以尊重版权法规。对于更详尽的内容和实战案例,读者可以参考美国亚马逊官网的原著详情,获取专业且全面的渗透测试与Shellcode技术指南。"
资源详情
资源推荐
Who this book is for
This book is intended to be read by penetration testers, malware analysts, security researchers,
forensic practitioners, exploit developers, C language programmers, software testers, and
students in the security field.
What this book covers
Chapter 1, Introduction, discusses the concept of shellcode, buffer overflow, heap corruption, and
introduces the computer architecture.
Chapter 2, Lab Setup, teaches how to build a safe environment to test bad code and introduces
readers to the graphical interfaces of debuggers.
Chapter 3, Assembly Language in Linux, explains how to use the assembly language on Linux to
build shellcode.
Chapter 4, Reverse Engineering, shows how to use debuggers to perform reverse engineering on
code.
Chapter 5, Creating Shellcode, explains how to build a shellcode using the assembly language and
Metasploit.
Chapter 6, Buffer Overflow Attacks, provides a detailed understanding of buffer overflow attacks
on Windows and Linux.
Chapter 7, Exploit Development – Part 1, discusses how to perform fuzzing and finding the return
address.
Chapter 8, Exploit Development – Part 2, teaches how to generate a proper shellcode and how to
inject a shellcode in an exploit.
Chapter 9, Real-World Scenarios – Part 1, introduces a real-world example of buffer overflow
attacks.
Chapter 10, Real-World Scenarios – Part 2, continues the previous chapter but is more advanced.
Chapter 11, Real-World Scenarios – Part 3, gives another real-world scenario example but with
more techniques.
Chapter 12, Detection and Prevention, discusses the techniques and algorithms you need to detect
and prevent buffer overflow attacks.
To get the most out of this book
Readers should have a basic understanding of operating system internals (Windows and Linux).
Some knowledge of C is essential, and familiarity with Python would be helpful.
All addresses in this book are dependent on my machine and my operating system. So,
addresses may vary on your machine.
Download the example code files
You can download the example code files for this book from your account at www.packtpub.com.
If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have
the files emailed directly to you.
You can download the code files by following these steps:
1. Log in or register at www.packtpub.com.
2. Select the SUPPORT tab.
3. Click on Code Downloads & Errata.
4. Enter the name of the book in the Search box and follow the onscreen instructions.
Once the file is downloaded, please make sure that you unzip or extract the folder using the
latest version of:
WinRAR/7-Zip for Windows
Zipeg/iZip/UnRarX for Mac
7-Zip/PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Penetratio
n-Testing-with-Shellcode</span>. We also have other code bundles from our rich catalog of books
and videos available at https://github.com/PacktPublishing/. Check them out!
剩余294页未读,继续阅读
yinkaisheng-nj
- 粉丝: 762
- 资源: 6231
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 新型矿用本安直流稳压电源设计:双重保护电路
- 煤矿掘进工作面安全因素研究:结构方程模型
- 利用同位素位移探测原子内部新型力
- 钻锚机钻臂动力学仿真分析与优化
- 钻孔成像技术在巷道松动圈检测与支护设计中的应用
- 极化与非极化ep碰撞中J/ψ的Sivers与cos2φ效应:理论分析与COMPASS验证
- 新疆矿区1200m深孔钻探关键技术与实践
- 建筑行业事故预防:综合动态事故致因理论的应用
- 北斗卫星监测系统在电网塔形实时监控中的应用
- 煤层气羽状水平井数值模拟:交替隐式算法的应用
- 开放字符串T对偶与双空间坐标变换
- 煤矿瓦斯抽采半径测定新方法——瓦斯储量法
- 大倾角大采高工作面设备稳定与安全控制关键技术
- 超标违规背景下的热波动影响分析
- 中国煤矿选煤设计进展与挑战:历史、现状与未来发展
- 反演技术与RBF神经网络在移动机器人控制中的应用
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功