Coverart for item
The Resource Gray hat C# : a hacker's guide to creating and automating security tools, Brandon Perry

Gray hat C# : a hacker's guide to creating and automating security tools, Brandon Perry

Label
Gray hat C# : a hacker's guide to creating and automating security tools
Title
Gray hat C#
Title remainder
a hacker's guide to creating and automating security tools
Statement of responsibility
Brandon Perry
Creator
Author
Subject
Language
eng
Summary
"Teaches how to use C#'s set of core libraries to automate tasks like performing vulnerability scans, malware analysis, and incident response. Teaches how to write practical security tools that will run on Mac, Linux, and mobile devices"--
Assigning source
Provided by publisher
Cataloging source
DLC
http://library.link/vocab/creatorName
Perry, Brandon
Dewey number
005.8
Index
no index present
LC call number
QA76.73.C154
Literary form
non fiction
Nature of contents
dictionaries
http://library.link/vocab/subjectName
  • C# (Computer program language)
  • Automatic control
  • Computer security
  • Automatic control
  • C# (Computer program language)
  • Computer security
Label
Gray hat C# : a hacker's guide to creating and automating security tools, Brandon Perry
Instantiates
Publication
Bibliography note
Includes bibliographical references and index
Carrier category
online resource
Carrier category code
  • nc
Carrier MARC source
rdacarrier
Content category
text
Content type code
  • txt
Content type MARC source
rdacontent
Contents
  • Intro; Brief Contents; Contents in Detail; Foreword; Preface; Why Should I Trust Mono?; Who Is This Book For?; Organization of This Book; Acknowledgements; A Final Note; Chapter 1: C# Crash Course; Choosing an IDE; A Simple Example; Introducing Classes and Interfaces; Creating a Class; Creating an Interface; Subclassing from an Abstract Class and Implementing an Interface; Tying Everything Together with the Main() Method; Running the Main() Method; Anonymous Methods; Assigning a Delegate to a Method; Updating the Firefighter Class; Creating Optional Arguments; Updating the Main() Method
  • Running the Updated Main() MethodIntegrating with Native Libraries; Conclusion; Chapter 2: Fuzzing and Exploiting XSS and SQL Injection; Setting Up the Virtual Machine; Adding a Host-Only Virtual Network; Creating the Virtual Machine; Booting the Virtual Machine from the BadStore ISO; SQL Injections; Cross-Site Scripting; Fuzzing GET Requests with a Mutational Fuzzer; Tainting the Parameters and Testing for Vulnerabilities; Building the HTTP Requests; Testing the Fuzzing Code; Fuzzing POST Requests; Writing a POST Request Fuzzer; The Fuzzing Begins; Fuzzing Parameters; Fuzzing JSON
  • Setting Up the Vulnerable ApplianceCapturing a Vulnerable JSON Request; Creating the JSON Fuzzer; Testing the JSON Fuzzer; Exploiting SQL Injections; Performing a UNION-Based Exploit by Hand; Performing a UNION-Based Exploit Programmatically; Exploiting Boolean-Blind SQL Vulnerabilities; Conclusion; Chapter 3: Fuzzing SOAP Endpoints; Setting Up the Vulnerable Endpoint; Parsing the WSDL; The WSDL Class Constructor; Writing the Initial Parsing Methods; Writing a Class for the SOAP Type and Parameters; Creating the SoapMessage Class to Define Sent Data; Implementing a Class for Message Parts
  • Defining Port Operations with the SoapPortType ClassImplementing a Class for Port Operations; Defining Protocols Used in SOAP Bindings; Compiling a List of Operation Child Nodes; Finding the SOAP Services on Ports; Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities; Fuzzing Individual SOAP Services; Fuzzing the HTTP POST SOAP Port; Fuzzing the SOAP XML Port; Running the Fuzzer; Conclusion; Chapter 4: Writing Connect-Back, Binding, and Metasploit Payloads; Creating a Connect-Back Payload; The Network Stream; Running the Command; Running the Payload; Binding a Payload
  • Accepting Data, Running Commands, and Returning OutputExecuting Commands from the Stream; Using UDP to Attack a Network; The Code for the Target's Machine; The Attacker's Code; Running x86 and x86-64 Metasploit Payloads from C#; Setting Up Metasploit; Generating Payloads; Executing Native Windows Payloads as Unmanaged Code; Executing Native Linux Payloads; Conclusion; Chapter 5: Automating Nessus; REST and the Nessus API; The NessusSession Class; Making the HTTP Requests; Logging Out and Cleaning Up; Testing the NessusSession Class; The NessusManager Class; Performing a Nessus Scan
Control code
971333823
Extent
1 online resource.
Form of item
online
Isbn
9781593278311
Lccn
2017005221
Media category
computer
Media MARC source
rdamedia
Media type code
  • n
http://library.link/vocab/ext/overdrive/overdriveId
  • cl0500000872
  • f075bcde-3994-42ab-8976-8cf69c27fd21
Specific material designation
remote
System control number
(OCoLC)971333823
Label
Gray hat C# : a hacker's guide to creating and automating security tools, Brandon Perry
Publication
Bibliography note
Includes bibliographical references and index
Carrier category
online resource
Carrier category code
  • nc
Carrier MARC source
rdacarrier
Content category
text
Content type code
  • txt
Content type MARC source
rdacontent
Contents
  • Intro; Brief Contents; Contents in Detail; Foreword; Preface; Why Should I Trust Mono?; Who Is This Book For?; Organization of This Book; Acknowledgements; A Final Note; Chapter 1: C# Crash Course; Choosing an IDE; A Simple Example; Introducing Classes and Interfaces; Creating a Class; Creating an Interface; Subclassing from an Abstract Class and Implementing an Interface; Tying Everything Together with the Main() Method; Running the Main() Method; Anonymous Methods; Assigning a Delegate to a Method; Updating the Firefighter Class; Creating Optional Arguments; Updating the Main() Method
  • Running the Updated Main() MethodIntegrating with Native Libraries; Conclusion; Chapter 2: Fuzzing and Exploiting XSS and SQL Injection; Setting Up the Virtual Machine; Adding a Host-Only Virtual Network; Creating the Virtual Machine; Booting the Virtual Machine from the BadStore ISO; SQL Injections; Cross-Site Scripting; Fuzzing GET Requests with a Mutational Fuzzer; Tainting the Parameters and Testing for Vulnerabilities; Building the HTTP Requests; Testing the Fuzzing Code; Fuzzing POST Requests; Writing a POST Request Fuzzer; The Fuzzing Begins; Fuzzing Parameters; Fuzzing JSON
  • Setting Up the Vulnerable ApplianceCapturing a Vulnerable JSON Request; Creating the JSON Fuzzer; Testing the JSON Fuzzer; Exploiting SQL Injections; Performing a UNION-Based Exploit by Hand; Performing a UNION-Based Exploit Programmatically; Exploiting Boolean-Blind SQL Vulnerabilities; Conclusion; Chapter 3: Fuzzing SOAP Endpoints; Setting Up the Vulnerable Endpoint; Parsing the WSDL; The WSDL Class Constructor; Writing the Initial Parsing Methods; Writing a Class for the SOAP Type and Parameters; Creating the SoapMessage Class to Define Sent Data; Implementing a Class for Message Parts
  • Defining Port Operations with the SoapPortType ClassImplementing a Class for Port Operations; Defining Protocols Used in SOAP Bindings; Compiling a List of Operation Child Nodes; Finding the SOAP Services on Ports; Automatically Fuzzing the SOAP Endpoint for SQL Injection Vulnerabilities; Fuzzing Individual SOAP Services; Fuzzing the HTTP POST SOAP Port; Fuzzing the SOAP XML Port; Running the Fuzzer; Conclusion; Chapter 4: Writing Connect-Back, Binding, and Metasploit Payloads; Creating a Connect-Back Payload; The Network Stream; Running the Command; Running the Payload; Binding a Payload
  • Accepting Data, Running Commands, and Returning OutputExecuting Commands from the Stream; Using UDP to Attack a Network; The Code for the Target's Machine; The Attacker's Code; Running x86 and x86-64 Metasploit Payloads from C#; Setting Up Metasploit; Generating Payloads; Executing Native Windows Payloads as Unmanaged Code; Executing Native Linux Payloads; Conclusion; Chapter 5: Automating Nessus; REST and the Nessus API; The NessusSession Class; Making the HTTP Requests; Logging Out and Cleaning Up; Testing the NessusSession Class; The NessusManager Class; Performing a Nessus Scan
Control code
971333823
Extent
1 online resource.
Form of item
online
Isbn
9781593278311
Lccn
2017005221
Media category
computer
Media MARC source
rdamedia
Media type code
  • n
http://library.link/vocab/ext/overdrive/overdriveId
  • cl0500000872
  • f075bcde-3994-42ab-8976-8cf69c27fd21
Specific material designation
remote
System control number
(OCoLC)971333823

Library Locations

    • Ellis LibraryBorrow it
      1020 Lowry Street, Columbia, MO, 65201, US
      38.944491 -92.326012
    • Engineering Library & Technology CommonsBorrow it
      W2001 Lafferre Hall, Columbia, MO, 65211, US
      38.946102 -92.330125
Processing Feedback ...