Skip to main content
View Cart

Syngress

  • Practical Lock Picking

    A Physical Penetration Tester's Training Guide
    • 2nd Edition
    • September 24, 2012
    • Deviant Ollam
    • English
    Practical Lock Picking, Second Edition, is an instructional manual that covers everything from straightforward lockpicking to quick-entry techniques such as shimming, bumping, and bypassing. Written by Deviant Ollam, one of the security industry's best-known lockpicking teachers, and winner of the Best Book Bejtlich Read in 2010 award, this book contains detailed photos that make learning as easy as picking a lock. Material is offered in easy-to-follow lessons that allow even beginners to acquire the knowledge very quickly. Whether the student will be hired at some point to penetrate security or simply trying to harden his or her own defenses, this book is essential.This edition has been updated to reflect the changing landscape of tools and tactics which have emerged in recent years. It consists of 6 chapters that discuss topics such as the fundamentals of pin tumbler and wafer locks; the basics of picking, with emphasis on how to exploit weaknesses; tips for beginners on how to get very good and very fast in picking locks; advanced training; quick-entry tricks about shimming, bumping, and bypassing; and pin tumblers in other configurations.This book is geared specifically toward penetration testers, security consultants, IT security professionals, and hackers.

  • Hacking Web Apps

    Detecting and Preventing Web Application Security Problems
    • 1st Edition
    • August 29, 2012
    • Mike Shema
    • English
    How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include: • SQL Injection • Cross Site Scripting • Logic Attacks • Server Misconfigurations • Predictable Pages • Web of Distrust • Breaking Authentication Schemes • HTML5 Security Breaches • Attacks on Mobile Apps Even if you don’t develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked—as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser – sometimes your last line of defense – more secure.

  • Malware Forensics Field Guide for Windows Systems

    Digital Forensics Field Guides
    • 1st Edition
    • May 11, 2012
    • Cameron H. Malin + 2 more
    • English
    Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and analyzing malicious code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program. This field guide is intended for computer forensic investigators, analysts, and specialists.

  • The Basics of Digital Forensics

    The Primer for Getting Started in Digital Forensics
    • 1st Edition
    • February 24, 2012
    • John Sammons
    • English
    The Basics of Digital Forensics provides a foundation for people new to the field of digital forensics. This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations. This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available. This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

  • Windows Forensic Analysis Toolkit

    Advanced Analysis Techniques for Windows 7
    • 3rd Edition
    • January 27, 2012
    • Harlan Carvey
    • English
    Windows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 provides an overview of live and postmortem response collection and analysis methodologies for Windows 7. It considers the core investigative and analysis concepts that are critical to the work of professionals within the digital forensic analysis community, as well as the need for immediate response once an incident has been identified. Organized into eight chapters, the book discusses Volume Shadow Copies (VSCs) in the context of digital forensics and explains how analysts can access the wealth of information available in VSCs without interacting with the live system or purchasing expensive solutions. It also describes files and data structures that are new to Windows 7 (or Vista), Windows Registry Forensics, how the presence of malware within an image acquired from a Windows system can be detected, the idea of timeline analysis as applied to digital forensic analysis, and concepts and techniques that are often associated with dynamic malware analysis. Also included are several tools written in the Perl scripting language, accompanied by Windows executables. This book will prove useful to digital forensic analysts, incident responders, law enforcement officers, students, researchers, system administrators, hobbyists, or anyone with an interest in digital forensic analysis of Windows 7 systems.

  • Low Tech Hacking

    Street Smarts for Security Professionals
    • 1st Edition
    • December 13, 2011
    • Terry Gudaitis + 4 more
    • English
    Low Tech Hacking teaches your students how to avoid and defend against some of the simplest and most common hacks. Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. This book focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. It provides detailed descriptions of potential threats and vulnerabilities, many of which the majority of the information systems world may be unaware. It contains insider knowledge of what could be your most likely low-tech threat, with timely advice from some of the top security minds in the world. Author Jack Wiles spent many years as an inside penetration testing team leader, proving that these threats and vulnerabilities exist and their countermeasures work. His contributing authors are among the best in the world in their respective areas of expertise. The book is organized into 8 chapters covering social engineering; locks and ways to low tech hack them; low tech wireless hacking; low tech targeting and surveillance; low tech hacking for the penetration tester; the law on low tech hacking; and information security awareness training as a countermeasure to employee risk. This book will be a valuable resource for penetration testers, internal auditors, information systems auditors, CIOs, CISOs, risk managers, fraud investigators, system administrators, private investigators, ethical hackers, black hat hackers, corporate attorneys, and members of local, state, and federal law enforcement.

  • Moving To The Cloud

    Developing Apps in the New World of Cloud Computing
    • 1st Edition
    • November 16, 2011
    • Geetha Manjunath + 1 more
    • English
    Moving to the Cloud provides an in-depth introduction to cloud computing models, cloud platforms, application development paradigms, concepts and technologies. The authors particularly examine cloud platforms that are in use today. They also describe programming APIs and compare the technologies that underlie them. The basic foundations needed for developing both client-side and cloud-side applications covering compute/storage scaling, data parallelism, virtualization, MapReduce, RIA, SaaS and Mashups are covered. Approaches to address key challenges of a cloud infrastructure, such as scalability, availability, multi-tenancy, security and management are addressed. The book also lays out the key open issues and emerging cloud standards that will drive the continuing evolution of cloud computing.

  • Migrating to the Cloud

    Oracle Client/Server Modernization
    • 1st Edition
    • October 3, 2011
    • Tom Laszewski + 1 more
    • English
    Migrating to the Cloud: Oracle Client/Server Modernization is a reference guide for migrating client/server applications to the Oracle cloud. Organized into 14 chapters, the book offers tips on planning, determining effort and budget, designing the Oracle cloud infrastructure, implementing the migration, and moving the Oracle cloud environment into production. Aside from Oracle application and database cloud offerings, the book looks at various tools and technologies that can facilitate migration to the cloud. It includes useful code snippets and step-by-step instructions in database migration, along with four case studies that highlight service enablement of DOS-based applications, Sybase to Oracle, PowerBuilder to APEX, and Forms to Java EE. Finally, it considers current challenges and future trends in cloud computing and client/server migration. This book will be useful to IT professionals, such as developers, architects, database administrators, IT project managers, and executives, in developing migration strategies and best practices, as well as finding appropriate solutions.

  • Coding for Penetration Testers

    Building Better Tools
    • 1st Edition
    • September 23, 2011
    • Jason Andress + 1 more
    • English
    Coding for Penetration Testers discusses the use of various scripting languages in penetration testing. The book presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages. It also provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting. It guides the student through specific examples of custom tool development that can be incorporated into a tester's toolkit as well as real-world scenarios where such tools might be used. This book is divided into 10 chapters that explores topics such as command shell scripting; Python, Perl, and Ruby; Web scripting with PHP; manipulating Windows with PowerShell; scanner scripting; information gathering; exploitation scripting; and post-exploitation scripting. This book will appeal to penetration testers, information security practitioners, and network and system administrators.

  • Digital Forensics for Legal Professionals

    Understanding Digital Evidence from the Warrant to the Courtroom
    • 1st Edition
    • September 2, 2011
    • Larry Daniel + 1 more
    • English
    Digital Forensics for Legal Professionals is a complete non-technical guide for legal professionals and students to understand digital forensics. In the authors’ years of experience in working with attorneys as digital forensics experts, common questions arise again and again: "What do I ask for?" "Is the evidence relevant?" "What does this item in the forensic report mean?" "What should I ask the other expert?" "What should I ask you?" "Can you explain that to a jury?" This book answers many of those questions in clear language that is understandable by non-technical people. With many illustrations and diagrams that will be usable in court, it explains technical concepts such as unallocated space, forensic copies, timeline artifacts and metadata in simple terms that make these concepts accessible to both attorneys and juries. The book also explains how to determine what evidence to ask for, evidence that might be discoverable, and furthermore, it provides an overview of the current state of digital forensics, the right way to select a qualified expert, what to expect from that expert, and how to properly use experts before and during trial. With this book, readers will clearly understand different types of digital evidence and examples of direct and cross examination questions. It includes a reference of definitions of digital forensic terms, relevant case law, and resources. This book will be a valuable resource for attorneys, judges, paralegals, and digital forensic professionals.

Browse by Publisher