BUY THE BOOKS
AUTHORS
NEWS
CONTENTS
ERRATA
FOREWORD
LINKS
REVIEWS
TOOLS
HOME
ARCHIVE
Web Hacking Exposed
1 Information Security Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
2 The Windows Security Architecture from the Hacker's Perspective . . . . . .15
3 Footprinting and Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53
4 Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
5 Hacking Windows-Specific Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
6 Discovering and Exploiting Windows Vulnerabilities . . . . . . . . . . . . . . . . . . . 165
7 Post-Exploit Pillaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . 185
8 Achieving Stealth and Maintaining Presence . . . . . . . . . . . . . . . . . . . . . . . . .. .225
9 Hacking SQL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
10 Hacking Microsoft Client Apps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . ..317
11 Physical Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..345
12 Windows Security Features and Tools . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . 367
Appendix A Windows Security Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ..405

Chapter 1: Information Security Basics

  • A Framework for Operational Security
    • Plan
    • Prevent
    • Detect
    • Respond
  • Rinse and Repeat
  • Basic Security Principles

Chapter 2: The Windows Security Architecture from the Hacker’s Perspective

  • Overview
    • Attacking the Kernel
    • Attacking User Mode
  • Access Control Overview
  • Security Principals
  • SIDs
    • Users
    • Groups
    • Computers (Machine Accounts)
    • User Rights
  • Putting It All Together: Access Control
    • The Token
    • Network Authentication
  • The SAM and Active Directory
    • Forests, Trees, and Domains
    • Scope: Local, Global, and Universal
    • Trusts
    • Administrative Boundaries: Forest or Domain?
  • Auditing
  • Cryptography
  • The .NET Framework

More content to come soon...
Copyright © 2008. All Rights Reserved. Designed by HTMLfx