You are previewing Anti-Hacker Tool Kit, Fourth Edition.
O'Reilly logo
Anti-Hacker Tool Kit, Fourth Edition

Book Description

Defend against today's most devious attacks

Fully revised to include cutting-edge new tools for your security arsenal, Anti-Hacker Tool Kit, Fourth Edition reveals how to protect your network from a wide range of nefarious exploits. You'll get detailed explanations of each tool’s function along with best practices for configuration and implementation illustrated by code samples and up-to-date, real-world case studies. This new edition includes references to short videos that demonstrate several of the tools in action. Organized by category, this practical guide makes it easy to quickly find the solution you need to safeguard your system from the latest, most devastating hacks.

Demonstrates how to configure and use these and other essential tools:

  • Virtual machines and emulators: Oracle VirtualBox, VMware Player, VirtualPC, Parallels, and open-source options
  • Vulnerability scanners: OpenVAS, Metasploit
  • File system monitors: AIDE, Samhain, Tripwire
  • Windows auditing tools: Nbtstat, Cain, MBSA, PsTools
  • Command-line networking tools: Netcat, Cryptcat, Ncat, Socat
  • Port forwarders and redirectors: SSH, Datapipe, FPipe, WinRelay
  • Port scanners: Nmap, THC-Amap
  • Network sniffers and injectors: WinDump, Wireshark, ettercap, hping, kismet, aircrack, snort
  • Network defenses: firewalls, packet filters, and intrusion detection systems
  • War dialers: ToneLoc, THC-Scan, WarVOX
  • Web application hacking utilities: Nikto, HTTP utilities, ZAP, Sqlmap
  • Password cracking and brute-force tools: John the Ripper, L0phtCrack, HashCat, pwdump, THC-Hydra
  • Forensic utilities: dd, Sleuth Kit, Autopsy, Security Onion
  • Privacy tools: Ghostery, Tor, GnuPG, Truecrypt, Pidgin-OTR

Table of Contents

  1. Cover 
  2. About the Author
  3. Title
  4. Copyright
  5. Dedication
  6. At a Glance
  7. Contents 
  8. Acknowledgments
  9. Introduction
  10. Part I: The Best of the Basics
    1. Chapter 1: Managing Source Code and Working with Programming Languages
      1. SCM Concepts
      2. Git
        1. Working with Repositories
        2. Working with Subversion
      3. Mercurial
      4. Subversion
        1. Creating a Repository
        2. Working with Repositories
        3. Working with Revisions
      5. Eclipse Integrated Developer Environment
        1. Working with Source Control
      6. Programming Languages
        1. Common Terms
        2. Security
        3. C++
        4. Java
        5. JavaScript
        6. Perl
        7. Python
        8. Ruby
    2. Chapter 2: Command-Line Environments
      1. Unix Command Line
        1. Pipes and Redirection
          1. tee
          2. xargs
        2. Command Cornucopia
      2. BackTrack Linux
        1. Configuration
        2. Implementation
      3. MacPorts
        1. Getting Started
        2. Installing and Managing Ports
        3. Tweaking the Installation
      4. Cygwin
        1. Download and Installation
        2. Implementation
          1. Directory Structure and File Permissions
          2. Running Applications
      5. The X Window System
        1. Choosing a Window Manager
        2. A Client/Server Model
        3. How Remote X Servers and Clients Communicate
        4. Securing X Hosts with Xhost and Xauth
          1. Xhost
          2. Xauth
        5. Securing X Communications with Secure Shell
        6. Other X Components
          1. Xdm
          2. Xinit and Startx
          3. Xserver
        7. Now You Know…
      6. Windows PowerShell
        1. Verb Your Nouns
        2. Scripting and Signing
    3. Chapter 3: Virtual Machines and Emulators
      1. Benefits of Virtualization
      2. Oracle VirtualBox
        1. Installing Guest Additions
        2. Remote Access
      3. VMware Player
        1. Download and Installation
        2. Configuration
      4. Virtual PC
        1. Configuration
      5. Parallels
        1. Installing Parallels Tools
      6. Open Source Alternatives
        1. Bochs
        2. QEMU
        3. KVM
        4. Qubes
        5. Vice
        6. Wine
        7. Xen Hypervisor
  11. Part II: Systems
    1. Chapter 4: Vulnerability Scanning
      1. Overview of Vulnerability Scanning
      2. Open Port/Service Identification
      3. Banner/Version Check
      4. Traffic Probe
      5. Vulnerability Probe
      6. Vulnerability Examples
        1. Vulns Are Everywhere
      7. OpenVAS
      8. Installation
      9. Implementation
        1. Collecting Vulnerability Data
        2. Reporting Vulnerability Data
        3. Working with Network Vulnerability Tests
        4. Inside an NVT File
      10. Working with Vulnerability Standards
        1. Common Vulnerability Scoring System (CVSS)
        2. Open Vulnerability and Assessment Language (OVAL)
        3. Common Vulnerability Reporting Framework (CVRF)
      11. OpenVAS Summary
      12. Metasploit
      13. Getting Started
      14. Hunting for Vulns
      15. Compromising a System
        1. Exploits
        2. Payloads
        3. Meterpreter
        4. Route Traffic
        5. Auxiliary Modules
      16. More Resources
    2. Chapter 5: File System Monitoring
      1. File System Metadata
        1. Windows File Metadata
        2. File Integrity
      2. AIDE
        1. Installation
        2. Implementation
      3. Samhain
      4. Tripwire
        1. Implementation
          1. Initial Setup
          2. Examining the Policy and Configuration Files
          3. Running Tripwire
          4. Other Tripwire Utilities
          5. Understanding Tripwire Policy Files
        2. Securing Your Files with Tripwire
    3. Chapter 6: Windows Auditing
      1. Evolution of Windows Security
      2. Nbtstat
        1. Implementation
        2. Retrieving a MAC Address
      3. Cain … Able
        1. Implementation
      4. Microsoft Baseline Security Analyzer
        1. Using the MBSA Command-Line Interface
        2. Implementation
      5. PsTools
        1. Implementation
          1. PsFile
          2. PsLoggedOn
          3. PsGetSid
          4. PsInfo
          5. PsService
          6. PsList
          7. PsKill and PsSuspend
          8. PsLogList
          9. PsExec
          10. PsShutdown
  12. Part III: Networks
    1. Chapter 7: Netcat
      1. Network Communication Basics
      2. Netcat
        1. Implementation
          1. Download
          2. Compile for Windows
          3. nc Command Options
        2. Netcat’s 101 Uses
          1. Obtain Remote Access to a Shell
          2. Perform Basic Port Scanning
          3. Identify Yourself: Services Spilling Their Guts
          4. Give Binary Services a Nudge
          5. Communicate with UDP Services
          6. Frame a Friend: IP Spoofing
          7. Hijack a Service
          8. Create Proxies and Relays
          9. Get Around Port Filters
          10. Build a Datapipe: Your Own File Transfer
          11. Create a Simple Honeypot
          12. Test Networking Equipment
          13. Create Your Own!
      3. Cryptcat
      4. Ncat
        1. Compile for Windows
        2. Options
      5. Socat
        1. Implementation
    2. Chapter 8: Port Forwarding and Redirection
      1. Understanding Port and Services
      2. Secure Shell (SSH)
      3. Datapipe
        1. Implementation
          1. Compiling from Source
          2. Redirecting Traffic
      4. FPipe
        1. Implementation
      5. WinRelay
        1. Implementation
    3. Chapter 9: Network Reconnaissance
      1. Nmap
        1. Implementation
          1. Command-Line Syntax
          2. Identify Hosts on the Network
          3. Scan for TCP Ports
          4. Scan for UDP Ports
          5. Scan for Protocols
          6. Determine a Service’s Identity
          7. Camouflage the Scan
          8. Manage Scan Speeds
          9. Identify a Target’s Operating System
          10. Command-Line Option Summary
          11. Zenmap
        2. Nmap Scripting Engine (NSE)
      2. THC-Amap
        1. Implementation
          1. Examine Banners
          2. Map a Service
          3. Manage Scan Speeds
      3. System Tools
        1. Whois
          1. Implementation
        2. Host, Dig, and Nslookup
          1. Implementation
        3. Traceroute
          1. Implementation
          2. Interpreting Traceroute Output
    4. Chapter 10: Network Sniffers and Injectors
      1. Sniffers Overview
      2. Tcpdump and WinDump
        1. Implementation
          1. Specifying Capture Filters
          2. Command-Line Flags: Formatting Output and Toggling Options
          3. Tcpdump Output
          4. Advanced Examples
      3. Wireshark
        1. Implementation
          1. Packet Display Filters
          2. Packet Capture Filters
          3. Wireshark Features
          4. Additional Wireshark Preferences and Tools
      4. Ettercap
        1. Installation
        2. Implementation
          1. Unified Sniffing
          2. Additional Tools
        3. Potential for Disaster
      5. Hping
        1. Implementation
          1. Determining a Host’s Status When Ping Doesn’t Work
          2. Testing Firewall Rules
          3. Stealth Port Scanning
          4. Remote OS Fingerprinting
          5. Hping Listens
      6. Wireless Networks
      7. Kismet
        1. Implementation
          1. Configuring the Server and Client
          2. Tweaking the Server and Client
          3. Kismet Commands
        2. Expanding Kismet’s Capabilities
        3. Aircrack-ng
        4. Implementation
    5. Chapter 11: Network Defenses
      1. Firewalls and Packet Filters: The Basics
        1. What Is a Firewall?
        2. Packet Filter vs. Firewall
        3. How a Firewall Protects a Network
        4. Packet Characteristics to Filter
        5. Stateless vs. Stateful Firewalls
        6. Network Address Translation (NAT) and Port Forwarding
        7. The Basics of Virtual Private Networks
        8. Inside the Demilitarized Zones
        9. Linux System Firewall
        10. OS X System Firewall
        11. Windows System Firewall
      2. Snort: An Intrusion-Detection System
        1. Installation and Implementation
          1. Snort Modes
          2. Exploring Snort.conf
          3. Snort Rules: An Overview
          4. Snort Rules Syntax
        2. Snort Plug-ins
        3. So Much More…
          1. Preprocessors
          2. Output Modules
    6. Chapter 12: War Dialers
      1. ToneLoc
        1. Implementation: Creating the tl.cfg File
        2. Implementation: Running a Scan
        3. Implementation: Navigating the ToneLoc Interface
        4. .dat File Techniques
          1. Prescan.exe
          2. Analyzing .dat Files
      2. THC-Scan
        1. Implementation: Configuring THC-Scan
        2. Implementation: Running THC-Scan
        3. Implementation: Navigating THC-Scan
        4. Implementation: Manipulating THC-Scan .dat Files
          1. Dat-* Tools
      3. WarVOX
        1. Inter-Asterisk Exchange
        2. Installation
        3. Implementation
        4. Analysis
      4. Beyond the CONNECT String
  13. Part IV: Applications
    1. Chapter 13: Binary Analysis
      1. The Anatomy of a Computer Program
        1. Determining a Binary File Type
        2. Identifying Binary Obfuscation
      2. Black Box Analysis
        1. Creating a Sandboxed System
        2. Finding Text Clues
        3. Conducting Unix-based Run-time Analysis with lsof
        4. Using a Sniffer to Examine Network Traffic
        5. Identifying Unix-based System Calls
        6. Obtaining Memory
        7. Generating Assembly Instructions
          1. objdump
      3. Analyzing Run-time Binaries with Debuggers
        1. Debugging Tools for Windows
        2. OllyDbg
          1. Breakpoint Example
        3. Interactive Disassembler (IDA)
        4. GNU Debugger (GDB)
          1. Compiling the Example
    2. Chapter 14: Web Application Hacking
      1. Scanning for Web Vulnerabilities
        1. Nikto
          1. Implementation
      2. HTTP Utilities
        1. Curl
          1. Implementation
        2. OpenSSL
          1. Implementation
        3. Stunnel
          1. Implementation
      3. Application Inspection
        1. Zed Attack Proxy
          1. Installation
          2. Manual Security Testing Features
          3. Automated Security Testing Features
        2. Sqlmap
          1. Installation
          2. Implementation
    3. Chapter 15: Password Cracking and Brute-Force Tools
      1. We’re Doomed
        1. Alternate Deployment Schemes
        2. Password OpSec
      2. John the Ripper
        1. Implementation
          1. Cracking Passwords
          2. Incremental Mode Cracking
          3. Markov Mode Cracking
          4. Using Feedback for Efficient Cracking
          5. Managing Multiple Cracking Sessions
      3. L0phtcrack
        1. Hashcat
      4. Grabbing Windows Password Hashes
        1. Pwdump
          1. Pwdump6
          2. Pwdump7
      5. Active Brute-Force Tools
        1. THC-Hydra
          1. Implementation
  14. Part V: Forensics
    1. Chapter 16: Basic Forensics
      1. Data Collection
      2. Drive Imaging
        1. dd for Duplication
          1. Implementation
      3. Forensic Tools
        1. The Sleuth Kit
        2. Autopsy
          1. Implementation
        3. Security Onion
          1. Implementation
        4. Learning More
    2. Chapter 17: Privacy Tools
      1. Improving Anonymity and Privacy
      2. Private Browsing Mode
      3. Ghostery
      4. The Onion Router (Tor)
        1. Installation
        2. Implementation
      5. GnuPG
        1. Installation
        2. Implementation
        3. Verify a Package
      6. Disk Encryption
      7. Off-the-Record (OTR) Messaging and Pidgin
        1. Installation
        2. Implementation
  15. Index