Cliquer sur une vignette pour aller sur Google Books.
|
Chargement... Gray Hat C#: A Hacker's Guide to Creating and Automating Security Toolspar Brandon Perry
   Aucun Actuellement, il n'y a pas de discussions au sujet de ce livre.  jpv0 | Jul 21, 2021 |  aucune critique | ajouter une critique
Learn to use C#'s powerful set of core libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you'll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices. After a crash course in C# and some of its advanced features, you'll learn how to: Write fuzzers that use the HTTP and XML libraries to scan for SQL and XSS injections Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections Write a .NET decompiler for OS X and Linux Parse and read offline registry hives to dump system information Automate the security tools Arachni and Metasploit using their MSGPACK RPCs Streamline and simplify your workday by making the most of C#'s extensive repertoire of powerful tools and libraries with Gray Hat C# . Aucune description trouvée dans une bibliothèque |
Discussion en coursAucunCouvertures populaires  
 Google Books — Chargement...GenresClassification décimale de Melvil (CDD)005.8Information Computer Science; Knowledge and Systems Computer programming, programs, data, security Computer SecurityClassification de la Bibliothèque du CongrèsÉvaluationMoyenne: (3)
Est-ce vous ?Devenez un(e) auteur LibraryThing. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1
Structurewise, the first section of the book was odd. Basically a tutorial of C#, but only a limited subset of functionality, chosen oddly. Then a number of web related things. Sure. Weird, but fair enough. Then we have SQL injections and XSS, which are discussed in more depth other places. Yes, this book ties them to C#, but it's string processing. Nothing super specific to any particular language there.
After that, we have about half the book dedicated to several specific tools. They either had C# APIs or one would have to either call to a REST API or make native calls. All of these are interesting, but they don't actually get into details on how to use a specific tool, rather setting up using it with C# / .NET. But this all feels like it should have just been wrapped in a library, so that the user doesn't necessarily need the details. So it goes.
One we get to Chapter 13 though, that's a bit more interesting (and more relevant to C#) since it talks about decompiling. It's really only a tool reference though, although a pure code disassembler when you aren't on Windows is handy.
Then we're back to a weird feeling chapter on registry keys. Interesting, but not too deep.
I think (unfortunately), the most memorable thing about this book was the ❶ ❷ ❸ ❹ ❺ numbered circles. I guess so far as ways to refer to the code in a book (rather than a website with on hover text), it works. It's just very distracting.
Perhaps not the best book for a someone interested in security, but it did serve to remind me how much I liked .NET and C# when I last used them. I should dust off those projects at some point. So yay for that! (