Showing posts with label hacks. Show all posts
Showing posts with label hacks. Show all posts

Gray Hat Hacking : The Ethical Hacker's Handbook Review

Posted by Napoleon Caskey on 2/24/2013 / Labels: , , , , , , , , , / Comments: (0)
Gray Hat Hacking : The Ethical Hacker's Handbook
Average Reviews:

(More customer reviews)Are you looking to buy Gray Hat Hacking : The Ethical Hacker's Handbook? Here is the right place to find the great deals. we can offer discounts of up to 90% on Gray Hat Hacking : The Ethical Hacker's Handbook. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Gray Hat Hacking : The Ethical Hacker's Handbook Review'Gray Hat Hacking' (GHH) is positioned as a next-generation book for so-called ethical hackers, moving beyond the tool-centric discussions of books like 'Hacking Exposed.' The authors leave their definition of 'gray hat' unresolved until ch 3, where they claim that a 'white hat' is a person who 'uncovers a vulnerability and exploits it with authorization;' a 'black hat' is one who 'uncovers a vulnerability and illegally exploits it and/or tells others how to;' and a 'gray hat' is one who 'uncovers a vulnerability, does not illegally exploit it or tell others how to do it, but works with the vendor.' I disagree and prefer SearchSecurity.com's definitions, where white hats find vulnerabilities and tell vendors without providing public exploit code; black hats find vulnerabilities, code exploits, and maliciously attack victims; and gray hats find vulnerabilities, publish exploits, but do not illegally use them. According to these more common definitions, the book should have been called 'White Hat Hacking.' I doubt it would sell as well with that title!
Content-wise, the book mixes ethical and legal advice with tool overviews and technical information. Many reviewers note the good legal overview in ch 3, where I found the tables summarizing various laws to be helpful. The authors provide a sound rationale for penetration testing: 'Nothing should be trusted until it is tested' (p. 13). I enjoyed the disclosure discussion in ch 3 as well. I liked the brief tool descriptions of Core IMPACT, Immunity Security's CANVAS, and the Metasploit Framework. Some of the other discussions (e.g., Amap, P0f, Ettercap) didn't go deeper than already published explanations of those same tools.
I found the technical material to be accurate albeit somewhat disorganized and in some cases far too shallow. For example, the authors provide 6 pages on Python (ch 6), 6 pages on C (ch 7), and a single 21 page chapter (ch 10) mentioning system calls, socket programming, and assembly language. On p 279 and several other places the authors admit their topic 'deserves a chapter to itself, if not an entire book!' They should have trusted their instincts and required readers to have prior knowledge of programming in low- and high-level languages prior to reading GHH. Instead, short sections that are too basic for the pros but too rushed for beginners detract from the book's focus.
The five authors clearly know their subjects, but they should have coordinated their chapters better. For example, ch 7 introduces using debuggers without even a description of their purpose. Six chapters later (in ch 13), we read a description of debugging only to be followed again by another discussion of debugging in ch 14. All of this should have been consolidated and rationalized.
I think McGraw-Hill/Osborne's second edition of GHH should seek to differentiate itself from more focused books like 'The Shellcoder's Handbook' (by Wiley) and 'Exploiting Software' (by Addison-Wesley). There is a market for high-end security books without sparse introductory material included for the benefit of beginners. Authors should either commit to the beginners and give enough information to enlighten them, or tell them to read foundational references first and concentrate on the more experienced audience. Authors like Allen Harper and Chris Eagle, winners of last year's 'Capture the Flag' contest at Def Con, can deliver the goods if not constrained by a publisher's desire to address as broad an audience as possible. I would not be surprised to see this book greatly expanded in a second edition, which I look forward to reading.Gray Hat Hacking : The Ethical Hacker's Handbook OverviewAnalyze your company's vulnerability to hacks with expert guidance from Gray Hat Hacking: The Ethical Hacker's Handbook. Discover advanced security tools and techniques such as fuzzing, reverse engineering, and binary scanning. Test systems using both passive and active vulnerability analysis. Learn to benefit from your role as a gray hat. Review ethical and legal issues and case studies. This unique resource provides leading-edge technical information being utilized by the top network engineers, security auditors, programmers, and vulnerability assessors. Plus, the book offers in-depth coverage of ethical disclosure and provides a practical course of action for those who find themselves in a "disclosure decision" position.

Want to learn more information about Gray Hat Hacking : The Ethical Hacker's Handbook?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Puzzles for Hackers Review

Posted by Napoleon Caskey on 11/16/2012 / Labels: , , , , , , , / Comments: (0)
Puzzles for Hackers
Average Reviews:

(More customer reviews)Are you looking to buy Puzzles for Hackers? Here is the right place to find the great deals. we can offer discounts of up to 90% on Puzzles for Hackers. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Puzzles for Hackers ReviewThe book gathers together a disparate and funky collection of programming tidbits and trivia. Only some of these are actually coding problems. For example, in one section it asks if you recognise certain trademarks or marketing diagrams that were used in the recent past.
The reverse engineering chapter might be an eye opener of what can be deduced from an executable, by using a good tool like SoftIce.
For many programmers, there should be something new in this book.Puzzles for Hackers OverviewThese puzzles and mind-benders serve as a way to train logic and help developers, hackers, and system administrators discover unconventional solutions to common IT problems. Users will learn to find bugs in source code, write exploits, and solve nonstandard coding tasks and hacker puzzles. Cryptographic puzzles, puzzles for Linux and Windows hackers, coding puzzles, and puzzles for web designers are included.

Want to learn more information about Puzzles for Hackers?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Ajax Hacks: Tips & Tools for Creating Responsive Web Sites Review

Posted by Napoleon Caskey on 7/02/2012 / Labels: , , , , , / Comments: (0)
Ajax Hacks: Tips and Tools for Creating Responsive Web Sites
Average Reviews:

(More customer reviews)Are you looking to buy Ajax Hacks: Tips & Tools for Creating Responsive Web Sites? Here is the right place to find the great deals. we can offer discounts of up to 90% on Ajax Hacks: Tips & Tools for Creating Responsive Web Sites. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Ajax Hacks: Tips & Tools for Creating Responsive Web Sites ReviewIt's too bad this book came out ahead of "Head Rush Ajax", because after reading that book, this book seems much better. It is not meant to be a tutorial on Ajax, but just a supplemental text full of possibly helpful code. There are detailed descriptions of each hack, but I think you'll be lost if you don't already know XML, Javascript, and DOM pretty well.
To me, the most useful hacks were in Chapter 4, where there are hacks that explore the Google Maps, Yahoo! Maps, and GeoURL APIs, and combine them, and also where you learn to use cookies in the Ajax environment. I also liked reading chapter 8 on script.aculo.us, and learning about how easily visual effects could be incorporated into Ajax applications. If you are not sure this book is for you, all of the code examples are available in a zipfile at the book's webpage on the publisher's site. I recommend you read "Head Rush Ajax" first, then come back to this book for some interesting extras. I notice that Amazon does not list the table of contents, so I do that here:
Chapter 1. Ajax Basics
Hack 1. Detect Browser Compatibility with the Request Object
Hack 2. Use the Request Object to POST Data to the Server
Hack 3. Use Your Own Library for XMLHttpRequest
Hack 4. Receive Data as XML
Hack 5. Get Plain Old Strings
Hack 6. Receive Data as a Number
Hack 7. Receive Data in JSON Format
Hack 8. Handle Request Object Errors
Hack 9. Dig into the HTTP Response
Hack 10. Generate a Styled Message with a CSS File
Hack 11. Generate a Styled User Message on the Fly
Chapter 2. Web Forms
Hack 12. Submit Text Field or textarea Values to the Server Without a Browser Refresh
Hack 13. Display Text Field or textarea Values Using Server Data
Hack 14. Submit Selection-List Values to the Server Without a Round Trip
Hack 15. Dynamically Generate a New Selection List Using Server Data
Hack 16. Extend an Existing Selection List
Hack 17. Submit Checkbox Values to the Server Without a Round Trip
Hack 18. Dynamically Generate a New Checkbox Group with Server Data
Hack 19. Populate an Existing Checkbox Group from the Server
Hack 20. Change Unordered Lists Using an HTTP Response
Hack 21. Submit Hidden Tag Values to a Server Component
Chapter 3. Validation
Hack 22. Validate a Text Field or textarea for Blank Fields
Hack 23. Validate Email Syntax
Hack 24. Validate Unique Usernames
Hack 25. Validate Credit Card Numbers
Hack 26. Validate Credit Card Security Codes
Hack 27. Validate a Postal Code
Chapter 4. Power Hacks for Web Developers
Hack 28. Get Access to the Google Maps API
Hack 29. Use the Google Maps API Request Object
Hack 30. Use Ajax with a Google Maps and Yahoo! Maps Mash-up
Hack 31. Display a Weather.com XML Data Feed
Hack 32. Use Ajax with a Yahoo! Maps and GeoURL Mash-up
Hack 33. Debug Ajax-Generated Tags in Firefox
Hack 34. Fetch a Postal Code
Hack 35. Create Large, Maintainable Bookmarklets
Hack 36. Use Permanent Client-Side Storage for Ajax Applications
Hack 37. Control Browser History with iframes
Hack 38. Send Cookie Values to a Server Program
Hack 39. Use XMLHttpRequest to Scrape an Energy Price from a Web Page
Hack 40. Send an Email with XMLHttpRequest
Hack 41. Find the Browser's Locale Information
Hack 42. Create an RSS Feed Reader
Chapter 5. Direct Web Remoting (DWR)for Java Jocks
Hack 43. Integrate DWR into Your Java Web Application
Hack 44. Use DWR to Populate a Selection List from a Java Array
Hack 45. Use DWR to Create a Selection List from a Java Map
Hack 46. Display the Keys/Values from a Java HashMap on a Web Page
Hack 47. Use DWR to Populate an Ordered List from a Java Array
Hack 48. Access a Custom Java Object with JavaScript
Hack 49. Call a Built-in Java Object from JavaScript Using DWR
Chapter 6. Hack Ajax with the Prototype and Rico Libraries
Hack 50. Use Prototype's Ajax Tools with Your Application
Hack 51. Update an HTML Element's Content from the Server
Hack 52. Create Observers for Web Page Fields
Hack 53. Use Rico to Update Several Elements with One Ajax Response
Hack 54. Create a Drag-and-Drop Bookstore
Chapter 7. Work with Ajax and Ruby on Rails
Hack 55. Install Ruby on Rails
Hack 56. Monitor Remote Calls with Rails
Hack 57. Make Your JavaScript Available to Rails Applications
Hack 58. Dynamically Generate a Selection List in a Rails Template
Hack 59. Find Out Whether Ajax Is Calling in the Request
Hack 60. Dynamically Generate a Selection List Using Database Data
Hack 61. Periodically Make a Remote Call
Hack 62. Dynamically View Request Information for XMLHttpRequest
Chapter 8. Savor the script.aculo.us JavaScript Library
Hack 63. Integrate script.aculo.us Visual Effects with an Ajax Application
Hack 64. Create a Login Box That Shrugs Off Invalid Logins
Hack 65. Create an Auto-Complete Field with script.aculo.us
Hack 66. Create an In-Place Editor Field
Hack 67. Create a Web Form That Disappears When Submitted
Chapter 9. Options and Efficiencies
Hack 68. Fix the Browser Back Button in Ajax Applications
Hack 69. Handle Bookmarks and Back Buttons with RSH
Hack 70. Set a Time Limit for the HTTP Request
Hack 71. Improve Maintainability, Performance, and Reliability for Large JavaScript Applications
Hack 72. Obfuscate JavaScript and Ajax Code
Hack 73. Use a Dynamic script Tag to Make Web Services Requests
Hack 74. Configure Apache to Deal with Cross-Domain Issues
Hack 75. Run a Search Engine Inside Your Browser
Hack 76. Use Declarative Markup Instead of Script via XForms
Hack 77. Build a Client-Side Cache
Hack 78. Create an Auto-Complete Field
Hack 79. Dynamically Display More Information About a Topic
Hack 80. Use Strings and Arrays to Dynamically Generate HTML
IndexAjax Hacks: Tips & Tools for Creating Responsive Web Sites Overview
Ajax, the popular term for Asynchronous JavaScript and XML, is one of the most important combinations of technologies for web developers to know these days. With its rich grouping of technologies, Ajax developers can create interactive web applications with XML-based web services, using JavaScript in the browser to process the web server response.

Taking complete advantage of Ajax, however, requires something more than your typical "how-to" book. What it calls for is Ajax Hacks from O'Reilly. This valuable guide provides direct, hands-on solutions that take the mystery out of Ajax's many capabilities. Each hack represents a clever way to accomplish a specific task, saving you countless hours of searching for the right answer.

A smart collection of 80 insider tips and tricks, Ajax Hacks covers all of the technology's finer points. Want to build next-generation web applications today? This book can show you how. Among the multitude of topics addressed, it shows you techniques for:

Using Ajax with Google Maps and Yahoo Maps
Displaying Weather.com data
Scraping stock quotes
Fetching postal codes
Building web forms with auto-complete functionality

Ajax Hacks also features a number of advanced hacks for accelerated web developers. Discover how to create huge, maintainable bookmarklets, how to use client-side storage for Ajax applications, and how to call a built-in Java object from JavaScript using Ajax. The book even addresses best practices for testing Ajax applications and improving maintenance, performance, and reliability for JavaScript code.

The latest in O"Reilly's celebrated Hacks series, Ajax Hacks smartly complements other O'Reilly titles such as Head Rush Ajax and JavaScript: The Definitive Guide.


Want to learn more information about Ajax Hacks: Tips & Tools for Creating Responsive Web Sites?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...