Enter your mobile number below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
Getting the download link through email is temporarily not available. Please check back later.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Gray Hat Hacking, Second Edition: The Ethical Hacker's Handbook 2nd Edition

4.2 out of 5 stars 5 customer reviews
ISBN-13: 978-0071495684
ISBN-10: 0071495681
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Buy used
$9.79
Condition: Used: Like New
Comment: NEAR PRISTINE. FULFILLMENT BY AMAZON.
Access codes and supplements are not guaranteed with used items.
27 Used from $0.39
FREE Shipping on orders over $25.
More Buying Choices
9 New from $10.00 27 Used from $0.39

There is a newer edition of this item:

Free Two-Day Shipping for College Students with Prime Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


Windows10ForDummiesVideo
Windows 10 For Dummies Video Training
Get up to speed with Windows 10 with this video training course from For Dummies. Learn more.
click to open popover

Editorial Reviews

From the Back Cover

Uncover, plug, and ethically disclose security flaws

Prevent catastrophic network attacks by exposing security flaws, fixing them, and ethically reporting them to the software author. Fully expanded to cover the hacker's latest devious methods, Gray Hat Hacking: The Ethical Hacker's Handbook, Second Edition lays out each exploit alongside line-by-line code samples, detailed countermeasures, and moral disclosure procedures. Find out how to execute effective penetration tests, use fuzzers and sniffers, perform reverse engineering, and find security holes in Windows and Linux applications. You'll also learn how to trap and autopsy stealth worms, viruses, rootkits, adware, and malware.

  • Implement vulnerability testing, discovery, and reporting procedures that comply with applicable laws
  • Learn the basics of programming, stack operations, buffer overflow and heap vulnerabilities, and exploit development
  • Test and exploit systems using Metasploit and other tools
  • Break in to Windows and Linux systems with perl scripts, Python scripts, and customized C programs
  • Analyze source code using ITS4, RATS, FlawFinder, PREfast, Splint, and decompilers
  • Understand the role of IDA Pro scripts, FLAIR tools, and third-party plug-ins in discovering software vulnerabilities
  • Reverse-engineer software using decompiling, profiling, memory monitoring, and data flow analysis tools
  • Reveal client-side web browser vulnerabilities with MangleMe, AxEnum, and AxMan
  • Probe Windows Access Controls to discover insecure access tokens, security descriptors, DACLs, and ACEs
  • Find and examine malware and rootkits using honeypots, honeynets, and Norman SandBox technology

 

About the Author

Shon Harris, MCSE, CISSP, is the president of Logical Security, an educator, and a security consultant.

Allen Harper, CISSP, is the president and owner of n2netsecurity, Inc., in North Carolina.

Chris Eagle is the associate chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California.

Jonathan Ness, CHFI, is a lead software security engineer at Microsoft.

NO_CONTENT_IN_FEATURE

New York Times best sellers
Browse the New York Times best sellers in popular categories like Fiction, Nonfiction, Picture Books and more. See more

Product Details

  • Paperback: 550 pages
  • Publisher: McGraw-Hill Osborne Media; 2 edition (December 20, 2007)
  • Language: English
  • ISBN-10: 0071495681
  • ISBN-13: 978-0071495684
  • Product Dimensions: 7.4 x 1 x 9.2 inches
  • Shipping Weight: 2.1 pounds
  • Average Customer Review: 4.2 out of 5 stars  See all reviews (5 customer reviews)
  • Amazon Best Sellers Rank: #1,652,903 in Books (See Top 100 in Books)

Customer Reviews

Top Customer Reviews

By Henrik Lund Kramshøj on June 8, 2008
Format: Paperback
Contents
Second edition of books I like are always welcome - and this book is no exception. So I was very happy when I was provided a review copy from the publisher.

I really liked the first edition of this book and consider this follow up an essential book for IT-security consultants and other professionals.

The book is comprised of five parts which each give an overview of important subjects for professional IT-security consultants. Within these five parts are 21 chapters which are mostly around 20 pages, making it possible for busy professionals to digest a chapter while performing the usual projects and everyday work.

The five parts are:
I) introduction to ethical disclosure, including legal system in the US
II) penetration testing tools: metasploit and backtrack
III) exploits 101 with everything from basic programming skills to writing shellcode, but only on Linux and Microsoft Windows.
IV) Vulnerability analysis which is a strong part about static analysis, reverse engineering, fuzzing, writing real life exploits and references to the essential tools used for these purposes
V) Malware analysis is saved for last and includes the finishing touch to why IT-security professionals should care about all the rest of the book

The great thing about this book are that non-programmers are presented with enough materials to get started in finding and developing exploits. This was also the reason why it took so long to do this review. Each time I read a chapter I was itching to get started running the examples and trying the techniques.

Since this book tries to cover a lot of materials they have decided to include references.
Read more ›
Comment 23 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
By Andrew on January 21, 2010
Format: Paperback Verified Purchase
In a few words, I loved this book. This book is written in a straightforward manner, right to the point, hands-on exercises and all. The weak points one might find is that it assumes a fair amount of knowledge in the areas of programming (C and python) as well as some networking. I don't think these are real flaws, since this book is directed as hacking (and cracking) in their purest form.
The flaw I would note is that despite having those unsaid requirements, the book tries to appeal to beginners by skipping ahead on the lines of: in the case you're not familiar with C, just copy this example and don't worry about it. For a programmer, this is a waste of time and something which raises suspicion about how serious the authors were. For a beginner, this doesn't help at all. I would rather have a line there saying: read a book on C and come back when you're ready.
But if you're willing to go ahead despite this, you're in for quite a treat.
2 Comments 5 people found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Good content. May be a bit outdated now. But it's not as thorough as I'd like. More about tools than concepts.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
By IT VP on November 3, 2009
Format: Paperback Verified Purchase
This book is very informative and well worth the reading. Had each of my staff read it and they all got something different out of it.
Comment One person found this helpful. Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse
Format: Paperback Verified Purchase
Close comment
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again
Report abuse

Pages with Related Products. See and discover other items: computer security, computer network