Ethical Hacking “Offensive & Defensive” by Ömer Çıtak (BOOK REVIEW)


 Ethical Hacking “Offensive & Defensive”


About the Author:
He is the founder of StrixEye ( It's journey was initiated by three entrepreneurs to provide a proactive solution in web-app security domain.) He lives living in Istanbul and is involved in Computer Science since 2010. Since then, he has been working in the area of Software Development (usually web) and Cyber Security. He is a free software partisan and made a lot of  contributions to the community.


About The Book:
The book starts by explaining basic principles like the goals and orientation of hackers, basically dividing them into 2 as Black Hat and White Hat. Black hats can use the techniques and methods they learn for their own benefit as well as to harm other people. White hats learn the same techniques and methods as black hats. black hats try to protect systems so they don't harm anyone. This book covers the basics of hacking from both black hat and white hat perspectives. It explains how a technique used by a black hat hacker is used to damage the system (offensive), and then how to protect this security vulnerability by a white hat hacker (defensive). The book is also supported by educational videos. The book starts from the basic level and progresses into more complex methods of hacking and exploits and gives a wide variety of examples along the way. The topic selection of the book is also worth noting and It is one of the most educational and interesting reading materials from cyber security industry in my opinion. People from all sorts of backgrounds and programming, hacking, and OS knowledge can easily benefit as it suits all audiences. Unfortunately the only downside about it is that it is in Turkish, thus making it difficult for everyone to access. The terms and jargon used in the book is highly translatable and reader friendly though, making it less challenging for non-Turkish speakers to understand


Topics covered in the book:

  • Introduction to Ethical Hacking
  • Exploit, Zero Day, Hacktivism, BugBounty Concepts
  • What is Penetration Testing? How is it done?
  • Blackbox, Whitebox and Graybox Pentest
  • Kali Linux, BackTrack Linux, Black Arch Linux
  • Google Hacking Database
  • Active & Passive Information Collection
  • Reverse IP, DNS and Traceroute
  • cryptology
  • Symmetric (Secret Key) Encryption
  • Asymmetric (Public Key) Encryption
  • Caesar, DES, AES, Blowfish, Diffie-Hellman, RSA, MD5, SHA1
  • Brute-Force, Rainbow Tables
  • Steganography
  • Nmap & Zenmap
  • HTTP & SSH Tunneling
  • IP Spoofing
  • Enumeration
  • How to Write Keylogger, Virus and Trojan?
  • What is RAT?
  • How to use it?
  • Network Listening
  • Man in The Middle Attack
  • Wireshark
  • Social Engineering
  • What is DoS/DDoS?
  • DoS Methods
  • What is a botnet?
  • Creating and Attacking Botnets
  • DNS, HTTP and Proxy
  • Same Origin Policy
  • Reflected, Dom-based and Stored XSS
  • Session Stealing with XSS
  • Cross-site Request Forgery
  • SQL Injection
  • Reverse Engineering and Static Analysis in Mobile Applications
  • Dynamic Analysis in Mobile Applications







Yorumlar

Yorum Gönder

Bu blogdaki popüler yayınlar

Three Interesting examples of IT Solutions from Three Different Decades (Week 1)

Resim
1) Computer Space (The First Video Game) (1971) In 1971, there was a small game company named  Nutting Associates, which kindled the fire of the modern game industry (which is worth over 170$ billion) with a game named Computer Space. It was a arcade type video game which featured a controllable spaceship that could be maneuvered and two flying saucers controlled by hardware which you needed to blow up. Although the whole concept of the game was simplistic and there was nothing much to it, it was still a start of a new age for the gaming industry and a backbone for future arcade games that followed such as Pong, Pac-Man, and such. The computer back in the time were too expensive for average customer use and the game could not be sold in bulk due to this. The developers of the game (Nutting Associates) came up with an idea to design a system that would have been cheaper to afford back in the day and was still capable of running the game. The original Design did not utilize any microproc
Devamı

A Practical Example: the Story of Linux (Week 13)

Resim
  "LINUX AND HIS FRIENDS" As I am utilizing Windows as my "daily driver" I might not be as experienced in Linux as many other IT specialists, but in this week's blog we will cover two major distributions of Linux and the differences between them in my humble opinion. Desktop Environments: Both Ubuntu and Fedora utilize GNOME desktop environments by default, there is only a slight difference Fedora:  Fedora uses the stock GNOME interface Ubuntu:  Ubuntu has customized its GNOME interface to look more like the old "Unity Desktop"  Hardware Support: Linux as a whole has its fair share of driver issues and incompatibilities and both Ubuntu and Fedora suffer from that. However, Ubuntu: Provides an easier way to install necessary proprietary drivers which results in a more user friendly interface and better hardware support Fedora: Fedora on the other hand chooses to stick to open source software, thus making it challenging to update/install drivers Windows
Devamı