"Dissecting the Hack: The F0rb1dd3n Network" by Jayson E. Street, Kent Nabors

Hackers, IT professionals, and Infosec aficionados will find a gripping story that takes the reader on a global trip through the world of computer security exploits. One half massive case study, one half technical manual, Dissecting the Hack has it all - learn all about hacking tools and techniques and how to defend your network against threats.

Yes, the security threats are real - read more about the tactics that you see executed throughout the story in the second half of the book where you will learn to recon, scan, explore, exploit and expunge with the tools and techniques shown in the story.
Every hack is real and can be used by you once you have the knowledge within this book! Utilizes actual hacking and security tools in its story- helps to familiarize a newbie with the many devices and their codeIntroduces basic hacking techniques in real life context for ease of learningPresented in the words of the hacker/security pro, effortlessly envelops the beginner in the language of the hack

Contents
Foreword
Acknowledgements
H0w t0 R34d Dissecting The Hack: The F0rb1dd3n
Author Biographies
PART 1 F0RB1DD3N
PR010GU3
A New Assignment
CHAPTER 0N3
Problem Solved
Getting Started
The Acquisition
CHAPTER TW0
Just Another Day
The Installation
CHAPTER THR33
In Country
CHAPTER F0UR
In Real Life
CHAPTER F1V3
Status Check
Log Review
CHAPTER S1X
The Meeting
First Lead
The Discovery
CHAPTER S3V3N
Code Review
CHAPTER E1GHT
Battle Plans
Data Collection
CHAPTER N1N3
Data Analysis
Shrinking Team
Tenuous Connections
Loose Ends
Expendable Assets
CHAPTER T3N
Choosing Sides
3P1L0GU3
End Process
PART 2 SECURITY THREATS ARE REAL (STAR)
STAR INTRODUCTION
Recon
Scanning
Exploring
Exploiting
Expunging
Bleeding Edge
Hacking Culture
CHAPTER 1 Recon
Fictional Story Dissected: U.S. Securities and Exchange Commission
Fictional Story Dissected: Harvesting Addresses
Public Record on Tap: Real-Time E-mail Harvesting
Maltego
Google
Netcraft
Sam Spade
Public Record on Tap: Sam Spade
DNSpredict
Books
CHAPTER 2 Scanning
Fictional Story Dissected: Kismet
Fictional Story Dissected: SuperScan 4
Fictional Story Dissected: Nmap
Public Record on Tap: The Matrix and Nmap
Paratrace
Scanrand
Amap
Public Record on Tap: My Top 5 Fav Tools
Books
CHAPTER 3 Explore
Plug-In
Public Record on Tap: Hacking Web 2.0 Applications with Firefox
Public Record on Tap: Firefox Plug-ins for Security Professionals, by Chris Schmidt
Vulnerability Scanners
Internet Security Systems Scanner
Nessus
Public Record on Tap: Nessus Goes Closed License Tenable NeWt Pro 2.0
Rapid7
Microsoft Baseline Security Analyzer
Retina eEye Network Security Scanner
Public Record on Tap: Open Source Vulnerability Database
Books
CHAPTER 4 Exploit
Public Record on Tap: Exploit Used to Breach University
Fictional Story Dissected: Buffer Overfl ows
Fictional Story Dissected: Wiping the Administrative Password
Fictional Story Dissected: Subseven
Don’t Hack Me Please: Stopping Sub7
Fictional Story Dissected: Milw0rm.com
Fictional Story Dissected: Metasploit
Canvas
Core Impact
Books
CHAPTER 5 Expunge
Public Record on Tap: Registry Keys
Fictional Story Dissected: Clear Event Logs
Don’t Hack Me Please: Securing Your Logs
Event Viewer
How to: Event Log Types
How to: Stop Windows From Showing the Last Username Logged in
How to: Manipulate Last User Logged on Using Lognamer Tool
How to: Cleaning Out the Internet Explorer Cache, Cookies, and History Using IEClean Tool
Don’t Hack Me Please: Last True Login Tool
Don’t Hack Me Please: Recording Users Last Logoff Time
Public Record on Tap: Windows Security Log
Books
CHAPTER 6 Information Technology (IT) Policy
Don’t Hack Me Please: Some Common It Policies
Fictional Story Dissected: Password Management
Fictional Story Dissected: Basic Input /Output System (BIOS) Password
Fictional Story Dissected: Security Awareness
Fictional Story Dissected: Local pst Files
Public Record on Tap: Microsoft said pst Files are Vulnerable with Passwords Applied
Fictional Story Dissected: Contractor/Visitor Badge Policy
Public Record on Tap: Intermountain Health Care (IHC) Issuing Visitor Tags
Fictional Story Dissected: GPO Screen Savers
Example “IT” Policies
Appendix 1
Service Specifi c Policies
Education
Computing Technology Industry Association (CompTIA)
EC-Council
(ISC)2
SANS
Books
CHAPTER 7 IT Infrastructure
Fictional Story Dissected: VPN RSA Token One-Time Password
Fictional Story Dissected: Honey Pot
Public Record on Tap: The Honeynet Project
Fictional Story Dissected: No Wi-Fi Should Still Check for Wi-Fi
Fictional Story Dissected: Null Shares
Public Record on Tap: Null Session Exploit
Public Record on Tap: Null Session Vulnerability
Fictional Story Dissected: Corporate Firewalls
Fictional Story Dissected: PGP Whole Disk
Public Record on Tap: PGP Whole Disk
Fictional Story Dissected: Snort
Intrusion Prevention and Detection
Public Record on Tap: TippingPoint
Public Record on Tap: Web Applications Firewalls
Public Record on Tap: Enterprise Antivirus
Books
CHAPTER 8 Software, Hardware, and Wetware
Fictional Story Dissected: USB Knife, Swiss Army Knife with USB Storage
Fictional Story Dissected: USB Storage Built into a Pen
Fictional Story Dissected: VMware
Fictional Story on Tap: BackTrack 4
Public Record on Tap: BackTrack 4 Forensics Mode
Helix CD
Public Record on Tap: Helix
Belgian Fccu Gnu/Linux Boot CD
Fictional Story Dissected: Pringles can for Hacking Wireless
Fictional Story Dissected: Wireshark
Fictional Story Dissected: Pretty Good Privacy Whole Disk
Fictional Story Dissected: Personal Firewall
Fictional Story Dissected: Perl Script
Public Record on Tap: Writing a Perl Script by Doug Sheppard
Fictional Story Dissected: Twitter
Public Record on Tap: Twitter and the Swine Flu
Public Record on Tap: Twitter and Iran?
Public Record on Tap: Privacy and Security Issues in Social Networking
Public Record on Tap: Online Social Networking
Fictional Story Dissected: Bluesnarf
Public Record on Tap: The Role of Bluesnarfi ng
Public Record on Tap: Bluetooth Hacking Tools
Books
CHAPTER 9 Bleeding Edge Technology
Fictional Story Dissected: Infrared Hotel Attack
Fictional Story Dissected: MD5 Hash
Don’t Hack Me Please: Breaking SSL Using 200 PS3s2
Fictional Story Dissected: Echelon
Fictional Story Dissected: TOR Network
Fictional Story Dissected: Yagi Rifle
Public Record on Tap: Sniper Yagi Rifle
Public Record on Tap: Bluetooth Yagi Rifle
Fictional Story Dissected: gh0stRAT
Public Record on Tap: GhostNet
Breaking Disk Encryption
Don’t Hack Me Please: Cold Boot Attack
Public Record on Tap: Cold-Boot Attack
Virtualization Exploits
Public Record on Tap: Virtual Machine Exploit
Public Record on Tap: Cloudburst
Don’t Hack Me Please: Weaponizing the Web at DEFCON 17
Don’t Hack Me Please: Taking Over Voice Over IP (VOIP)
Conversations at DEFCON 17
Don’t Hack Me Please: The Blue Pill
Don’t Hack Me Please: Ph-neutral Talks
Public Record on Tap: Changing How Humans Use Passwords
Books
CHAPTER 10 Hacker Culture
For Public Release: Levy’s Hackers’ Ethic
Fictional Story Dissected: Spot the Fed
Fictional Story Dissected: London NASA Hacker
Fictional Story Dissected: 2600
Fictional Story Dissected: Capture the Flag
Fictional Story Dissected: Gary McKinnon
Public Record on Tap: Gary McKinnon
Public Record on Tap: The Hacker’s Handbook
Public Record on Tap: Donna Hare
Fictional Story Dissected: PSP Hack
Fictional Story Dissected: iDefense and ZDI
Target Acquired… An Infosec/Hacking Pioneer: Adam Laurie (a.k.a. Major Malfunction)
Target Acquired… An Infosec/Hacking Pioneer: Dan Kaminsky
Target Acquired… An Infosec/Hacking Pioneer: Felix “FX” Lindner
Target Acquired… An Infosec/Hacking Pioneer: Goodwell and China Eagle
Target Acquired… An Infosec/Hacking Pioneer: HD Moore
Target Acquired… An Infosec/Hacking Pioneer: Jake Kouns
Target Acquired… An Infosec/Hacking Pioneer: Jeff Moss
Target Acquired… An Infosec/Hacking Pioneer: Joanna Rutkowska
Target Acquired… An Infosec/Hacking Pioneer: Johnny Long
Target Acquired… An Infosec/Hacking Pioneer: Kevin Mitnick
Target Acquired… An Infosec/Hacking Pioneer: Stephan Northcutt
Target Acquired… An Infosec/Hacking Pioneer: Tony Watson
Fictional Story Dissected: Kaminsky and Watson
Public Record on Tap: Wikiality
Public Record on Tap: Megyeri Bridge Naming Poll
Public Record on Tap: NASA and Colbert
Public Record on Tap: Gobbles
Public Record on Tap: n3td3v
Conferences
ARES: The International Dependability Conference
Best of Open Source Security (BOSS) Conference
Black Hat
BlueHat
BruCON
New Camelot Council
CanSecWest
Chaos Communication Congress (CCC)
Computer and Communications Security (CCS)
Computer and Enterprise Investigations Conference
Computer Forensics Show
Computer Security Institute Annual Conference (CSI)
Computer Security Institute Security Exchange (CSI-SX)
CONFidence
DeepSec In-Depth Security Conference
DEFCON
DojoSec Monthly Briefi ngs
Ekoparty Security Conference
EUsecWest London
FRHACK International IT Security Conference
Hack.in
Hack in the box—HITBSecConf
Hacker Halted
IPTComm: Principles, Systems and Applications of IP Telecommunications
Infosecurity Europe
International Conference on Security and Cryptography (SECRYPT)
International Workshop on Fast Software Encryption (FSE)
Internet Security Operations and Intelligence (ISOI)
Kiwicon
LayerOne
PacSec
RSA
Rocky Mountain Information Security Conference (RMISC)
SEaCURE.IT
SecTor: Security Education Conference Toronto
SecureWorld Expo
Shakacon
ShmooCon
SOURCE Conference
SyScan
Techno Forensics Conference
Techno Security Conference
ToorCamp
ToorCon
uCon
USENIX Security Symposium
Workshop on Collaboration and Security (COLSEC)
Blogs
Podcasts
Books
CHAPTER 11 Easter Eggs
Fictional Story Dissected: 3DNF
Fictional Story Dissected: The Account Number
Fictional Story Dissected: Odysseus
Fictional Story Dissected: Thompson
Fictional Story Dissected: Resol
Fictional Story Dissected: Falken
Public Record on Tap: What is WarGames?
Fictional Story Dissected: Groom Lake
Public Record on Tap: What is Aurora?
Fictional Story Dissected: CyberBob
Fictional Story Dissected: Sydney Bristow
Fictional Story Dissected: Kimeron
Public Record on Tap: Chimera Film and Mythology
Mythology of Chimera
Books
CHAPTER 12 Miscellaneous
Fictional Story Dissected: Perverted Justice
Fictional Story Dissected: Plausible deniability
(Legal Defense)
Fictional Story Dissected: IRC Carders
Public Record on Tap: Credit Card Scam
Public Record on Tap: Carders
Fictional Story Dissected: MPORPG for
Communications Channel
Public Record on Tap: WoW has Terrorists!
Fictional Story Dissected: InfraGard
Fictional Story Dissected: Police Car APs
Public Record on Tap: CHP and Wi-Fi
Fictional Story Dissected: Lock Bumping
Public Record on Tap: Locked, But Not Secure
Fictional Story Dissected: 36 Stratagems
Public Record on Tap: The 36 Stratagems
Public Record on Tap: Sun Tzu
Books
Index