Hacking Books

The Best of 2600: A Hacker Odyssey

Emmanuel Goldstein

Amazon Price: $26.39 List Price: $39.99 Usually ships in 24 hours By: Wiley Amazon Marketplace: 22 new & used starting at $22.28

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> History
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 2 Average rating: 5.0 of 5

Fifteen Years of Extreme Hacking on the Edge, Under-Priced! 5 out of 5 stars.
9 of 11 people found this review helpful.

I am attending Hackers on Planet Earth (HOPE) in NYC this week-end, and have just spent time with this volume. Unlike the individual issues, all of which I have had in my possession over the years, this volume is HUGE, readable, indexed, and priceless. I mean that--PRICELESS.

The publisher is to be saluted for not only putting a great deal of effort along with the editor, the founder of 2600 Magazine and also of the HOPE conference, for making this volume a true reference work. I was immediately impressed by the selection of "best of the best," the organization of the material, the index, and the fact that the publisher moved away from the micro-print that was used to keep costs down on the volume of knowledge being transmitted in the individual journal issues, and instead went for a high-end glossy, "just right" white space presentation that should be in every Information Technology library across the country, and is also a collectible for anyone who pretends to know anything at all about information INsecurity.

If you got this far, this lovely volume, easily worth $60, is a real value at the much lower price being offered, and I hope enough people buy it to occasion a reprint or a second volume.

It merits comment that this is not just a volume of hand-picked items from a single journal. The editor and his closest colleagues created a community of over 30,000 hackers (whom I have always said are like astronauts on the edge with the "right stuff") and this volume LITERALLY represents the 30,000 who were decades ahead of the US Government, which is still--as are corporations and public utilities--largely stupid about information system security, to include our Supervisory Control and Direction (SCADA) systems, all of them on the Internet.

For a really good time on what the Chinese know and can do that we cannot, see my Memorandum, easily found online, . They brought Dick Cheney's plane down over Singapore in Feburary 2007, and when he got off to stretch his legs, told him exactly what they could do, and what the US would not be allowed to do. Thus did the power of the information age move East.

Other great Hacker books (the last one is the ultimate public hack, taking back the power):
Hackers: Heroes of the Computer Revolution
The Second Self: Computers and the Human Spirit, Twentieth Anniversary Edition
The Hacker Crackdown: Law And Disorder On The Electronic Frontier
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
Cybershock: Surviving Hackers, Phreakers, Identity Thieves, Internet Terrorists and Weapons of Mass Disruption
Collective Intelligence: Creating a Prosperous World at Peace

Three DVDs, the first based on the real-life of the editor of this book:
Hackers
The Net
Live Free or Die Hard (Unrated Edition)

There are two sets of hackers: these, and the ones who came out of the Homebrew Garage Club (Lee Felsenstein, Eric Hughes, etc) and tended to created businesses rather than live free. Bill Gates is certainly in that number, as are Stewart Brand and others. The most famous Free/Open Hacker in the first group is Richard Stahlman, whose book on the origins of Free/Open Source Software (F/OSS) is most recently complemented by Yochai Benkler's book on Wealth of Networks. With a tip of the hat to Nat at O'Reilly, open source software is Darwinism, while malware and proprietary software are Intelligent Design that is not so intelligence. VISTA by Microsoft is the biggest scam in history, for the first time forcing documents to be uniquely tied to the Microsoft operating system and not processable anywhere else. It is time for Microsoft to die, or come to its senses and put its money into F/OSS while monetizing the transactions. Bill Gates has called F/OSS communist. In my view, that makes Bill Gates a fascist. My money is on F/OSS.

Editorial Review:

Since 1984, the quarterly magazine 2600 has provided fascinating articles for readers who are curious about technology. Find the best of the magazine’s writing in Best of 2600: A Hacker Odyssey, a collection of the strongest, most interesting, and often most controversial articles covering 24 years of changes in technology, all from a hacker’s perspective. Included are stories about the creation of the infamous tone dialer “red box” that allowed hackers to make free phone calls from payphones, the founding of the Electronic Frontier Foundation, and the insecurity of modern locks.

Hacking: The Art of Exploitation, 2nd Edition

Jon Erickson

Amazon Price: $32.97 List Price: $49.95 Usually ships in 24 hours By: No Starch Press Amazon Marketplace: 33 new & used starting at $29.14

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Web Development -> Security & Encryption -> Encryption
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 51 Average rating: 4.5 of 5

Editorial Review:

Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.

The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

• Program computers using C, assembly language, and shell scripts



• Corrupt system memory to run arbitrary code using buffer overflows and format strings



• Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening



• Outsmart common security measures like nonexecutable stacks and intrusion detection systems



• Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence



• Redirect network traffic, conceal open ports, and hijack TCP connections



• Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

Dafydd Stuttard, Marcus Pinto

Amazon Price: $30.00 List Price: $50.00 Usually ships in 24 hours By: Wiley Amazon Marketplace: 37 new & used starting at $26.88

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 10 Average rating: 5.0 of 5

Editorial Review:

This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.

The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.

Guide to Computer Forensics and Investigations, Third Edition

Bill Nelson, Amelia Phillips, Frank Enfinger, Christopher Steuart

Amazon Price: $51.67 List Price: $93.95 Usually ships in 24 hours By: Course Technology Amazon Marketplace: 83 new & used starting at $50.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Web Development -> Security & Encryption -> Encryption
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Hacking

Customer Reviews:
Total reviews: 8 Average rating: 2.0 of 5

Do not buy this book used! You won't be able to use the CD 1 out of 5 stars.
16 of 18 people found this review helpful.

This book represents the core of what is wrong with corporate America today. This book is packaged with a CD that has software on it used throughout the book. What they don't tell you anywhere is that you must register the software using a unique and one time only coupon in the cd pouch. Furthermore the software then expires in 120 days. To not mention this limitation that basically makes the book useless for resale is very deceitful on the part of the publisher and the company that supplied the software. Never have I seen such B.S. before as this when it comes for games that publishers play!!! THIS INFORMATION SHOULD HAVE BEEN IN BIG BOLD LETTERS -- YOU CANNOT RESELL THIS BOOK DUE TO THE ONE-TIME USE OF THE ENCLOSED CD SOFTWARE --

Editorial Review:

Master the skills necessary to launch and complete a successful computer investigation with the updated edition of this highly successful book, Guide to Computer Forensics and Investigations. This text will teach readers how to conduct a high-tech investigation, from acquiring digital evidence to reporting its findings. Coverage includes how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. The comprehensive coverage and detailed know-how led to the book being listed as recommended reading by the FBI Forensics Communications the United States Certified reading room. The book features free downloads of the latest forensic software, so students become familiar with the tools of the trade.

The Art of Deception: Controlling the Human Element of Security

Kevin D. Mitnick, William L. Simon

Amazon Price: $11.53 List Price: $16.95 Usually ships in 24 hours By: Wiley Amazon Marketplace: 84 new & used starting at $6.23

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> MIS
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Computers & Internet -> Business & Culture -> Culture

Customer Reviews:
Total reviews: 120 Average rating: 4.0 of 5

Editorial Review:

The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk

CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50

Kimberly Graves

Amazon Price: $19.79 List Price: $29.99 Usually ships in 24 hours By: Sybex Amazon Marketplace: 42 new & used starting at $15.37

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Certification Central -> Publisher -> Sybex
Subjects -> Computers & Internet -> Certification Central -> General
Subjects -> Computers & Internet -> Business & Culture -> Hacking

Customer Reviews:
Total reviews: 14 Average rating: 4.0 of 5

Good Summary: However Brief; Some Questions with Errors 4 out of 5 stars.
0 of 0 people found this review helpful.

I have won Defcon CTF competition now two years in a row and have decided to try to get the CEH certification. I purchased this book primarily for additional questions. This material does not have much depth, however, maybe that is all that is required to pass the CEH exam. I would recommend a preliminary hacking course offered at SANS or BlackHat before trying to read this book. The experience will help you to get more out of the book, and most certainly will assist with your skills development.

Editorial Review:

Prepare for the CEH certification exam with this official review guide and learn how to identify security risks to networks and computers. This easy-to-use guide is organized by exam objectives for quick review so you’ll be able to get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. As the only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional study tools.

Hacking Exposed 5th Edition (Hacking Exposed)

Stuart McClure, Joel Scambray, George Kurtz

List Price: $49.99 By: McGraw-Hill Osborne Media Amazon Marketplace: 12 new & used starting at $19.52

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Web Development -> Security & Encryption -> Encryption
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Hacking

Customer Reviews:
Total reviews: 87 Average rating: 4.0 of 5

Editorial Review:

A lot of computer-security textbooks approach the subject from a defensive point of view. "Do this, and probably you'll survive a particular kind of attack," they say. In refreshing contrast, Hacking Exposed, Second Edition talks about security from an offensive angle. A Jane's-like catalog of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail. The book also walks through how to use the more powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of "honeypot" exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS) attacks, and attacks that involve routing protocols.

The result of all of this familiarity with bad-guy tools is a leg up on defending against them. Hacking Exposed wastes no time in explaining how to implement the countermeasures--where they exist--that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren't impressed, and don't hesitate to point out inherent, uncorrectable security weaknesses where they find them. This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies. --David Wall

Topics covered:

• Security vulnerabilities of operating systems, applications, and network devices
• Administrative procedures that will help defeat them
• Techniques for hacking Windows 95, Windows 98, Windows Me, Windows NT 4.0, Windows 2000, Novell NetWare, and Unix
• Strategies for breaking into (or bringing down) telephony devices, routers, and firewalls

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers

Kevin D. Mitnick, William L. Simon

Amazon Price: $11.53 List Price: $16.95 Usually ships in 24 hours By: Wiley Amazon Marketplace: 47 new & used starting at $8.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Networking
Subjects -> Computers & Internet -> General

Customer Reviews:
Total reviews: 36 Average rating: 4.0 of 5

Editorial Review:

Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including:

• A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
• Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
• Two convicts who joined forces to become hackers inside a Texas prison
• A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access

With riveting "you are there" descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

Cliff Stoll

Amazon Price: $10.20 List Price: $15.00 Usually ships in 24 hours By: Pocket Amazon Marketplace: 60 new & used starting at $3.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Biographies
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Government

Customer Reviews:
Total reviews: 155 Average rating: 4.5 of 5

I love this book. 5 out of 5 stars.
2 of 2 people found this review helpful.

As you can see from the reviews here, many people also love this book.

I love the trip down memory lane that this book provides. Sure is fun to go back to a more innocent time and remember what it was like before the internet became huge. If you remember archie, gopher, kermit, then this is a book for you.

Even if you're too young to remember this time, it would be quite fun to watch WAR GAMES and then read this book. I love the writing style--this is a real page-turner.

Editorial Review:

A sentimental favorite, The Cuckoo's Egg seems to have inspired a whole category of books exploring the quest to capture computer criminals. Still, even several years after its initial publication and after much imitation, the book remains a good read with an engaging story line and a critical outlook, as Clifford Stoll becomes, almost unwillingly, a one-man security force trying to track down faceless criminals who've invaded the university computer lab he stewards. What first appears as a 75-cent accounting error in a computer log is eventually revealed to be a ring of industrial espionage, primarily thanks to Stoll's persistence and intellectual tenacity.