Network Security Tools - Writing, Hacking, and Modifying Security Tools

Read more

If you're an advanced security professional, then you know that the battle to protect online privacy continues to rage on. Security chat rooms, especially, are resounding with calls for vendors to take more responsibility to release products that are more secure. In fact, with all the information and code that is passed on a daily basis, it's a fight that may never end. Fortunately, there are a number of open source security tools that give you a leg up in the battle.Often a security tool does exactly what you want, right out of the box. More frequently, you need to customize the tool to fit the needs of your network structure. Network Security Tools shows experienced administrators how to modify, customize, and extend popular open source security tools such as Nikto, Ettercap, and Nessus.This concise, high-end guide discusses the common customizations and extensions for these tools, then shows you how to write even more specialized attack and penetration reviews that are suited to your unique network environment. It also explains how tools like port scanners, packet injectors, network sniffers, and web assessment tools function.Some of the topics covered include: Writing your own network sniffers and packet injection tools Writing plugins for Nessus, Ettercap, and Nikto Developing exploits for Metasploit Code analysis for web applications Writing kernel modules for security applications, and understanding rootkitsWhile many books on security are either tediously academic or overly sensational, Network Security Tools takes an even-handed and accessible approach that will let you quickly review the problem and implement new, practical solutions--without reinventing the wheel. In an age when security is critical, Network Security Tools is the resource you want at your side when locking down your network.

List of contents

• 
  
  Preface
  
  


• 
  
  Modifying and Hacking Security Tools
  
  
  
  
  • 
    
    Chapter 1: Writing Plug-ins for Nessus
    
    
  
  
  • 
    
    Chapter 2: Developing Dissectors and Plug-ins for the Ettercap Network Sniffer
    
    
  
  
  • 
    
    Chapter 3: Extending Hydra and Nmap
    
    
  
  
  • 
    
    Chapter 4: Writing Plug-ins for the Nikto Vulnerability Scanner
    
    
  
  
  • 
    
    Chapter 5: Writing Modules for the Metasploit Framework
    
    
  
  
  • 
    
    Chapter 6: Extending Code Analysis to the Webroot
    
    
  
  
  
  
  
• 
  
  Modifying and Hacking Security Tools
  
  
  
  
  • 
    
    Chapter 7: Fun with Linux Kernel Modules
    
    
  
  
  • 
    
    Chapter 8: Developing Web Assessment Tools and Scripts
    
    
  
  
  • 
    
    Chapter 9: Automated Exploit Tools
    
    
  
  
  • 
    
    Chapter 10: Writing Network Sniffers
    
    
  
  
  • 
    
    Chapter 11: Writing Packet-Injection Tools
    
    
  
  
  
  
  
• 
  
  Colophon
  
  





About the author

Nitesh Dhanjani is a well known security researcher, author, and speaker. Dhanjani is currently Senior Manager at a large consulting firm where he advises some of the largest corporations around the world on how to establish enterprise wide information security programs and solutions. Dhanjani is also responsible for evangelizing brand new technology service lines around emerging technologies and trends such as cloud computing and virtualization.Prior to his current job, Dhanjani was Senior Director of Application Security and Assessments at a major credit bureau where he spearheaded brand new security efforts into enhancing the enterprise SDLC, created a process for performing source code security reviews & Threat Modeling, and managed the Attack & Penetration team.Dhanjani is the author of "Network Security Tools: Writing, Hacking, and Modifying Security Tools" (O'Reilly) and "HackNotes: Linux and Unix Security" (Osborne McGraw-Hill). He is also a contributing author to "Hacking Exposed 4" (Osborne McGraw-Hill) and "HackNotes: Network Security". Dhanjani has been invited to talk at various information security events such as the Black Hat Briefings, RSA, Hack in the Box, Microsoft Blue Hat, and OSCON.Dhanjani graduated from Purdue University with both a Bachelors and Masters degree in Computer Science.Dhanjani's personal blog is located at dhanjani.com.

Justin Clarke is an information security consultant. He has over 7 years of security experience in network, web application, source code andwireless testing work for some of the largest organizations in the United States, the United Kingdom and New Zealand. He is active in developing security tools for penetrating webapplications, servers, and wireless networks and as a compulsive tinkerer he can't leave anything alone without at least trying to see how it works. Justin Clarke got his Bachelor's degree in Computer Science from Canterbury University in New Zealand.

Summary

This concise, high-end guide shows experienced administrators how to customize and extend popular open source security tools such as Nikto, Ettercap, and Nessus. It also addresses port scanners, packet injectors, network sniffers, and web assessment tools.