An Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you’ve understood the internal design of operating systems, you’ll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you’ll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection.
As you advance, you’ll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware.
By the end of this book, you’ll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.

Osoby które kupowały "Windows APT Warfare", wybierały także:

• Windows Media Center. Domowe centrum rozrywki 66,67 zÅ‚, (8,00 zÅ‚ -88%)
• Ruby on Rails. Ćwiczenia 18,75 zÅ‚, (3,00 zÅ‚ -84%)
• DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker 190,00 zÅ‚, (39,90 zÅ‚ -79%)
• Przywództwo w Å›wiecie VUCA. Jak być skutecznym liderem w niepewnym Å›rodowisku 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Scrum. O zwinnym zarzÄ…dzaniu projektami. Wydanie II rozszerzone 58,64 zÅ‚, (12,90 zÅ‚ -78%)

Spis treści

Windows APT Warfare. Identify and prevent Windows APT attacks effectively eBook -- spis treści

• 1. From Source to Binaries – The Journey of a C Program
• 2. Process Memory – File Mapping, PE Parser, tinyLinker, and Hollowing
• 3. Dynamic API Calling – Thread, Process, and Environment Information
• 4. Shellcode Technique – Exported Function Parsing
• 5. Application Loader Design
• 6. PE Module Relocation
• 7. PE to Shellcode – Transforming PE Files into Shellcode
• 8. Software Packer Design
• 9. Digital Signature – Authenticode Verification
• 10. Reversing User Account Control and Bypassing Tricks
• 11. Appendix – NTFS, Paths, and Symbols