Books About Hacking

Rtfm: Red Team Field Manual, 2014 – https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=sr_1_1?dchild=1&keywords=red+team+field+manual&qid=1622069547&s=books&sr=1-1 Blue Team Field Manual (BTFM), 2017 – https://www.amazon.com/Blue-Team-Field-Manual-BTFM/dp/154101636X/ref=sr_1_4?dchild=1&keywords=red+team+field+manual&qid=1622069547&s=books&sr=1-4 The Cuckoo’s Egg, 1989 – https://www.amazon.com/Cuckoos-Egg-Tracking-Computer-Espionage/dp/B0845PM1M5/ref=sr_1_1?dchild=1&keywords=cuckoo%27s+egg&qid=1621902773&s=books&sr=1-1 Gray Hat Hacking: The Ethical Hacker’s Handbook, 2018 – https://www.amazon.com/Gray-Hat-Hacking-Ethical-Handbook-dp-1260108414/dp/1260108414/ref=dp_ob_title_bk  

[ Hacker Night School ] :: The Illustrated TLS Connection

This entry is part 32 of 32 in the series [ Hacker Night School ]

Https://tls.ulfheim.net/ has a beautiful graphical way to see every step of setting up a TLS connection. This is porn for network geeks, but also for hackers (sometimes the same people). To paraphrase Ultra Famous Hacking God Pablos Holman, Here’s the messages between website and client to set up TLS. Every one of these is an …

[ Hacker Night School ] :: the POODLE attack, featuring TLS Downgrade

This entry is part 31 of 32 in the series [ Hacker Night School ]

The KBID XXX – TLS Downgrade I almost every course I teach I discuss the perils of “TLS fallback,” a fatal misconfiguration that negotiates a web server back to an old, insecure SSL/TLS version. From there it’s simple to use known exploits against the web server and boom, now it’s a Russian crimeware server. This …

[ Hacker Night School ] :: The Holy Unblocker

This entry is part 30 of 32 in the series [ Hacker Night School ]

A fellow teacher tells me about the “Holy Unblocker,” a proxy service that lets school kids get around their school’s web restrictions. It looks to me like it could be useful for other people, perhaps people living under regimes that want to control their access to knowledge and communications. This proxy is insidious: it uses …

The KNOB Attack: Does this exploit from 2018 still work?

This entry is part 29 of 32 in the series [ Hacker Night School ]

Here’s an awesome Bluetooth exploit from 2018 that EVERY device was vulnerable to, called the KNOB attack. “We found and exploited a severe vulnerability in the Bluetooth specification that allows an attacker to break the security mechanisms of Bluetooth for any standard-compliant device. As a result, an attacker is able to the listen, or change …

XSS Game :: Learn Cross-Site Scripting, Bug-Test Google Apps, Step 3: Profit

This entry is part 5 of 5 in the series [ Sites Where You Can Hack ]

Here’s another Google Appspot pen-testing practice site, this one focused on XSS (Cross-Site Scripting). Oh, it’s so fun to have sites where you can rampage like Hannibal’s elephants without getting condemned to death by gladiator! “In this training program, you will learn to find and exploit XSS bugs. You’ll use this knowledge to confuse and …

Gruyere :: A Cheesy Web App For Your Hacking Delectation

I’ll let them say it: “This codelab is built around Gruyere /ɡruːˈjɛər/ – a small, cheesy web application that allows its users to publish snippets of text and store assorted files. ‘Unfortunately,’ Gruyere has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. …

Gruyere :: A Cheesy Web App For Your Hacking Delectation

This entry is part 4 of 5 in the series [ Sites Where You Can Hack ]

I’ll let them say it: “This codelab is built around Gruyere /ɡruːˈjɛər/ – a small, cheesy web application that allows its users to publish snippets of text and store assorted files. ‘Unfortunately,’ Gruyere has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. …

OWASP Juice Shop :: Get Your Web Hacking Jollies Here [ Hacker Night School ]

OWASP Juice Shop: Hmm, let’s see what we can hack here. This isn’t for beginners, but this realistic e-commerce site lets you root around and find things to break without the local gendarmerie knocking at your door. It’s pretty, it’s well-designed and well-coded, and it keys to the OWASP Top 10 Web Vulnerabilities (which you’d …