Good book for hacking

Question

User-9833593 posted

Hello everyone I have searched alot to find a good book to learn hacking in terms of programming point of view but I could not find please help me?

Answer 1

User-2010311731 posted

Hopefully you are talking about how to prevent hacking on your site?  If so, here is a good article to start with.

http://msdn.microsoft.com/en-us/library/ms972969.aspx

If you are asking about learning how to become a hacker, most of us want to prevent that.

 

Matt

 

Answer 2

User-9833593 posted

You know learning hacking does not mean that I want to hack others By way of illustration when you know how to hack you can prevent it better and for more explanation hacking these days is a science and most people who are very expert in security know the way of hacking and just because of that they are trustworthy in terms of security so let us think it positively and the bottom line is that yes I want a good resource or book about hacking???(I bought some Dvds from an international company about ceche but it was a bit theoritically and not functional please help me) 

Answer 3

User-1696077569 posted

Here is a very good series by Troy Hunt

http://www.troyhunt.com/2011/06/owasp-top-10-for-net-developers-part-7.html

Answer 4

User-933339589 posted

http://google-gruyere.appspot.com/

Answer 5

User-9833593 posted

Hi my friends again,

You know the source that you introduced are awesome and I am so proud of experts like you but please introduce complete resource like book which describe all types of hacking Like sql Injection ,Xss attack or CSRF or... thanks a lot beforehand?????

Answer 6

User-1696077569 posted

http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/0470170778/ref=pd_sim_b_1

Answer 7

User-114806852 posted

Have a look at the following book.

http://www.amazon.com/Beginning-ASP-NET-Security-Wrox-Programmer/dp/0470743654/ref=sr_1_1?ie=UTF8&qid=1308257557&sr=8-1

Answer 8

User-9833593 posted

Thanks to anyone who participate in this post

Answer 9

User-434868552 posted

if you want to become an expert, you'll need to spend hundreds to thousands of hours.

most of us do not have that much time.

i recommend that you subscribe to 2600 magazine (http://www.2600.com/); @2600 on Twitter.  you'll pick up tips on many types of hacking; your local library may also carry "2600".

i agree with you that the more one knows about hacking, the better one can defend herself/hlimself.

the best defence against hacking is to diligently follow best practices.

Examples:

Windows Update is a double edge sword; more than once, i've seen poorly designed updates cause nasty side effects.  However, if one reads the descriptions about each Windows update, one discovers that many of them are security fixes.  "Bad" hackers also get these and the really good "bad" hackers are capable of reverse engineering the security fixes and then developing an exploit against those individuals who have neglected to keep their systems up to date.

Passwords.  It's absolutely amazing how many people use the same password, often a weak password, for both trivial purposes and critical purposes like their online banking.  It's also amazing how many people never change their password.  If one has difficulty remembering passwords, learn to use an open source program like KeePass [http://keepass.info/] as recommend by Scott Hanselman [http://www.hanselman.com/blog/ScottHanselmans2009UltimateDeveloperAndPowerUsersToolListForWindows.aspx].

For small networks, restrict access to specific ip addresses and mac addresses [http://en.wikipedia.org/wiki/MAC_address]; for wireless networks use higher levels of encryption than WEP and hide your SSID.

Security extends beyond the computer; if you have two bank cards, or a bank card and a credit card, use different PIN numbers for each.

Virus protection.  What's the best anti-virus software? (rhetorical)  Answer:  any of the decent AV products that has up to date virus signatures.  Your own anti-virus software may be the "best" but if your virus signatures are out of date you have the "worst" av software.

Rename or disable well known account ids like Administrator and Guest.

Really important data ought to be encrypted although most of us fail to do that.  Really valuable data should be offline in a vault when it's not being used.

Study your security logs to determine whether you've been attacked, even unsuccessfully.  Enable security events like failed logons and successful logons if they are not already enabled.  Allocate enough disk space for your security logs so that the stored events do not get overwritten before you've had a chance to review them.

et cetera, et cetera, et cetera

g.

P.S.:  you might also enjoy installing WireShark [http://wireshark.org/] and Fiddler2[http://fiddler2.com/fiddler2/] to watch inbound and outbound network traffic.

Answer 10

User-9833593 posted

Thanks to your complete and awesome reply,

You know I have been so frustrated about this subjet because everywhere I ask this question programmers treat me like wicked person but now I am so happy when I see that you face this matter very rationally ,moreover I have concluded from your post that for being a good hacker(just for purpose of defending )I should be more than a good programmer and have a good knowlege of Network and...