Perl Scripting for Windows Security

Perl Scripting for Windows Security

Author: Harlan Carvey

Publisher: Elsevier

Published: 2011-04-18

Total Pages: 221

ISBN-13: 0080555632

DOWNLOAD EBOOK

I decided to write this book for a couple of reasons. One was that I've now written a couple of books that have to do with incident response and forensic analysis on Windows systems, and I used a lot of Perl in both books. Okay...I'll come clean...I used nothing but Perl in both books! What I've seen as a result of this is that many readers want to use the tools, but don't know how...they simply aren't familiar with Perl, with interpreted (or scripting) languages in general, and may not be entirely comfortable with running tools at the command line. This book is intended for anyone who has an interest in useful Perl scripting, in particular on the Windows platform, for the purpose of incident response, and forensic analysis, and application monitoring. While a thorough grounding in scripting languages (or in Perl specifically) is not required, it helpful in fully and more completely understanding the material and code presented in this book. This book contains information that is useful to consultants who perform incident response and computer forensics, specifically as those activities pertain to MS Windows systems (Windows 2000, XP, 2003, and some Vista). My hope is that not only will consultants (such as myself) find this material valuable, but so will system administrators, law enforcement officers, and students in undergraduate and graduate programs focusing on computer forensics. *Perl Scripting for Live ResponseUsing Perl, there's a great deal of information you can retrieve from systems, locally or remotely, as part of troubleshooting or investigating an issue. Perl scripts can be run from a central management point, reaching out to remote systems in order to collect information, or they can be "compiled" into standalone executables using PAR, PerlApp, or Perl2Exe so that they can be run on systems that do not have ActiveState's Perl distribution (or any other Perl distribution) installed.*Perl Scripting for Computer Forensic AnalysisPerl is an extremely useful and powerful tool for performing computer forensic analysis. While there are applications available that let an examiner access acquired images and perform some modicum of visualization, there are relatively few tools that meet the specific needs of a specific examiner working on a specific case. This is where the use of Perl really shines through and becomes apparent.*Perl Scripting for Application MonitoringWorking with enterprise-level Windows applications requires a great deal of analysis and constant monitoring. Automating the monitoring portion of this effort can save a great deal of time, reduce system downtimes, and improve the reliability of your overall application. By utilizing Perl scripts and integrating them with the application technology, you can easily build a simple monitoring framework that can alert you to current or future application issues.


Win32 Perl Programming

Win32 Perl Programming

Author: Dave Roth

Publisher: Sams Publishing

Published: 2001

Total Pages: 754

ISBN-13: 157870216X

DOWNLOAD EBOOK

This book is a guide to Perl¿s most common Win32 extensions, grouped by their functionality. The new edition updates coverage from Perl 5.05 to current Perl version 5.6. It also includes new chapters offering critical, badly-needed information regarding security for Win32Perl, the topic most highly requested by reviewers. The appendices have descriptions and syntax of each function in the extensions covered. Each chapter makes extensive use of code segments to illustrate the use of specific functions and real world scenarios in which these functions can be used.


Perl for System Administration

Perl for System Administration

Author: David N. Blank-Edelman

Publisher: "O'Reilly Media, Inc."

Published: 2000

Total Pages: 452

ISBN-13: 9781565926097

DOWNLOAD EBOOK

Some people plan to become administrators. The rest of us are thrust into it: we are webmasters, hobbyists, or just the default "technical people" on staff who are expected to keep things running. After some stumbling around repeating the same steps over and over again (and occasionally paying the price when we forget one), we realize that we must automate these tasks, or suffer endless frustration. Thus enters Perl.The Perl programming language is ideal for writing quick yet powerful scripts that automate many administrative tasks. It's modular, it's powerful, and it's perfect for managing systems and services on many platforms.Perl for System Administration is designed for all levels of administrators--from hobbyists to card-carrying SAGE members--sysadmins on multi-platform sites. Written for several different platforms (Unix, Windows NT, and Mac OS), it's a guide to the pockets of administration where Perl can be most useful for sites large and small, including: Filesystem management User administration with a dash of XML DNS and other network name services Database administration using DBI and ODBC Directory services and frameworks like LDAP and ADSI Using email for system administration Working with log files of all kinds Each chapter concentrates on a single administrative area, discusses the possible pitfalls, and then shows how Perl comes to the rescue. Along the way we encounter interesting Perl features and tricks, with many extended examples and complete programs. The scripts included in the book can simply be used as written or with minimal adaptation. But it's likely that readers will also get a taste of what Perl can do, and start extending those scripts for tasks that we haven't dreamed of.Perl for System Adminstration doesn't attempt to teach the Perl language, but it is an excellent introduction to the power and flexibility of Perl, and it whets the appetite to learn more. It's for anyone who needs to use Perl for system administration and needs to hit the ground running.


Windows Forensic Analysis Toolkit

Windows Forensic Analysis Toolkit

Author: Harlan Carvey

Publisher: Elsevier

Published: 2014-03-11

Total Pages: 344

ISBN-13: 0124171745

DOWNLOAD EBOOK

Harlan Carvey has updated Windows Forensic Analysis Toolkit, now in its fourth edition, to cover Windows 8 systems. The primary focus of this edition is on analyzing Windows 8 systems and processes using free and open-source tools. The book covers live response, file analysis, malware detection, timeline, and much more. Harlan Carvey presents real-life experiences from the trenches, making the material realistic and showing the why behind the how. The companion and toolkit materials are hosted online. This material consists of electronic printable checklists, cheat sheets, free custom tools, and walk-through demos. This edition complements Windows Forensic Analysis Toolkit, Second Edition, which focuses primarily on XP, and Windows Forensic Analysis Toolkit, Third Edition, which focuses primarily on Windows 7. This new fourth edition provides expanded coverage of many topics beyond Windows 8 as well, including new cradle-to-grave case examples, USB device analysis, hacking and intrusion cases, and "how would I do this" from Harlan's personal case files and questions he has received from readers. The fourth edition also includes an all-new chapter on reporting. - Complete coverage and examples of Windows 8 systems - Contains lessons from the field, case studies, and war stories - Companion online toolkit material, including electronic printable checklists, cheat sheets, custom tools, and walk-throughs


The Art of Software Security Testing

The Art of Software Security Testing

Author: Chris Wysopal

Publisher: Pearson Education

Published: 2006-11-17

Total Pages: 332

ISBN-13: 0132715759

DOWNLOAD EBOOK

State-of-the-Art Software Security Testing: Expert, Up to Date, and Comprehensive The Art of Software Security Testing delivers in-depth, up-to-date, battle-tested techniques for anticipating and identifying software security problems before the “bad guys” do. Drawing on decades of experience in application and penetration testing, this book’s authors can help you transform your approach from mere “verification” to proactive “attack.” The authors begin by systematically reviewing the design and coding vulnerabilities that can arise in software, and offering realistic guidance in avoiding them. Next, they show you ways to customize software debugging tools to test the unique aspects of any program and then analyze the results to identify exploitable vulnerabilities. Coverage includes Tips on how to think the way software attackers think to strengthen your defense strategy Cost-effectively integrating security testing into your development lifecycle Using threat modeling to prioritize testing based on your top areas of risk Building testing labs for performing white-, grey-, and black-box software testing Choosing and using the right tools for each testing project Executing today’s leading attacks, from fault injection to buffer overflows Determining which flaws are most likely to be exploited by real-world attackers


Network Programming with Perl

Network Programming with Perl

Author: Lincoln D. Stein

Publisher: Addison-Wesley Professional

Published: 2001

Total Pages: 798

ISBN-13: 9780201615715

DOWNLOAD EBOOK

A text focusing on the methods and alternatives for designed TCP/IP-based client/server systems and advanced techniques for specialized applications with Perl. A guide examining a collection of the best third party modules in the Comprehensive Perl Archive Network. Topics covered: Perl function libraries and techniques that allow programs to interact with resources over a network. IO: Socket library ; Net: FTP library -- Telnet library -- SMTP library ; Chat problems ; Internet Message Access Protocol (IMAP) issues ; Markup-language parsing ; Internet Protocol (IP) broadcasting and multicasting.


Penetration Tester's Open Source Toolkit

Penetration Tester's Open Source Toolkit

Author: Jeremy Faircloth

Publisher: Elsevier

Published: 2011-08-25

Total Pages: 465

ISBN-13: 1597496286

DOWNLOAD EBOOK

Penetration Tester's Open Source Toolkit, Third Edition, discusses the open source tools available to penetration testers, the ways to use them, and the situations in which they apply. Great commercial penetration testing tools can be very expensive and sometimes hard to use or of questionable accuracy. This book helps solve both of these problems. The open source, no-cost penetration testing tools presented do a great job and can be modified by the student for each situation. This edition offers instruction on how and in which situations the penetration tester can best use them. Real-life scenarios support and expand upon explanations throughout. It also presents core technologies for each type of testing and the best tools for the job. The book consists of 10 chapters that covers a wide range of topics such as reconnaissance; scanning and enumeration; client-side attacks and human weaknesses; hacking database services; Web server and Web application testing; enterprise application testing; wireless penetrating testing; and building penetration test labs. The chapters also include case studies where the tools that are discussed are applied. New to this edition: enterprise application testing, client-side attacks and updates on Metasploit and Backtrack. This book is for people who are interested in penetration testing or professionals engaged in penetration testing. Those working in the areas of database, network, system, or application administration, as well as architects, can gain insights into how penetration testers perform testing in their specific areas of expertise and learn what to expect from a penetration test. This book can also serve as a reference for security or audit professionals. - Details current open source penetration testing tools - Presents core technologies for each type of testing and the best tools for the job - New to this edition: Enterprise application testing, client-side attacks and updates on Metasploit and Backtrack


Advanced Perl Programming

Advanced Perl Programming

Author: Sriram Srinivasan

Publisher: "O'Reilly Media, Inc."

Published: 1997

Total Pages: 444

ISBN-13: 9781565922204

DOWNLOAD EBOOK

Covers advanced features of Perl, how the Perl interpreter works, and presents areas of modern computing technology such as networking, user interfaces, persistence, and code generation.


Programming Perl 5.0 CGI Web Pages for Microsoft Windows NT

Programming Perl 5.0 CGI Web Pages for Microsoft Windows NT

Author: Jonathan Hagey

Publisher:

Published: 1996

Total Pages: 420

ISBN-13: 9781562764203

DOWNLOAD EBOOK

The building block approach this book takes offers programmers with a grounding in Perl as they learn to write scripts for tasks they encounter. Special sections called PC solution give example scripts for common programming situations that readers can modify and use immediately.


The Official (ISC)2 Guide to the SSCP CBK

The Official (ISC)2 Guide to the SSCP CBK

Author: Adam Gordon

Publisher: John Wiley & Sons

Published: 2015-11-09

Total Pages: 930

ISBN-13: 1119244196

DOWNLOAD EBOOK

The (ISC)2 Systems Security Certified Practitioner (SSCP) certification is one of the most popular and ideal credential for those wanting to expand their security career and highlight their security skills. If you are looking to embark on the journey towards your (SSCP) certification then the Official (ISC)2 Guide to the SSCP CBK is your trusted study companion. This step-by-step, updated 3rd Edition provides expert instruction and extensive coverage of all 7 domains and makes learning and retaining easy through real-life scenarios, sample exam questions, illustrated examples, tables, and best practices and techniques. Endorsed by (ISC)² and compiled and reviewed by leading experts, you will be confident going into exam day. Easy-to-follow content guides you through Major topics and subtopics within the 7 domains Detailed description of exam format Exam registration and administration policies Clear, concise, instruction from SSCP certified experts will provide the confidence you need on test day and beyond. Official (ISC)2 Guide to the SSCP CBK is your ticket to becoming a Systems Security Certified Practitioner (SSCP) and more seasoned information security practitioner.