»
InfoSec Career Hacking: Sell Your Skillz, Not Your Soul
 
 

InfoSec Career Hacking: Sell Your Skillz, Not Your Soul, 1st Edition

 
InfoSec Career Hacking: Sell Your Skillz, Not Your Soul, 1st Edition,Chris Hurley,Johnny Long,Aaron Bayles,Ed Brindley,ISBN9781597490115
 
 
 

  &      &      &      

Syngress

9781597490115

9780080489032

448

229 X 178

Print Book + eBook

USD 52.14
USD 86.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 44.95

eBook
eBook Overview

VST (VitalSource Bookshelf) format

DRM-free included formats : EPUB, Mobi (for Kindle), PDF

USD 41.95
Add to Cart
 
 

Key Features

* The InfoSec job market will experience explosive growth over the next five years, and many candidates for these positions will come from thriving, hacker communities

* Teaches these hackers how to build their own test networks to develop their skills to appeal to corporations and government agencies

* Provides specific instructions for developing time, management, and personal skills to build a successful InfoSec career

Description

“InfoSec Career Hacking” starts out by describing the many, different InfoSec careers available including Security Engineer, Security Analyst, Penetration Tester, Auditor, Security Administrator, Programmer, and Security Program Manager. The particular skills required by each of these jobs will be described in detail, allowing the reader to identify the most appropriate career choice for them.

Next, the book describes how the reader can build his own test laboratory to further enhance his existing skills and begin to learn new skills and techniques. The authors also provide keen insight on how to develop the requisite soft skills to migrate form the hacker to corporate world.

Chris Hurley

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Affiliations and Expertise

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

View additional works by Chris Hurley

Johnny Long

Johnny Long is a Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author. He can be found lurking at his website (http://johnny.ihackstuff.com). He is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need those skills.

Affiliations and Expertise

A Christian by grace, a professional hacker by trade, a pirate by blood, a ninja in training, a security researcher and author who lurks at his website (http://johnny.ihackstuff.com) and is the founder of Hackers For Charity(http://ihackcharities.org), an organization that provides hackers with job experience while leveraging their skills for charities that need them

View additional works by Johnny Long
Information about this author is currently not available.
Information about this author is currently not available.

InfoSec Career Hacking: Sell Your Skillz, Not Your Soul, 1st Edition

Acknowledgments

Author Dedication

Lead Author and Technical Editor

Contributing Authors

Technical Reviewer

Foreword Contributor

Foreword

Part I: Recon/Assessment

Chapter 1: The Targets—What I Want to Be When I Grow Up (or at Least Get Older)

Introduction

Understanding INFOSEC

Employment Opportunities

Defining the Jobs

Bringing Together the Skills

Advanced Skills

So Where Do I Match Up?

Checklist

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 2: Reconnaissance: Social Engineering for Profit

Introduction

Narrowing Your Choices

Digging for Information

Researching for Rewards

Making Contact

Checklist

Summary

Solutions Fast Track

Links to Sites

Mailing Lists

Frequently Asked Questions

Chapter 3: Enumerate: Determine What’s Out There

Introduction

What Should I Do First?

Is Education Important?

Certifications: Magic or Myth?

Getting Your Name Out There

Understanding Opportunities and Gaining Experience

Security Clearances

Summary

Solutions Fast Track

Links to Sites

Mailing Lists

Frequently Asked Questions

Chapter 4: First Strike: Basic Tactics for Successful Exploitation

Part II: Technical Skills

Chapter 5: The Laws of Security

Introduction

Knowing the Laws of Security

Client-Side Security Doesn’t Work

You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information

Malicious Code Cannot Be 100 Percent Protected against

Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection

Firewalls Cannot Protect You 100 Percent from Attack

Any IDS Can Be Evaded

Secret Cryptographic Algorithms Are Not Secure

If a Key Is Not Required, You Do Not Have Encryption—You Have Encoding

Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them

In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit

Security through Obscurity Does Not Work

Summary

Solutions Fast Track

Frequently Asked Questions

Chapter 6: No Place Like/home—Creating an Attack Lab

Chapter 7: Vulnerability Disclosure

Introduction

Vulnerability Disclosure and Cyber Adversaries

“Free For All”: Full Disclosure

Unfixed Vulnerability Attack Capability and Attack Inhibition Considerations

Probability of Success Given an Attempt

Probability of Detection Given an Attempt

“Symmetric” Full Disclosure

Responsible Restricted “Need to Know” Disclosure

Responsible, Partial Disclosure and Attack Inhibition Considerations

“Responsible” Full Disclosure

Responsible, Full Disclosure Capability and Attack Inhibition Considerations

Security Firm “Value Added” Disclosure Model

Value-Add Disclosure Model Capability and Attack Inhibition Considerations

Non-Disclosure

The Vulnerability Disclosure Pyramid Metric

Pyramid Metric Capability and Attack Inhibition

Pyramid Metric and Capability—A Composite Picture Pyramid

Comparison of Mean Inhibitor Object Element Values

The Disclosure Food Chain

Summary

Frequently Asked Questions

Chapter 8: Classes of Attack

Introduction

Identifying and Understanding the Classes of Attack

Identifying Methods of Testing for Vulnerabilities

Standard Research Techniques

Summary

Solutions Fast Track

Frequently Asked Questions

Part III: On the Job

Chapter 9: Don’t Trip the Sensors: Integrate and Imitate

Introduction

Hacking the System

Hacking the Network

Escalating Your Privileges

Managing Your Time

Checklist

Summary

Solutions Fast Track

Links to Sites

Mailing Lists

Frequently Asked Questions

Chapter 10: Vulnerability Remediation—Work Within the System

Introduction

Giving Back to the (Local) Community

Contributing to the INFOSEC Community

Upgrading Your Skills

Upgrading Your Workplace

Checklist

Summary

Solutions Fast Track

Links to Sites

Frequently Asked Questions

Chapter 11: Incident Response – Putting Out Fires Without Getting Burned

Amanda

Chapter 12: Rooting: Show Me the Money!

Introduction

Building Jumpstart InfoSec Services

Managing Hackers

Planning, Expanding, and Dominating

Summary

Solutions Fast Track

Links to Sites

Frequently Asked Questions

Index

 
 
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us