Attacking Network Protocols is a deep dive into network protocol security from James Forshaw, one of the world s leading bug hunters. This comprehensive guide looks at networking from an attacker s perspective to help you discover, exploit, and ultimately protect vulnerabilities.
You ll start with a rundown of networking basics and protocol traffic capture before moving on to static and dynamic protocol analysis, common protocol structures, cryptography, and protocol security. Then you ll turn your focus to finding and exploiting vulnerabilities, with an overview of common bug classes, fuzzing, debugging, and exhaustion attacks.
Learn how to:
- Capture, manipulate, and replay packets
- Develop tools to dissect traffic and reverse engineer code to understand the inner workings of a network protocol
- Discover and exploit vulnerabilities such as memory corruptions, authentication bypasses, and denials of service
- Use capture and analysis tools like Wireshark and develop your own custom network proxies to manipulate network traffic
Attacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to understand and discover network vulnerabilities.
You ll start with a rundown of networking basics and protocol traffic capture before moving on to static and dynamic protocol analysis, common protocol structures, cryptography, and protocol security. Then you ll turn your focus to finding and exploiting vulnerabilities, with an overview of common bug classes, fuzzing, debugging, and exhaustion attacks.
Learn how to:
- Capture, manipulate, and replay packets
- Develop tools to dissect traffic and reverse engineer code to understand the inner workings of a network protocol
- Discover and exploit vulnerabilities such as memory corruptions, authentication bypasses, and denials of service
- Use capture and analysis tools like Wireshark and develop your own custom network proxies to manipulate network traffic
Attacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to understand and discover network vulnerabilities.
"One of the best, if not the best, reference books on this material."
Andrew Swoboda, Tripwire
Very readable and accessible...worth reading even if your only interest in network security is as an applications developer.
I Programmer
"Whether you're a pen tester, fuzzer, or a serene developer seeking understanding of what not to do, this book is an excellent beginner's guide."
Sven Dietrich, IEEE Cipher, Cipher Book Review
"Concise and easy to follow."
Nicky Lim, Goodreads Reviewer
Andrew Swoboda, Tripwire
Very readable and accessible...worth reading even if your only interest in network security is as an applications developer.
I Programmer
"Whether you're a pen tester, fuzzer, or a serene developer seeking understanding of what not to do, this book is an excellent beginner's guide."
Sven Dietrich, IEEE Cipher, Cipher Book Review
"Concise and easy to follow."
Nicky Lim, Goodreads Reviewer