Written by two experienced penetration testers the material presented discusses the basics of the OS X environment and its vulnerabilities. Including but limited to; application porting, virtualization utilization and offensive tactics at the kernel, OS and wireless level. This book provides a comprehensive in-depth guide to exploiting and compromising the OS X platform while offering the necessary defense and countermeasure techniques that can be used to stop hackers

As a resource to the reader, the companion website will provide links from the authors, commentary and updates.

*Provides relevant information including some of the latest OS X threats

*Easily accessible to those without any prior OS X experience

*Useful tips and strategies for exploiting and compromising OS X systems

*Includes discussion of defensive and countermeasure applications and how to use them

*Covers mobile IOS vulnerabilities

Low Tech Hacking teaches your students how to avoid and defend against some of the simplest and most common hacks. Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. This book focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. It provides detailed descriptions of potential threats and vulnerabilities, many of which the majority of the information systems world may be unaware. It contains insider knowledge of what could be your most likely low-tech threat, with timely advice from some of the top security minds in the world. Author Jack Wiles spent many years as an inside penetration testing team leader, proving that these threats and vulnerabilities exist and their countermeasures work. His contributing authors are among the best in the world in their respective areas of expertise. The book is organized into 8 chapters covering social engineering; locks and ways to low tech hack them; low tech wireless hacking; low tech targeting and surveillance; low tech hacking for the penetration tester; the law on low tech hacking; and information security awareness training as a countermeasure to employee risk. This book will be a valuable resource for penetration testers, internal auditors, information systems auditors, CIOs, CISOs, risk managers, fraud investigators, system administrators, private investigators, ethical hackers, black hat hackers, corporate attorneys, and members of local, state, and federal law enforcement.

The Updated Version of the Bestselling Nessus Book.
This is the ONLY Book to Read if You Run Nessus Across the Enterprise
Ever since its beginnings in early 1998, the Nessus Project has attracted security researchers from all walks of life. It continues this growth today. It has been adopted as a de facto standard by the security industry, vendor, and practitioner alike, many of whom rely on Nessus as the foundation to their security practices. Now, a team of leading developers have created the definitive book for the Nessus community.
* Perform a Vulnerability Assessment
Use Nessus to find programming errors that allow intruders to gain unauthorized access.
* Obtain and Install Nessus
Install from source or binary, set up up clients and user accounts, and update your plug-ins.
* Modify the Preferences Tab
Specify the options for Nmap and other complex, configurable components of Nessus.
* Understand Scanner Logic and Determine Actual Risk
Plan your scanning strategy and learn what variables can be changed.
* Prioritize Vulnerabilities
Prioritize and manage critical vulnerabilities, information leaks, and denial of service errors.
* Deal with False Positives
Learn the different types of false positives and the differences between intrusive and nonintrusive tests.
* Get Under the Hood of Nessus
Understand the architecture and design of Nessus and master the Nessus Attack Scripting Language (NASL).
* Scan the Entire Enterprise Network
Plan for enterprise deployment by gauging network bandwith and topology issues.
* Nessus is the premier Open Source vulnerability assessment tool, and has been voted the "most popular" Open Source security tool several times.
* The first edition is still the only book available on the product.
* Written by the world's premier Nessus developers and featuring a foreword by the creator of Nessus, Renaud Deraison.

The sexy, elegant design of the Apple PowerBook combined with the Unix-like OS X operating system based on FreeBSD, have once again made OS X the Apple of every hacker s eye. In this unique and engaging book covering the brand new OS X 10.4 Tiger, the world s foremost true hackers unleash the power of OS X for everything form cutting edge research and development to just plain old fun.
OS X 10.4 Tiger is a major upgrade for Mac OS X for running Apple s Macintosh computers and laptops. This book is not a reference to every feature and menu item for OS X. Rather, it teaches hackers of all types from software developers to security professionals to hobbyists, how to use the most powerful (and often obscure) features of OS X for wireless networking, WarDriving, software development, penetration testing, scripting administrative tasks, and much more.
* Analyst reports indicate that OS X sales will double in 2005. OS X Tiger is currently the #1 selling software product on Amazon and the 12-inch PowerBook is the #1 selling laptop
* Only book on the market directly appealing to groundswell of hackers migrating to OS X
* Each chapter written by hacker most commonly associated with that topic, such as Chris Hurley (Roamer) organizer of the World Wide War Drive"

This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow s headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. Donald Withers, CEO and Cofounder of TheTrainingCo.
Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.
Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise.
Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.
Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.
Kevin O Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.
Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.
Dennis O Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.
Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards.
Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist s responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.
Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can t do, and arms you with the information you need to set your career path.
Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.
*Internationally known experts in information security share their wisdom
*Free pass to Techno Security Conference for everyone who purchases a book $1,200 value
*2-HOUR DVD with cutting edge information on the future of information security"

Wireless networking has become standard in many business and government networks. This book is the first book that focuses on the methods used by professionals to perform WarDriving and wireless pentration testing.
Unlike other wireless networking and security books that have been published in recent years, this book is geared primarily to those individuals that are tasked with performing penetration testing on wireless networks. This book continues in the successful vein of books for penetration testers such as Google Hacking for Penetration Testers and Penetration Tester s Open Source Toolkit. Additionally, the methods discussed will prove invaluable for network administrators tasked with securing wireless networks. By understanding the methods used by penetration testers and attackers in general, these administrators can better define the strategies needed to secure their networks.
* According to a study by the Strategis Group more than one third of the words population will own a wireless device by the end of 2008.
* The authors have performed hundreds of wireless penetration tests, modeling their attack methods after those used by real world attackers.
* Unlike other wireless books, this is geared specifically for those individuals that perform security assessments and penetration tests on wireless networks."

Network Security Evaluation provides a methodology for conducting technical security evaluations of all the critical components of a target network. The book describes how the methodology evolved and how to define the proper scope of an evaluation, including the consideration of legal issues that may arise during the evaluation. More detailed information is given in later chapters about the core technical processes that need to occur to ensure a comprehensive understanding of the network's security posture.
Ten baseline areas for evaluation are covered in detail. The tools and examples detailed within this book include both Freeware and Commercial tools that provide a detailed analysis of security vulnerabilities on the target network. The book ends with guidance on the creation of customer roadmaps to better security and recommendations on the format and delivery of the final report.
* There is no other book currently on the market that covers the National Security Agency's recommended methodology for conducting technical security evaluations
* The authors are well known in the industry for their work in developing and deploying network security evaluations using the NSA IEM
* The authors also developed the NSA's training class on this methodology