The third issue of Brother Yu’s book donation event:
-
- "Those Things About CTF"
- "Building a Cyberspace Security System under a New Network Form"
- "Practical Guide to Red-Blue Confrontation from the Perspective of ATT&CK"
- "Kali Linux Advanced Penetration Testing"
- "The Definitive Guide to Smart Car Cybersecurity" Volume 1
- "The Definitive Guide to Smart Car Cybersecurity" Volume 2
- Suitable for reading:
- Book donation lottery rules:
"Those Things About CTF"
1.1 Introduction:
This book not only teaches the basic knowledge and operational skills related to cyberspace security, but also discusses the nature of CTF competition questions, focusing on analyzing ideas and methods when facing different types of questions. For example, for the first time, we proposed problem-solving thinking models such as "Image Steganography" and "Reverse True Scripture", and comprehensively summarized the testing methods for industrial control safety-related knowledge in CTF competitions. Judging from the effects of offline training, these methods are extremely practical.
"Those Things About CTF" popularizes the knowledge of cyberspace security in an easy-to-understand, humorous language in a popular way, thereby improving the public's awareness of cyberspace security, thereby promoting the improvement of the level of the entire industry, and helping our country become a powerful country in cyberspace security. lay a solid foundation.
This book was polished by Professor Li Zhoujun, the instructor of the top CTF team Lancet, and core team members over a period of 4 years. It innovatively proposes a new CTF knowledge learning framework and reflects Professor Li Zhoujun's many years of teaching essence and team leadership experience. The book covers common topics such as PWN, reverse engineering, and Web, and systematically summarizes the inspection methods of industrial control safety in CTF competitions. It not only teaches basic knowledge and operational skills, but also discusses the essence of CTF competition questions, focusing on analyzing ideas and methods when facing different types of questions.
Contents Directory
Preface Chapter 0 Starting the CTF Journey 1
0.0 History of CTF Competition 1
0.1 Common formats of CTF competitions 1
0.2 Well-known CTF competitions at home and abroad 3
0.3 Well-known CTF teams at home and abroad 4
0.4 Experimental environment preparation before learning 7
0.4.0 Virtual machine running software 7
0.4.1 Setting up a Python script running environment 9
0.4.2 Setting up Docker usage environment 11 Chapter 1 Security miscellaneous 12
1.0 Introduction to security miscellaneous competition questions 12
1.1 Common encoding and decoding 13 1.1.12 Brainfuck encoding 26 1.2.0 Basic knowledge of network protocols 31 1.2 Network traffic analysis 30 1.1.13 General problem-solving methods for coding questions 28 1.1.11 JSFuck encoding 25 1.1.10 Morse code 24 1.1.9 URL Encoding 24 1.1.8 XXencode encoding 23 1.1.7 UUencode encoding 22 1.1 .6 Quoted-printable encoding 22 1.1.5 Shellcode encoding 21 1.1.4 Other Base series encoding 19 1.1.3 Base16 encoding 19 1.1.2 Base32 encoding 18 1.1.1 Base64 encoding 15
1.1.0 ASCII encoding 13
"Building a Cyberspace Security System under a New Network Form"
1.1 Introduction:
After more than 30 years of development, security has penetrated into all aspects of informatization, forming a huge industry and complex theory, technology and product system.
Therefore, we need to view the relationship between security and networks from the perspective of cyberspace, the relationship between security manufacturers and customers from the perspective of the security industry, and the relationship between security system design and security system construction from the perspective of enterprises.
This is an in-depth deconstruction and reconstruction of the security industry with cyberspace as the framework, thinking as the knife, security products and technologies as the blade, and enterprise security system construction as the bull.
"Practical Guide to Red-Blue Confrontation from the Perspective of ATT&CK"
1.1 Introduction:
This is a book that can help both the red team and the blue team establish a complete attack and defense knowledge system. It is also a book that can not only guide enterprises to build and improve network security defense systems, but also create a personal security moat for security engineers. 's writings.
The whole book is based on the ATT&CK framework model, and systematically and in detail explains the six stages involved in information collection, tunnel penetration, privilege escalation, credential acquisition, lateral penetration, and persistence. Technical principles, attack methods and defense strategies. It not only allows the red team to understand the nature of the attack and master practical attack methods, but also allows the blue team to see through the red team's attack ideas, thereby building a more powerful defense system.
The purpose of this book is to "promote defense through attack and train through battle." Therefore, the book carefully compiles a large number of offensive and defensive cases from practice. Each case provides detailed ideas, specific The steps, as well as the experience, skills and precautions in actual combat, allow readers to feel the real atmosphere of offensive and defensive confrontation as much as possible.
This book is rich in content and extremely detailed in explanation, so it is huge in length. It specifically covers the following 7 aspects.
(1) Windows Security Basics
Detailed introduction to Windows security authentication mechanism (NTLM authentication, Kerberos domain authentication), protocols (LLMNR, NetBIOS, WPAD, LDAP) and domain basics.
(2) Information collection
Detailed explanation of host discovery, Windows/Linux operating system information collection, group policy information collection, domain control related information collection, and Exchange information collection and other information collection methods.
(3) Tunnel Penetration
Comprehensive and thorough explanation of the basic knowledge of tunnel penetration technology, methods of tunnel penetration using multi-protocols, and common tunnel utilization tools , and detection and protection methods.
(4) Privilege Escalation
Detailed explanation of privilege escalation commonly used in red-blue confrontation such as kernel vulnerability escalation, mismatch vulnerability escalation, third-party service privilege escalation, etc. Techniques, not only explains the utilization process of these techniques in actual scenarios, but also provides targeted defense methods.
(5) Credential acquisition
Explain in detail the main credential acquisition methods from the two dimensions of attack and defense, including software credential acquisition, local credential acquisition, and intra-domain credentials wait.
(6) Lateral movement
Comprehensive analysis and use of system application services and protocols such as task planning, remote services, group policy, WSUS, SCCM, Psexec, WMI, etc. for lateral movement The principles and processes of movement.
(7) Persistence
It not only explains in detail the persistence techniques commonly used by the red team, such as Windows persistence, Linux persistence, Windows domain permission maintenance, etc., but also The system analyzes the blue team’s detection and defense ideas for persistent attacks.
"Kali Linux Advanced Penetration Testing"
1.1 Introduction:
For quality assurance of enterprise network security construction work, the industry generally follows the PDCA (Plan, Do, Check, Act) methodology. In recent years, network security offensive and defensive confrontation drills have played an increasingly important role. By organizing internal or external attack teams, enterprise security managers can identify the protection shortcomings in their own network security construction process from the perspective of malicious attackers, test the effectiveness of security emergency plans, and continuously optimize them to provide stronger business development of escort capabilities.
This book is a rare reference book for enterprises to conduct network security confrontation drills, and is suitable for both attacking teams and defensive teams.
This book systematically introduces the best practices and common misunderstandings of the security testing process. Focusing on the open source tool Kali Linux, it elaborates on the principles and operating methods of various testing technologies. Even beginners can easily get started with the in-depth and simple guidance of this book. For experienced penetration testers, this book also provides practical scripts and code library resources for advanced practical scenarios, which I believe can bring new inspiration to readers.
Enterprise offensive and defensive confrontation drills are a comprehensive competition of the ideas, strategies, technologies and intelligence capabilities of both offense and defense. The situation of "the enemy is in darkness and we are clear" and "the offensive and defensive forces are asymmetric" often change rapidly. The outcome is temporary, and the normalization of the process is the main theme. In the actual cyberspace security, this kind of normalization happens every day. Only by correctly formulating the goals of offensive and defensive drills can the security team gain recognition from the enterprise for its security work.
"The Definitive Guide to Smart Car Cybersecurity" Volume 1
1.1 Introduction:
This is an authoritative guide that can help automotive practitioners and security practitioners comprehensively build an automotive network security knowledge system and quickly master automotive network security attack and defense experience. It was written by the head of the security team of a well-known domestic electric vehicle manufacturer and led the core team members. It takes "security left shift" as the guiding ideology and focuses on security compliance, security standards, security systems, security testing, security research and development, security operations, network attack and defense, Nine core topics such as threat assessment and autonomous driving safety provide a comprehensive and thorough explanation of automobile network security. It is a standard work in the field of automobile network security.
Due to the wide coverage, in-depth and detailed content, this book is relatively large. In order to facilitate readers with different needs to read and get what they need, the whole book is divided into two volumes, upper and lower.
Volume 1 (Chapter 1~10)
(1) Sorts out the development context of automobile safety and the three major safety themes of automobile functional safety, expected functional safety and network security. It aims to give readers a macro and overall understanding of automotive network security.
(2) It explains in detail the network composition of automobiles, network communication protocols, electronic and electrical architecture, and network security from an architectural perspective and a functional perspective, aiming to allow readers to accurately grasp network knowledge related to automobiles. .
(3) Focuses on interpreting the compliance system of automotive network security. The main content includes domestic and foreign network security regulations, automotive network security management systems and their applications, aiming to let readers understand the automotive network security Standards and combined with business scenarios for multi-body integration to establish a corresponding automotive network security management system.
(4) From the perspective of offense and defense, it explains how hackers can crack a car with zero threshold and the use of network security testing tools for various scenarios.
"The Definitive Guide to Smart Car Cybersecurity" Volume 2
1.1 Introduction:
(1) Detailedly summarizes the attack thinking and methods of car hackers, and lists common attack techniques and defense measures from the perspective of automotive network security architecture and automotive function application.
(2) The network security strategy covering the entire vehicle research and development cycle is systematically explained, including threat analysis and risk assessment, automotive network security architecture, automotive network security monitoring and response, etc.
(3) It provides a forward-looking explanation of advanced assisted driving safety and car charging network safety. Relevant knowledge is very scarce and can help readers broaden their horizons.
This book not only has a comprehensive theoretical system, which can help readers build a three-dimensional understanding of automobile and network security; it also provides specific practical guidance, summarizing various methods and means of automobile network security attack and defense for readers. . The whole book contains a large number of cases, models and hundreds of diagrams. You can understand it after reading it and use it after learning it!
Suitable for reading:
- Students majoring in network security related majors
- Beginners in network security, college teachers
- Enterprise Network Security Engineer
- Other organizations or individuals who have basic computer knowledge and are interested in network security attack and defense
- Practitioners and enthusiasts interested in the field of smart car security.
- CTF enthusiasts
Book donation lottery rules:
- 2 books are given away this time
- Activity time: Until 2023-11-22
- Participation method: follow the blogger, like, collect and comment as you like
PS: Comments with more than 20 words will be selected based on the number of likes in the comments- Add one book if the reading volume exceeds 2k (the final book will be given out according to the reading volume. If the reading volume does not meet the standard, it will be given out according to the actual amount)
PS: The fan base after the winner list event is over and comment area announcement
List of winners in the last issue:七弦づ and jjzx_zh and Picturej Those who did not win can participate in this issue !
