Con la cámara de tu teléfono celular: escanea el siguiente código y descarga la app de Kindle.
The Art of Attack: Attacker Mindset for Security Professionals Pasta blanda – 10 agosto 2021
Mejora tu compra
Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers
In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker.
The book shows you the laws of the mindset and the techniques attackers use, from persistence to "start with the end" strategies and non-linear thinking, that make them so dangerous. You'll discover:
- A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques
- The unique tells and signs of an attack and how to avoid becoming a victim of one
- What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against
Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker.
Descripción del producto
Elevate your ethical social engineering and hacking skills with a proven set of techniques
Unethical social engineers use deception to manipulate people into doing things contrary to their best interests. Whether this means attempting to discover passwords or gaining access to data, assets or physical locations, they use dishonest techniques to their benefit. Ethical social engineers and hackers, on the other hand, are paid by companies to use social engineering and attacker mindset (AMs) to legitimately probe systems, processes, and people for weaknesses so those vulnerabilities can be addressed, and future damages prevented.
In The Art of Attack, accomplished social engineer and physical pentester Maxie Reynolds delivers an inside look at the attacker mindset, how best to use it and how to defend against it. The book explores the principles of the attacker mindset, including where to start an attack, persistence, non-linear thinking, observation techniques as well as the skills and laws of the mindset. It delves into processes, how to engage in reconnaissance and privilege escalation, and how to obtain redundant access, all without being detected.
The Art of Attack is an invaluable resource for social engineers, pentesters, red teams and anyone in cybersecurity. You'll discover how to:
- Discover strategic tools you need to build your attacker mindset, including attack formation, process, recon, and more.
- Utilize the skills and laws of attacker mindset.
- Detect the unique tells of an attack and how to avoid becoming a victim of one.
Biografía del autor
MAXIE REYNOLDS is Technical Team Lead for Social-Engineer, LLC leading their efforts as a physical pentester and social engineer. She is a certified Ethical Hacker, Digital Forensic Investigator, and Social Engineer. She holds degrees in Computer Science, Underwater Robotics, and is qualified in Quantum Computing. She has worked as a physical pentester for banks, transport agencies, and other industries.
Detalles del producto
- Editorial : Wiley (10 agosto 2021)
- Idioma : Inglés
- Pasta blanda : 304 páginas
- ISBN-10 : 1119805465
- ISBN-13 : 978-1119805465
- Dimensiones : 15.24 x 1.75 x 22.86 cm
- Clasificación en los más vendidos de Amazon: nº106,418 en Libros (Ver el Top 100 en Libros)
- nº1,068 en Motivación Empresarial (Libros)
- nº2,961 en Computadoras, Internet y Medios Digitales en Idiomas Extranjeros (Libros)
- nº6,451 en Computadoras y Tecnología (Libros)
- Opiniones de los clientes:
Opiniones de clientes
Mejores reseñas de otros países
As Sun Tzu said :
Know the enemy and know yourself in a hundred battles you will never be in peril. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are certain in every battle to be in peril.
This book follow this approach.
Just one small concern: Sometimes, if you are not familiar with Security and social engineering terms, you should be quite confused but if you take enough time to double check all definition provided in this book, you can overcome that point.
While primarily for those in IT. Ms. Reynolds' book contains insight into often overlooked topics critical to those involved in cybersecurity. Part social engineering, part neurophysiology, part hacking, and totally necessary. The synergy is enveloping and captivating. I finished the first pass of this book with multiple Gestalt moments. The second read solidified the unique and impressive nature of its contents.
Apologies to Maxie for the late review. I purchased the Kindle version since the paperback wasn't available in July. I wanted to see how practical some of her concepts applied to real world use cases. "Stunning" sometimes seems cliche, but it applies here.
When not immersed in academia, I hack for fun and profit. I wish she had written the book while I was getting my Masters (Digital Forensics). But, fortunately, I've now been able to incorporate some of her thoughts into the literature review for my Ph.D. dissertation.
It is a book that I've already read once more for the novel-like aspects of it, but I'll have to read it again to extract the techniques and salient points of the life of a social engineer. Yes, it reads almost like a novel that you'll likely read twice to then extract the 'how-to' aspects of it. Far too many books talk about theory or the science but Maxie has brilliantly incorporated those along with the practical applications and the limits of those theories. I just love how she made a novel, how-to, and cognitive science book all in one.
The details provided in the engagements she describes made me feel like I was right there with her and provides the novel-like experience. This is definitely one of the top 2 books I've read on cybersecurity. I will make this required reading for classes I teach on topics of information assurance and ethical hacking. More than that, have it be the center of discussions. I do believe this will become a classic book in cybersecurity literature.
Maxie's conversational approach of storytelling and education is exactly what I like to see in books. Give me something I can experience mentally and trick me into learning.
Her use of humor (as well as the self-beneficial concerns about a company's security) makes reading this book easy and friendly.
I will have to read this again to solidify this new newfound knowledge.