About the Book
Have you wondered how hackers and nation-states gain access to confidential information on some of the most protected systems and networks in the world? Where did they learn these techniques and how do they refine them to achieve their objectives? How do I get started in a career in cyber and get hired? We will discuss and provide examples of some of the nefarious techniques used by hackers and cover how attackers apply these methods in a practical manner.
The Hack Is Back is tailored for both beginners and aspiring cybersecurity professionals to learn these techniques to evaluate and find risks in computer systems and within networks. This book will benefit the offensive-minded hacker (red-teamers) as well as those who focus on defense (blue-teamers). This book provides real-world examples, hands-on exercises, and insider insights into the world of hacking, including:
Hacking our own systems to learn security tools
Evaluating web applications for weaknesses
Identifying vulnerabilities and earning CVEs
Escalating privileges on Linux, Windows, and within an Active Directory environment
Deception by routing across the TOR network
How to set up a realistic hacking lab
Show how to find indicators of compromise
Getting hired in cyber!
This book will give readers the tools they need to become effective hackers while also providing information on how to detect hackers by examining system behavior and artifacts. By following the detailed and practical steps within these chapters, readers can gain invaluable experience that will make them better attackers and defenders. The authors, who have worked in the field, competed with and coached cyber teams, acted as mentors, have a number of certifications, and have tremendous passions for the field of cyber, will demonstrate various offensive and defensive techniques throughout the book.
Table of Contents:
1. Hacking and Securing Your Operating System, 2. Update and Change Defaults, or Else!, 3. Web Application Hacking and Defense, 4. Obfuscation, Deception, and Detection, 5. Vulnerability Identification, 6. Exploitation and Reverse Shells, 7. Privilege Escalation and Persistence, 8. Data Exfiltration Leakage (Pwned), 9. Am I Hacked? How Do I Tell?, 10. A Career in Cyber
About the Author :
Jesse Varsalone is an Associate Professor of Cybersecurity Technology and the coach for the Cyber Team at University of Maryland University Global Campus. Jesse has been teaching Cyber Security related courses for 24 years, and has been teaching for a total of 30 years, Jesse has taught at undergraduate and graduate level at a number of colleges and universities including University of Maryland Global Campus, the Community College of Baltimore County, the Computer Career Institute at Johns Hopkins, UMBC Training Center, Champlain College, and Stevenson University. He also taught as a DoD contractor for 5 years at the Defense Cyber Investigations Training Academy (DCITA) where he taught courses as a Forensics and Intrusions in a Windows Environment, Network Exploitation Techniques, and Live Network Investigations.
Jesse holds several certifications in the IT field, including A+, CISSP, CEH, Cloud+, CYSA+, Linux+, Net+, Pentest+, Security+, and Server+. Jesse has spoken at several conferences including many of the DoD Cyber Crime Conferences. He was a member of the Red Team for several years on the Mid-Atlantic College Cyber Defense Competition. He has a master's degree from the University of South Florida (Tampa, FL), and a bachelor’s from George Mason University (Fairfax VA). Jesse has written and contributed to several publications, including Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It by.
Jesse also wrote the entire series of labs for Security+, Ethical Hacking, Forensics, and Network Security for NDG's netlab. Jesse lives with his sons Mason and Levi, and daughter Kayla in Ellicott City Maryland in Howard County Maryland.
Christopher Haller is an accomplished cybersecurity expert with over 13 years of experience in Information Technology. Chris’s background includes work with the US Navy’s Cyber Defense Operations Command, Cyber Threat Intelligence, and Penetration Testing. His work has resulted in over a dozen CVEs, as well as mentorship and development of junior hackers. Chris is also the Red vs Blue Coach for the US Cyber Team, a machine creator for HackTheBox, and analysis online. Chris is certified as GIAC Security Expert #329, and also holds the CISSP, GXPN, GCPN, GPEN, GCIH, GWAPT, GICSP, GNFA, CASP+, Net+, Sec+, and more.
