使用rust编程语言深入研究攻击性安全-抢先体验-Rust开发

  • l6_615962
    了解作者
  • 694.8KB
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • VIP专享
    资源类型
  • 0
    下载次数
  • 2022-05-14 03:57
    上传日期
使用锈编程语言深入研究进攻性安全-抢先体验Black Hat Rust-抢先使用Rust编程语言深入研究进攻性安全立即购买本书! 总结无论是在电影中还是在主流媒体中,黑客都经常被浪漫化:他们被描绘成黑魔法师,讨厌的罪犯,或者在最坏的情况下被描绘成带有头巾和撬棍的小偷。 实际上,从无聊的少年探索互联网到主权国家的军队以及
black-hat-rust-main.zip
内容介绍
<p align="center"> <a href="https://academy.kerkour.com/black-hat-rust?coupon=GITHUB" target="_blank" rel="noopener" rel='nofollow' onclick='return false;'></a> <h1 align="center">Black Hat Rust - Early Access</h1> <h3 align="center">Deep dive into offensive security with the Rust programming language</h3> <h3 align="center"> <a href="https://academy.kerkour.com/black-hat-rust?coupon=GITHUB" rel='nofollow' onclick='return false;'>Buy the book now!</a> </h3> </p> ## Summary Whether in movies or mainstream media, hackers are often romanticized: they are painted as black magic wizards, nasty criminals, or, in the worst cases, as thieves with a hood and a crowbar. In reality, the spectrum of the profile of the attackers is extremely large, from the bored teenager exploring the internet to sovereign State's armies as well as the unhappy former employee. What are the motivations of the attackers? How can they break seemingly so easily into any network? What do they do to their victims? We will put on our black hat and explore the world of offensive security, whether it be cyber attacks, cybercrimes, or cyberwar. Scanners, exploits, phishing toolkit, implants... From theory to practice, we will explore the arcane of offensive security and build our own offensive tools with the Rust programming language, Stack Overflow's most loved language for five years in a row. The security programming field is defined by its extremely large scope (from shellcodes to servers and web apps). Rust is the long-awaited one-size-fits-all programming language meeting all those requirements thanks to its unparalleled guarantees and feature set. Here is why. <!-- Rust is turning a new page in the history of programming languages by providing unparalleled guarantees and features, whether it be for defensive or offensive security. I will venture to say that Rust is the long awaited one-size-fits-all programming language. Here is why. --> Free Updates and DRM Free, of course :) ## Who this book is for This is NOT a 1000th tutorial about sqlmap and Metasploit, nor will it teach you the fundamentals of programming. Instead, it's a from-theory-to-practice manual and you may enjoy it if any of the following: - You keep screaming "show me the code!" when reading about cyber attacks and malwares - You want to learn real-world and idiomatic rust practices - You believe that the best defense is thinking like an attacker - You learn by building and love to look under the hood - You develop your own tools and exploits with Python, Ruby, C, Java... - You want to learn real-world offensive security, not just pentesting - You want to start your career in bug bounties or offensive security <h3> <a href="https://academy.kerkour.com/black-hat-rust?coupon=GITHUB" rel='nofollow' onclick='return false;'>Buy the book now!</a> </h3> ## Early access As of today, the book is a work in progress. It is available in the context of an Early Access program which means that the chapters will be sent to you as soon as they are written, and feedback is very much appreciated. estimated final publication: **July 2021** estimated number of pages: **~320** **In order to thank all the people who will help me make this book a reality, all early access buyers will also receive the following bonus:** * **A curated list of advanced malware analyses. You will find inside great inspiration when developing your own offensive tools.** <h3> <a href="https://academy.kerkour.com/black-hat-rust?coupon=GITHUB" rel='nofollow' onclick='return false;'>Buy the book now!</a> </h3> ## Table of contents #### 1 - Introduction <span title="available">✅</span> ### Part I: Reconnaissance #### 2 - Multi-threaded attack surface discovery <span title="partially available">✅🕒</span> How to perform effective reconnaissance? In this chapter, we will build a multi-threaded scanner in order to automate the mapping of the target. #### 3 - Going full speed with async <span title="coming soon">🕒</span> Unfortunately, when a program spends most of its time in I/O operations, multi-threading is not a panacea. We will learn how async makes Rust code really, really fast and refactor our scanner to async code. #### 4 - Adding modules with Trait objects <span title="coming soon">🕒</span> We will add more heterogeneous modules to our scanner and will learn how Rust's type system helps create properly designed large software projects. #### 5 - Crawling the web for OSINT <span title="coming soon">🕒</span> Leveraging all we learned previously, we will build an extremely fast web crawler to help us find the needles in the haystack the web is. ### Part II: Exploitation #### 6 - Finding vulnerabilities with Fuzzing <span title="coming soon">🕒</span> Once the external reconnaissance performed, it's time to find entry points. In this chapter we will learn how automated fuzzing can help us to find vulnerabilities that can be exploited to then gain access to our target's systems. #### 7 - Exploit development <span title="coming soon">🕒</span> Rust may not be as fast as python when it comes to iterating on quick scripts such as exploits, but as we will see, its powerful type and modules system make it nonetheless a weapon of choice. #### 8 - Writing shellcodes in Rust <span title="coming soon">🕒</span> Shellcode development is an ungrateful task. Writing assembly by hand is definitely not sexy. Fortunately for us, Rust, one more time, got our back! In this chapter we will learn how to write shellcodes in plain Rust with no_std. #### 9 - Phishing with WebAssembly <span title="coming soon">🕒</span> When they can't find exploitable hardware or software vulnerability, attackers usually fall back to what is often the weakest link in the chain: Humans. Again, Rust comes handy and will let us create advanced phishing pages by compiling to WebAssembly. ### Part III: Implant development #### 10 - A modern RAT <span title="coming soon">🕒</span> A RAT (for Remote Access Tool), also known as implant or beacon, is a kind of software used to perform offensive operations on a target's machines. In this chapter we will build our own RAT communicating to a remote server and database. #### 11 - Securing communications with end-to-end encryption <span title="coming soon">🕒</span> The consequences of our own infrastructure being compromised or seized can be disastrous. We will add end-to-end encryption to our RAT's communication in order to secure its communications and avoid leaving traces on our servers. #### 12 - Going multi-platforms <span title="coming soon">🕒</span> Today's computing landscape is extremely fragmented. From Windows to macOS, we can't target only one Operating System to ensure the success of our operations. In this section we will see how Rust's ecosystem is extremely useful when it comes to cross-compilation. #### 13 - Turning into a worm to increase reach <span title="coming soon">🕒</span> Once the initial targets compromised, we will capitalize on Rust's excellent reusability to incorporate some parts of our initial scanner to turn our RAT into a worm and reach more targets only accessible from the target's internal network. <h3> <a href="https://academy.kerkour.com/black-hat-rust?coupon=GITHUB" rel='nofollow' onclick='return false;'>Buy the book now!</a> </h3> ## Community Hey! Welcome you to the Black Hat Rustaceans gang! If you think something in the book or the code can be improved, please [open an issue](https://github.com/skerkour/black-hat-rust/issues). Pull requests are also welcome :) If you have any questions or ideas, feel free to [join the discussion on the Forum](https://github.com/skerkour/black-hat-rust/discussions)! ## Newsletter Want to stay updated? I'll write you once a week about avoiding complexity, hacking, and entrepreneurship. **https://kerkour.com/subscribe** *I hate spam even more than you do. I'll never share your email, and you can unsubscribe at anytime. Also, there is no tracking or ads.* ## Changelog You'll find all the updates in t
评论
    相关推荐
    • rusti:Rust编程语言的REPL
      rusti:Rust编程语言的REPL
    • learn-rust, 帮助我学习 Rust 编程语言的项目.zip
      learn-rust, 帮助我学习 Rust 编程语言的项目 通过面试问题学习 Rust这个reposity是我第一次认真尝试学习 Rust的产品。我没有一个特别的probem来处理,所以我使用了工作面试编码问题在互联网上找到。 特别是,"黑了...
    • 用于Rust编程语言的GLFW绑定和包装器。-Rust开发
      glfw-rs Rust编程语言的GLFW绑定和包装。 示例extern crate glfw; 使用glfw :: {Action,Context,Key}; fn main(){le glfw-rs Rust编程语言的GLFW绑定和包装。 示例extern crate glfw; 使用glfw :: {Action,...
    • learning-rust:通过rust编程语言pdf进行工作
      学习锈 这是处理rust文档.pdf的回购
    • rust-koans:Rust编程语言的Koans
      鲁斯特·科恩斯(Rust Koans) 结构 koans按文件划分为多个区域,arrays.rs中覆盖了数组,booleans.rs中引入了布尔值,等等。它们在path_to_enlightenment.rs文件中按顺序显示。 每个koan都会建立您对Rust的知识并...
    • 图书:Rust编程语言
      Rust编程语言 该存储库包含“ The Rust Programming Language”这本书的源代码。 。 您还可以免费在线阅读该书。 请参阅该书随附的最新, 或Rust版本。 请注意,这些版本中的问题可能已经在此存储库中修复,因为...
    • the-book:Rust编程语言代码
      通用编程概念 3.1。变量与可变性 3.2。资料类型 3.3。功能 3.4。评论 3.5。控制流 4.了解所有权 4.1。什么是所有权? 4.2。参考和借阅 4.3。切片类型 5.使用结构来构造相关数据 5.1。定义和实例化结构 5.2。使用...
    • learning-rust:此仓库用于学习rust编程语言
      learning-rust:此仓库用于学习rust编程语言
    • Rust编程语言的惯用语intify包装器。-Rust开发
      inotify-rs Rust编程语言的惯用语inotify包装器。 木箱化 inotify-rs Rust编程语言的惯用语inotify包装器。 木箱化 使用std :: env; 使用inotify :: {EventMask,WatchMask,Inotify,}; fn main(){let mut ...
    • GaussDB_100_1.0.1-DATABASE-REDHAT-64bit.tar.gz
      guassdb100在redhat上安装包,单机部署的包,安装步骤请看我的文中介绍,经过大量实验搭建总结出来的文档