This edition of “Grey Hat Hacking” builds upon the previous four editions by providing updated and expanded information on several key aspects of ethical hacking.
The book begins by outlining the differences between white hat, grey hat, and black hat hacking; the purpose and motives of each; and the legal implications surrounding white and grey hat hacking. The authors then outline several key security issues common with programming languages such as C and Python, as well as demonstrating how these issues are exploited at the machine language level. These concepts are explored further by explaining what fuzzing is and how it can be performed against applications to determine possible security flaws, and how to reverse engineer software to further exploit vulnerabilities. Wireless hacking concepts are described including software defined radio, along with the implications of this technology. The book explores the “business” of ethical hacking by outlining pentesting, red teaming, purple teaming, and bug bounty programs. Exploitation topics are considered such as capturing and cracking password hashes, and exploiting Linux, Windows, PowerShell, web applications, and even patches. The basics of malware analysis and IoT security are also covered.