Books published by Syngress Media,U.S.

Open source intelligence (OSINT) and web reconnaissance are rich topics for infosec professionals seeking to find the best ways to sift through the abundance of information widely available online. In many cases, the first stage of any security assessment, i.e. Reconnaissance, is not given enough attention by security professionals, hackers and penetration testers. Often, the information present openly is as critical as the confidential data. Hacking Web Intelligence dives deep into the technical aspects of information gathering and assembling it for actionable intelligence. . Hacking Web Intelligence shows you how to dig into the web and uncover the information many don't even know exists. The book takes a holistic approach that is not only about using tools to find information online but also how to link all the information and transform it into presentable and actionable intelligence. You will also learn how to secure your information online to prevent it being discovered by these reconnaissance methods. . Hacking Web Intelligence provides an in-depth technical reference covering the methods and techniques you need to unearth open source information from the Internet and utilize it for the purpose of targeted attack during a security assessment. This book will introduce you to many new and leading edge reconnaissance, information gathering, and open source intelligence methods and techniques, including metadata extraction tools, advanced search engines, advanced browsers, power searching methods, online anonymity tools such as TOR and i2p, OSINT tools such as Maltego, Shodan, Creepy, SearchDiggity, Recon-ng, Social Network Analysis (SNA), Darkweb/Deepweb, data visualization and much more.

How to Defeat Advanced Malware is a concise introduction to the concept of micro-virtualization. The book provides current facts and figures that prove detection- based security products have become ineffective. A simple strategy is then presented that both leverages the opportunities presented by Bring Your Own Device (BYOD) and protects enterprise end users against advanced malware. The book concludes with case studies demonstrating how hardware- isolated micro-VMs are helping Fortune 500 financial service providers defeat advanced malware. This book is primarily designed for infosec professionals, consultants, network administrators, CIO's, CTO's, CISO's and senior executives who work within the financial industry and are responsible for their company's endpoint protection. How to Defeat Advanced Malware: New Tools for Protection and Forensicsis the first book to compare and contrast current endpoint security products, while making a case for encouraging and facilitating the growth of BYOD and social media by adopting micro-virtualization.

Social engineering attacks target the weakest link in an organization's security--human beings. Everyone knows these attacks are effective, and everyone knows they are on the rise. Now, Social Engineering Penetration Testing gives you the practical methodology and everything you need to plan and execute a social engineering penetration test and assessment. You will gain fascinating insights into how social engineering techniques--including email phishing, telephone pretexting, and physical vectors-- can be used to elicit information or manipulate individuals into performing actions that may aid in an attack. Using the book's easy-to-understand models and examples, you will have a much better understanding of how best to defend against these attacks. The authors of Social Engineering Penetration Testing show you hands-on techniques they have used at RandomStorm to provide clients with valuable results that make a real difference to the security of their businesses. You will learn about the differences between social engineering pen tests lasting anywhere from a few days to several months. The book shows you how to use widely available open-source tools to conduct your pen tests, then walks you through the practical steps to improve defense measures in response to test results.

To reduce the risk of digital forensic evidence being called into question in judicial proceedings, it is important to have a rigorous methodology and set of procedures for conducting digital forensic investigations and examinations. This title presents the evidence-based cloud forensic framework.