The Art of Attack: Attacker Mindset for Security Professionals
- Length: 304 pages
- Edition: 1
- Language: English
- Publisher: Wiley
- Publication Date: 2021-08-10
- ISBN-10: 1119805465
- ISBN-13: 9781119805465
- Sales Rank: #1220123 (See Top 100 Books)
Take on the perspective of an attacker with this insightful new resource for ethical hackers, pentesters, and social engineers
In The Art of Attack: Attacker Mindset for Security Professionals, experienced physical pentester and social engineer Maxie Reynolds untangles the threads of a useful, sometimes dangerous, mentality. The book shows ethical hackers, social engineers, and pentesters what an attacker mindset is and how to and how to use it to their advantage. Adopting this mindset will result in the improvement of security, offensively and defensively, by allowing you to see your environment objectively through the eyes of an attacker.
The book shows you the laws of the mindset and the techniques attackers use, from persistence to “start with the end” strategies and non-linear thinking, that make them so dangerous. You’ll discover:
- A variety of attacker strategies, including approaches, processes, reconnaissance, privilege escalation, redundant access, and escape techniques
- The unique tells and signs of an attack and how to avoid becoming a victim of one
- What the science of psychology tells us about amygdala hijacking and other tendencies that you need to protect against
Perfect for red teams, social engineers, pentesters, and ethical hackers seeking to fortify and harden their systems and the systems of their clients, The Art of Attack is an invaluable resource for anyone in the technology security space seeking a one-stop resource that puts them in the mind of an attacker.
Cover Table of Contents Title Page Copyright About the Author Acknowledgments Introduction Who Is This Book For? What This Book Covers Part I: The Attacker Mindset Chapter 1: What Is the Attacker Mindset? Using the Mindset The Attacker and the Mindset AMs Is a Needed Set of Skills Summary Chapter 2: Offensive vs. Defensive Attacker Mindset The Offensive Attacker Mindset Defensive Attacker Mindset Summary Chapter 3: The Attacker Mindset Framework Development Ethics Social Engineering and Security Summary Chapter 4: The Laws Law 1: Start with the End in Mind Law 2: Gather, Weaponize, and Leverage Information Law 3: Never Break Pretext Law 4: Every Move Made Benefits the Objective Summary Part II: The Laws and Skills Chapter 5: Curiosity, Persistence, and Agility Curiosity The Exercise: Part 1 The Exercise: Part 2 Persistence Skills and Common Sense Summary Chapter 6: Information Processing: Observation and Thinking Techniques Your Brain vs. Your Observation Observation vs. Heuristics Observation vs. Intuition Observing People Observation Exercise AMs and Observation Tying It All Together Critical and Nonlinear Thinking Vector vs. Arc Education and Critical Thinking Workplace Critical Thinking Critical Thinking and Other Psychological Constructs Nonlinear Thinking Tying Them Together Summary Chapter 7: Information Processing in Practice Reconnaissance Recon: Passive Recon: Active OSINT Signal vs. Noise Summary Part III: Tools and Anatomy Chapter 8: Attack Strategy Attacks in Action Strategic Environment The Necessity of Engagement and Winning The Attack Surface AMs Applied to the Attack Vectors Summary Chapter 9: Psychology in Attacks Setting The Scene: Why Psychology Matters Ego Suspension, Humility & Asking for Help Introducing the Target‐Attacker Window Model Target Psychology Thin‐Slice Assessments Default to Truth Summary Part IV: After AMs Chapter 10: Staying Protected—The Individual Attacker Mindset for Ordinary People Behavioral Security Amygdala Hijacking Analyze Your Attack Surface Summary Chapter 11: Staying Protected—The Business Testing and Red Teams The Complex Policy Antifragile The Full Spectrum of Crises Final Thoughts Summary Index End User License Agreement
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.