[blog.rayfoo] » books

Reverse Engineering Code with IDA Pro

ray — Sun, 07 Nov 2010 14:27:01 +0000

Next book for reading: Reverse Engineering Code with IDA Pro. Hope this book helps get me up to speed on using IDA Pro along with some RE concepts!

[Google Books] [Syngress] [Amazon]

Visualizing Data (using Processing)

ray — Sun, 07 Nov 2010 14:05:42 +0000

Visualizing Data, by Ben Fry (O'Reilly)
[Amazon] [Google Books] [O'Reilly] [Google Search]

One of my interests has always been in data visualization (makes data more understandable, and is one step towards easier interaction with it). Chanced upon this book at the library today, certainly one thing I'd like to look into in more detail at a later point in time.

Why this book caught my interest was the fact that there was another book on such a topic in itself. Other than Applied Security Visualization by Raffael Marty, I've yet to chance upon anything else.

A quick browse of the book showed that it's very possible to use Processing (yet another good reason to take up this book: simple programming!) to implement many of the data visualization concepts. Though many people would say that this is "raw" and "slow" as compared to having a tool to do this simply and quickly, I'd say that doing it this way would certainly give the user a great understanding of the data visualization process itself. Furthermore, who's to say that Processing's not the tool itself! Also, the author has helpfully made the source code examples available online at his blog too.

Will keep this book in mind to look at later. Have other books to go through first... :}

Up and Coming: Detecting Malice

ray — Fri, 06 Nov 2009 13:22:18 +0000

Detecting Malice

Next book to read: RSnake's Detecting Malice e-book.

Every day hackers are stealing millions from websites and this is the book that will help you detect it happening on yours. Detecting Malice was written to help website administrators, developers, operations personelle and security product managers in building and maintaining a higher security posture. Understanding user intent is the cornerstone for reducing fraud ratios in modern web applications. From retail to government, this book covers many different realms of fraud and how to detect it at many different technical layers. From DNS and TCP to embedded content and browser fingerprinting techniques it is possible to identify users who are most likely to become dangerous often before it actually happens. A plethora of tools and techniques are all available to you within the 300+ pages of this book.

Available for only USD$39.95, and free future updates for this book too

Hacker’s Challenge 3 completed

ray — Sun, 04 Oct 2009 18:53:19 +0000

Just finished the Hacker's Challenge 3 book. Plenty learnt, and it also made me realize that there's so much I didn't know.

Out of the 20 challenges, the only two on application flaws were pretty easy to figure out (since I've been in that field for a while), but I still had no experience/idea in figuring out those with the network/human related flaws.

Gonna start by trying out some of the tools and log analyses mentioned in the book, but I think I'm going to need some hands-on practise (white-hat, of course) in order to learn faster.

You can't know what to protect, if you don't know how they might attack.
You probably won't know how they might attack, unless you've really tried it yourself.

Note to self: don't borrow more than two books at a time, you probably can't finish one within the first borrowing time period that they give you anyway...

[blog.rayfoo] » books

Reverse Engineering Code with IDA Pro

Visualizing Data (using Processing)

Up and Coming: Detecting Malice

Hacker’s Challenge 3 completed

More books to read!