Contents of This Book

This book is divided into two parts. Part I covers several commonly used open source security tools and shows you how to leverage existing well-known and reliable network security tools to solve your network security problems. Here's a summary of what we cover:

Chapter 1, Writing Plug-ins for Nessus

Nessus is the most popular vulnerability scanner available today. It is also open source and free. This chapter demonstrates not only how to use Nessus, but also how to write plug-ins to enable it to scan for new vulnerabilities.

Chapter 2, Developing Dissectors and Plug-ins for the Ettercap Network Sniffer

Ettercap is a popular network sniffer that also is free and open source. Its plug-in functionality is one of the most robust available. In fact, quite a few plug-ins for this sniffer are available that perform a variety of useful tasks, such as detecting other sniffers on the network and collecting data such as passwords that are being passed around the network. This chapter explains how to write plug-ins for this most powerful scanner to look for specific data on the network, as well as other useful tricks.

Chapter 3, Extending Hydra and Nmap

Many security tools do not use a plug-in architecture, and therefore cannot be trivially extended. This chapter discusses how to extend the commonly used nonplug-in tool, Hydra, a tool for performing brute force testing against passwords, to support an additional protocol. It also discusses how to create binary signatures for Nmap that use a signature database for expansion.

Chapter 4, Writing Plug-ins for the Nikto Vulnerability Scanner

Nikto is a free, open source, and popular web vulnerability scanner that uses the well-known libwhisker library to operate. This chapter teaches you how to extend Nikto to find new vulnerabilities that might exist with external web applications and servers, or even within a company's custom-built web application.

Chapter 5, Writing Modules for the Metasploit Framework

The Metasploit Framework is a freely available framework for writing and testing network security exploits. This chapter explores how to develop exploits for the framework, as well as how to use the framework for more general security purposes.

Chapter 6, Extending Code Analysis to the Webroot

Source code analysis tools exist for languages such as Java. However, such tools for web applications are lacking. This chapter demonstrates how to implement web application-specific rules for the review of J2EE applications using the PMD tool.

Part II describes approaches to writing custom Linux kernel modules, web application vulnerability identification and exploitation tools, packet sniffers, and packet injectors. All of these can be useful features in network security tools, and in each case an approach or toolset is introduced to guide readers in integrating these capabilities into their own custom security tools.

Chapter 7, Fun with Linux Kernel Modules

Linux security starts at the kernel level. This chapter discusses how to write Linux kernel modules and explains to readers what they can achieve at the kernel level, as well as how kernel-level rootkits achieve some of the things they do.

Chapter 8, Developing Web Assessment Tools and Scripts

Effective tools for hacking web applications must be able to adequately adapt to the custom applications they can be run against. This chapter discusses how to develop scripts in Perl that can be used to dynamically detect and identify vulnerabilities within custom web applications.

Chapter 9, Automated Exploit Tools

Tools for exploiting web application issues must leverage access to application databases and operating systems. This chapter demonstrates techniques for creating tools that show what can be done with web application vulnerabilities.

Chapter 10, Writing Network Sniffers

Observing network traffic is an important capability of many security tools. The most common toolset used for network sniffing is libpcap. This chapter discusses how libpcap works, and demonstrates how you can use it in your own tools where intercepting network traffic is needed. We also discuss network sniffing in both wired and wireless situations.

Chapter 11, Writing Packet-Injection Tools

Packet injectors are required in scenarios where the ability to generate custom or malformed network traffic is needed to test network services. Several tools exist to perform such testing. In this chapter we discuss and demonstrate use of the libnet library and airjack driver for packet creation. We also discuss packet injection in both wired and wireless situations.