Windows APT Warfare. Identify and prevent Windows APT attacks effectively

Sheng-Hao Ma, Ziv Chang, Federico Maggi

An Advanced Persistent Threat (APT) is a severe form of cyberattack that lies low in the system for a prolonged time and locates and then exploits sensitive information. Preventing APTs requires a strong foundation of basic security techniques combined with effective security monitoring. This book will help you gain a red team perspective on exploiting system design and master techniques to prevent APT attacks. Once you’ve understood the internal design of operating systems, you’ll be ready to get hands-on with red team attacks and, further, learn how to create and compile C source code into an EXE program file. Throughout this book, you’ll explore the inner workings of how Windows systems run and how attackers abuse this knowledge to bypass antivirus products and protection.As you advance, you’ll cover practical examples of malware and online game hacking, such as EXE infection, shellcode development, software packers, UAC bypass, path parser vulnerabilities, and digital signature forgery, gaining expertise in keeping your system safe from this kind of malware.By the end of this book, you’ll be well equipped to implement the red team techniques that you've learned on a victim's computer environment, attempting to bypass security and antivirus products, to test its defense against Windows APT attacks.

Windows Forensics Cookbook. Over 60 practical recipes to acquire memory data and analyze systems with the latest Windows forensic tools

Scar de Courcier, Oleg Skulkin

Windows Forensics Cookbook provides recipes to overcome forensic challenges and helps you carry out effective investigations easily on a Windows platform. You will begin with a refresher on digital forensics and evidence acquisition, which will help you to understand the challenges faced while acquiring evidence from Windows systems. Next you will learn to acquire Windows memory data and analyze Windows systems with modern forensic tools. We also cover some more in-depth elements of forensic analysis, such as how to analyze data from Windows system artifacts, parse data from the most commonly-used web browsers and email services, and effectively report on digital forensic investigations. You will see how Windows 10 is different from previous versions and how you can overcome the specific challenges it brings. Finally, you will learn to troubleshoot issues that arise while performing digital forensic investigations. By the end of the book, you will be able to carry out forensics investigations efficiently.

Windows Malware Analysis Essentials. Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill set

Victor Marak

Windows Ransomware Detection and Protection. Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender

Marius Sandbu

If you’re looking for an effective way to secure your environment against ransomware attacks, this is the book for you. From teaching you how to monitor security threats to establishing countermeasures to protect against ransomware attacks, Windows Ransomware Detection and Protection has it all covered.The book begins by helping you understand how ransomware attacks work, identifying different attack vectors, and showing you how to build a secure network foundation and Windows environment. You’ll then explore ransomware countermeasures in different segments, such as Identity and Access Management, networking, Endpoint Manager, cloud, and infrastructure, and learn how to protect against attacks. As you move forward, you’ll get to grips with the forensics involved in making important considerations when your system is attacked or compromised with ransomware, the steps you should follow, and how you can monitor the threat landscape for future threats by exploring different online data sources and building processes.By the end of this ransomware book, you’ll have learned how configuration settings and scripts can be used to protect Windows from ransomware attacks with 50 tips on security settings to secure your Windows workload.

Windows Server 2016 Security, Certificates, and Remote Access Cookbook. Recipe-based guide for security, networking and PKI in Windows Server 2016

Jordan Krause

Windows Server 2016 is an operating system designed to run on today’s highly performant servers, both on-premise and in the cloud. It supports enterprise-level data storage, communications, management, and applications. This book builds off a basic knowledge of the Windows Server operating system, and assists administrators with taking the security of their systems one step further. You will learn tips for configuring proper networking, especially on multi-homed systems, and tricks for locking down access to your servers.Then you will move onto one of the hottest security topics of the year – certificates. You will learn how to build your own PKI, or how to better administer one that you already have. You will publish templates, issue certificates, and even configure autoenrollment in your network.When we say “networking” we don’t only mean inside the LAN. To deal safely with mobile devices, you will learn about the capabilities of Windows Server 2016 for connecting these assets securely back into the corporate network, with information about DirectAccess and VPN. The material in the book has been selected from the content of Packt's Windows Server 2016 Cookbook by Jordan Krause to provide a specific focus on these key Windows Server tasks.

Windows Server 2022 Administration Fundamentals. A beginner's guide to managing and administering Windows Server environments - Third Edition

Bekim Dauti

This third edition gets you up and running with Windows Server 2022, Microsoft's new server operating system, as part of the Windows NT family of operating systems, developed concurrently with Windows 10, version 21H2.The book begins by introducing computer networking and Windows Server concepts, gradually moving towards Windows Server 2022. With the help of step-by-step instructions and easy-to-understand graphics, you’ll become well versed with the roles, features, and functionalities of Windows Server 2022. Topics such as the installation process, upgrades, post-installation tasks, and initial server configuration are covered in detail. As you make progress, you’ll explore roles, features, and role services such as Active Directory, DNS, Hyper-V, remote access, storage, and printers, among others. The book then takes you through maintenance and troubleshooting tasks to guide you in efficiently managing Windows Server 2022. Finally, by working with numerous questions in each chapter and detailed answers at the end, you can test your understanding of the concepts covered.By the end of this Windows Server book, you’ll be equipped with the knowledge needed to update, maintain, and troubleshoot servers to ensure business continuity by relying on best practices and using step-by-step graphic-driven examples.

Wireshark 2 Quick Start Guide. Secure your network through protocol analysis

Charit Mishra

Wireshark is an open source protocol analyser, commonly used among the network and security professionals. Currently being developed and maintained by volunteer contributions of networking experts from all over the globe. Wireshark is mainly used to analyze network traffic, analyse network issues, analyse protocol behaviour, etc. - it lets you see what's going on in your network at a granular level. This book takes you from the basics of the Wireshark environment to detecting and resolving network anomalies.This book will start from the basics of setting up your Wireshark environment and will walk you through the fundamentals of networking and packet analysis. As you make your way through the chapters, you will discover different ways to analyse network traffic through creation and usage of filters and statistical features. You will look at network security packet analysis, command-line utilities, and other advanced tools that will come in handy when working with day-to-day network operations.By the end of this book, you have enough skill with Wireshark 2 to overcome real-world network challenges.

Wireshark Essentials. Get up and running with Wireshark to analyze network packets and protocols effectively

James H. Baxter, James H Baxter