دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Windows Security Internals with PowerShell Volume 1 (Early Access)
دانلود کتاب اینترنال های امنیتی ویندوز با PowerShell Volume 1 (دسترسی اولیه)
مشخصات کتاب
Windows Security Internals with PowerShell Volume 1 (Early Access)
ویرایش: [1, Early Access Edition]
نویسندگان: James Forshaw
سری:
ISBN (شابک) : 1718501994, 9781718501997
ناشر: No Starch Press
سال نشر: 2024
تعداد صفحات: 378
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 6 Mb
قیمت کتاب (تومان) : 30,000
در صورت تبدیل فایل کتاب Windows Security Internals with PowerShell Volume 1 (Early Access) به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب اینترنال های امنیتی ویندوز با PowerShell Volume 1 (دسترسی اولیه) نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی در مورد کتاب اینترنال های امنیتی ویندوز با PowerShell Volume 1 (دسترسی اولیه)
مهارت های امنیتی ویندوز خود را با راهنمایی های متخصص، بینش های فنی عمیق و ده ها نمونه آسیب پذیری در دنیای واقعی از مشهورترین محقق Google Project Zero تقویت کنید! اجزای اصلی سیستم را عمیقتر از همیشه یاد بگیرید و تجربه عملی را در بررسی سیستمهای امنیتی پیشرفته مایکروسافت با مزایای اضافه شده اسکریپتهای PowerShell به دست آورید. Windows Security Internals برای هر کسی که نیاز به درک پیادهسازیهای سطح پایین سیستم عامل ویندوز دارد، چه برای کشف آسیبپذیریهای جدید یا محافظت در برابر آسیبپذیریهای شناختهشده، ضروری است. توسعه دهندگان، توسعه دهندگان و محققان امنیتی همگی بینش بی نظیری از عناصر کلیدی و نقاط ضعف سیستم عامل پیدا خواهند کرد که حتی از اسناد رسمی مایکروسافت نیز پیشی می گیرد. نویسنده، جیمز فورشاو، از طریق نمونههای پاورشل بهدقت ساختهشده، آموزش میدهد که میتوان با آنها آزمایش و اصلاح کرد، از تجزیه و تحلیل امنیت منابع اولیه گرفته تا تکنیکهای پیشرفته مانند استفاده از احراز هویت شبکه. این مثالها به شما کمک میکند تا بهطور فعال رفتارهای سیستم را آزمایش و دستکاری کنید، بیاموزید که چگونه ویندوز فایلها و رجیستری را ایمن میکند، نحوه دسترسی سیستم به یک منبع را دوباره از ابتدا ایجاد کنید، یاد بگیرید که چگونه Windows احراز هویت را هم به صورت محلی و هم از طریق شبکه پیادهسازی میکند، و موارد دیگر. . شما همچنین طیف گسترده ای از موضوعات را بررسی خواهید کرد، مانند: معماری امنیتی ویندوز، شامل هسته و برنامه های کاربردی حالت کاربر، مانیتور مرجع امنیت ویندوز (SRM)، از جمله نشانه های دسترسی، پرس و جو و تنظیم توصیفگر امنیتی یک منبع، و دسترسی بررسی و ممیزی احراز هویت تعاملی ویندوز و ذخیرهسازی اعتبار در مدیریت حساب امنیتی (SAM) و مکانیسمهای اکتیو دایرکتوری پروتکلهای احراز هویت شبکه، از جمله NTLM و Kerberos در عصر حملات سایبری پیچیده به شبکههای ویندوز، تسلط بر مکانیسمهای امنیتی پیچیده سیستم عامل بسیار مهمتر است. از همیشه چه در برابر جدیدترین تهدیدات سایبری دفاع کنید یا در پیچیدگیهای معماری امنیتی ویندوز جستجو کنید، در تلاشهای خود برای پیمایش پیچیدگیهای چشمانداز امنیت سایبری امروزی، Windows Security Internals ضروری هستند.
توضیحاتی درمورد کتاب به خارجی
Power up your Windows security skills with expert guidance, in-depth technical insights, and dozens of real-world vulnerability examples from Google Project Zero’s most renowned researcher! Learn core components of the system in greater depth than ever before, and gain hands-on experience probing advanced Microsoft security systems with the added benefit of PowerShell scripts. Windows Security Internals is a must-have for anyone needing to understand the Windows operating system’s low-level implementations, whether to discover new vulnerabilities or protect against known ones. Developers, devops, and security researchers will all find unparalleled insight into the operating system’s key elements and weaknesses, surpassing even Microsoft’s official documentation. Author James Forshaw teaches through meticulously crafted PowerShell examples that can be experimented with and modified, covering everything from basic resource security analysis to advanced techniques like using network authentication. The examples will help you actively test and manipulate system behaviors, learn how Windows secures files and the registry, re-create from scratch how the system grants access to a resource, learn how Windows implements authentication both locally and over a network, and much more. You’ll also explore a wide range of topics, such as: Windows security architecture, including both the kernel and user-mode applications The Windows Security Reference Monitor (SRM), including access tokens, querying and setting a resource’s security descriptor, and access checking and auditing Interactive Windows authentication and credential storage in the Security Account Manager (SAM) and Active Directory Mechanisms of network authentication protocols, including NTLM and Kerberos In an era of sophisticated cyberattacks on Windows networks, mastering the operating system’s complex security mechanisms is more crucial than ever. Whether you’re defending against the latest cyber threats or delving into the intricacies of Windows security architecture, you’ll find Windows Security Internals indispensable in your efforts to navigate the complexities of today’s cybersecurity landscape.
فهرست مطالب
Title Page Copyright Dedication About the Author and Technical Reviewer Foreword Acknowledgments Introduction Who Is This Book For? What Is in This Book? PowerShell Conventions Used in This Book Getting in Touch Part I: An Overview of the Windows Operating System 1. Setting Up a Powershell Testing Environment Choosing a PowerShell Version Configuring PowerShell An Overview of the PowerShell Language Understanding Types, Variables, and Expressions Executing Commands Discovering Commands and Getting Help Defining Functions Displaying and Manipulating Objects Filtering, Ordering, and Grouping Objects Exporting Data Wrapping Up 2. The Windows Kernel The Windows Kernel Executive The Security Reference Monitor The Object Manager Object Types The Object Manager Namespace System Calls NTSTATUS Codes Object Handles Query and Set Information System Calls The Input/Output Manager The Process and Thread Manager The Memory Manager NtVirtualMemory Commands Section Objects Code Integrity Advanced Local Procedure Call The Configuration Manager Worked Examples Finding Open Handles by Name Finding Shared Objects Modifying a Mapped Section Finding Writable and Executable Memory Wrapping Up 3. User-Mode Applications Win32 and the User-Mode Windows APIs Loading a New Library Viewing Imported APIs Searching for DLLs The Win32 GUI GUI Kernel Resources Window Messages Console Sessions Comparing Win32 APIs and System Calls Win32 Registry Paths Opening Keys Listing the Registry’s Contents DOS Device Paths Path Types Maximum Path Lengths Process Creation Command Line Parsing Shell APIs System Processes The Session Manager The Windows Logon Process The Local Security Authority Subsystem The Service Control Manager Worked Examples Finding Executables That Import Specific APIs Finding Hidden Registry Keys or Values Wrapping Up Part II: The Windows Security Reference Monitor 4. Security Access Tokens Primary Tokens Impersonation Tokens Security Quality of Service Explicit Token Impersonation Converting Between Token Types Pseudo Token Handles Token Groups Enabled, EnabledByDefault, and Mandatory LogonId Owner UseForDenyOnly Integrity and IntegrityEnabled Resource Device Groups Privileges Sandbox Tokens Restricted Tokens Write-Restricted Tokens AppContainer and Lowbox Tokens What Makes an Administrator User? User Account Control Linked Tokens and Elevation Type UI Access Virtualization Security Attributes Creating Tokens Token Assignment Assigning a Primary Token Assigning an Impersonation Token Worked Examples Finding UI Access Processes Finding Token Handles to Impersonate Removing Administrator Privileges Wrapping Up 5. Security Descriptors The Structure of a Security Descriptor The Structure of a SID Absolute and Relative Security Descriptors Access Control List Headers and Entries The Header The ACE List Constructing and Manipulating Security Descriptors Creating a New Security Descriptor Ordering the ACEs Formatting Security Descriptors Converting to and from a Relative Security Descriptor The Security Descriptor Definition Language Worked Examples Manually Parsing a Binary SID Enumerating SIDs Wrapping Up 6. Reading and Assigning Security Descriptors Reading Security Descriptors Assigning Security Descriptors Assigning a Security Descriptor During Resource Creation Assigning a Security Descriptor to an Existing Resource Win32 Security APIs Server Security Descriptors and Compound ACEs A Summary of Inheritance Behavior Worked Examples Finding Object Manager Resource Owners Changing the Ownership of a Resource Wrapping Up 7. The Access Check Process Running an Access Check Kernel-Mode Access Checks User-Mode Access Checks The Get-NtGrantedAccess PowerShell Command The Access Check Process in PowerShell Defining the Access Check Function Performing the Mandatory Access Check Performing the Token Access Check Performing the Discretionary Access Check Sandboxing Restricted Tokens Lowbox Tokens Enterprise Access Checks The Object Type Access Check The Central Access Policy Worked Examples Using the Get-PSGrantedAccess Command Calculating Granted Access for Resources Wrapping Up 8. Other Access Checking Use Cases Traversal Checking The SeChangeNotifyPrivilege Privilege Limited Checks Handle Duplication Access Checks Sandbox Token Checks Automating Access Checks Worked Examples Simplifying an Access Check for an Object Finding Writable Section Objects Wrapping Up 9. Security Auditing The Security Event Log Configuring the System Audit Policy Configuring the Per-User Audit Policy Audit Policy Security Configuring the Resource SACL Configuring the Global SACL Worked Examples Verifying Audit Access Security Finding Resources with Audit ACEs Wrapping Up Part III: The Local Security Authority and Authentication 10. Windows Authentication Domain Authentication Local Authentication Enterprise Network Domains Domain Forests Local Domain Configuration The User Database The LSA Policy Database Remote LSA Services The SAM Remote Service The Domain Policy Remote Service The SAM and SECURITY Databases Accessing the SAM Database Through the Registry Inspecting the SECURITY Database Worked Examples RID Cycling Forcing a User‘s Password Change Extracting All Local User Hashes Wrapping Up 11. Active Directory A Brief History of Active Directory Exploring an Active Directory Domain with PowerShell The Remote Server Administration Tools Basic Forest and Domain Information The Users The Groups The Computers Objects and Distinguished Names Enumerating Directory Objects Accessing Objects in Other Domains The Schema Inspecting the Schema Accessing the Security Attributes Security Descriptors Querying Security Descriptors of Directory Objects Assigning Security Descriptors to New Directory Objects Assigning Security Descriptors to Existing Objects Inspecting a Security Descriptor’s Inherited Security Access Checks Creating Objects Deleting Objects Listing Objects Reading and Writing Attributes Checking Multiple Attributes Analyzing Property Sets Inspecting Control Access Rights Analyzing Write-Validated Access Rights Accessing the SELF SID Performing Additional Security Checks Claims and Central Access Policies Group Policies Worked Example Building the Authorization Context Gathering Object Information Running the Access Check Wrapping Up 12. Interactive Authentication Creating a User’s Desktop The LsaLogonUser API Local Authentication Domain Authentication Logon and Console Sessions Token Creation Using the LsaLogonUser API from PowerShell Creating a New Process with a Token The Service Logon Type Worked Examples Testing Privileges and Logon Account Rights Creating a Process in a Different Console Session Authenticating Virtual Accounts Wrapping Up 13. Network Authentication NTLM Network Authentication NTLM Authentication Using PowerShell The Cryptographic Derivation Process Pass-Through Authentication Local Loopback Authentication Alternative Client Credentials The NTLM Relay Attack Attack Overview Active Server Challenges Signing and Sealing Target Names Channel Binding Worked Example Overview The Code Module The Server Implementation The Client Implementation The NTLM Authentication Test Wrapping Up 14. Kerberos Interactive Authentication with Kerberos Initial User Authentication Network Service Authentication Performing Kerberos Authentication in PowerShell Decrypting the AP-REQ Message Decrypting the AP-REP Message Cross-Domain Authentication Kerberos Delegation Unconstrained Delegation Constrained Delegation User-to-User Kerberos Authentication Worked Examples Querying the Kerberos Ticket Cache Simple Kerberoasting Wrapping Up 15. Negotiate Authentication and Other Security Packages Security Buffers Using Buffers with an Authentication Context Using Buffers with Signing and Sealing The Negotiate Protocol Less Common Security Packages Secure Channel CredSSP Remote Credential Guard and Restricted Admin Mode The Credential Manager Additional Request Attribute Flags Anonymous Sessions Identity Tokens Network Authentication with a Lowbox Token Authentication with the Enterprise Authentication Capability Authentication to a Known Web Proxy Authentication with Explicit Credentials The Authentication Audit Event Log Worked Examples Identifying the Reason for an Authentication Failure Using a Secure Channel to Extract a Server’s TLS Certificate Wrapping Up Final Thoughts A: Building a Windows Domain Network for Testing The Domain Network Installing and Configuring Windows Hyper-V Creating the Virtual Machines The PRIMARYDC Server The GRAPHITE Workstation The SALESDC Server B: SDDL SID Alias Mapping Index
