The latest addition to No Starch Press’s lineup of security books, “Gray Hat C#” ($39.95, 304 pages) aims to help computer security professionals streamline their workday and bulk up their security toolkit.
This practical guide to C#’s powerful set of core libraries shows readers how to build tools to automate security tasks, like writing offensive exploits, automating scans for infrastructure vulnerabilities, reading offline registry hives, and creating custom cross-platform payloads.
Many computer security professionals rely on automation to get the job done but can feel limited by the tools available on any given system. With some help from “Gray Hat C#” (http://tinyurl.com/y92qushf) and Mono, an open source project that allows for cross-platform development, infosec professionals will have the power to write their own tools to run on macOS, Windows and Linux. Following a crash course in C# and some of its advanced features, readers learn to:
° Write fuzzers that use the HTTP and XML libraries to scan for vulnerabilities like SQL and XSS injection;
° Generate shellcode in Metasploit to create cross-platform payloads;
° Automate commonly used pentesting tools like Nessus, Cuckoo Sandbox, and sqlmap to scan for vulnerabilities and exploit SQL injections;
° Parse and read offline registry hives to dump system information;
° Write a .NET decompiler for macOS and Linux.