Gray Hat Hacking Quotes

“Stanford University offers up to 100 free online courses to make their classes accessible to the masses.”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook

“Courses from the SANS Institute that prepare you for the Global Information Assurance Certification (GIAC) Certified Penetration Tester (GPEN) exam are a good starting point.”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook

“Access control is about the science of protecting things. Finding vulnerabilities in poorly implemented access control is fun because it feels like what security is all about.”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook

“odds are against the company and the security professional. The security professional has to identify and address all of the vulnerabilities in an environment. The attacker only has to be really good at one or two exploits, or really lucky.”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook

“Hacking tools are really just software tools that carry out some specific types of procedure to achieve a desired result. The tools can be used for good (defensive) purposes or for bad (offensive) purposes. The good and the bad guys use the same exact toolset; the difference is their intent when operating these tools.”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook

“The following sections survey some of the many US federal computer crime statutes, including         •  18 USC 1029: Fraud and Related Activity in Connection with Access Devices         •  18 USC 1030: Fraud and Related Activity in Connection with Computers         •  18 USC 2510 et seq.: Wire and Electronic Communications Interception and Interception of Oral Communications         •  18 USC 2701 et seq.: Stored Wire and Electronic Communications and Transactional Records Access         •  The Digital Millennium Copyright Act         •  The Cyber Security Enhancement Act of 2002”
― Daniel Regalado, Gray Hat Hacking: The Ethical Hacker's Handbook