Mastering Vim. Build a software development environment with Vim and Neovim

Ruslan Osipov

Vim is a ubiquitous text editor that can be used for all programming languages. It has an extensive plugin system and integrates with many tools. Vim offers an extensible and customizable development environment for programmers, making it one of the most popular text editors in the world. Mastering Vim begins with explaining how the Vim editor will help you build applications efficiently. With the fundamentals of Vim, you will be taken through the Vim philosophy. As you make your way through the chapters, you will learn about advanced movement, text operations, and how Vim can be used as a Python (or any other language for that matter) IDE. The book will then cover essential tasks, such as refactoring, debugging, building, testing, and working with a version control system, as well as plugin configuration and management. In the concluding chapters, you will be introduced to additional mindset guidelines, learn to personalize your Vim experience, and go above and beyond with Vimscript.By the end of this book, you will be sufficiently confident to make Vim (or its fork, Neovim) your first choice when writing applications in Python and other programming languages.

Metasploit Bootcamp. The fastest way to learn Metasploit

Nipun Jaswal

The book starts with a hands-on Day 1 chapter, covering the basics of the Metasploit framework and preparing the readers for a self-completion exercise at the end of every chapter. The Day 2 chapter dives deep into the use of scanning and fingerprinting services with Metasploit while helping the readers to modify existing modules accordingto their needs. Following on from the previous chapter, Day 3 will focus on exploiting various types of service and client-side exploitation while Day 4 will focus on post-exploitation, and writing quick scripts that helps with gathering the required information from the exploited systems. The Day 5 chapter presents the reader with the techniquesinvolved in scanning and exploiting various services, such as databases, mobile devices, and VOIP. The Day 6 chapter prepares the reader to speed up and integrate Metasploit with leading industry tools for penetration testing. Finally, Day 7 brings in sophisticated attack vectors and challenges based on the user’s preparation over the past six days and ends with a Metasploit challenge to solve.

Metasploit for Beginners. Create a threat-free environment with the best-in-class tool

Sagar Rahalkar

This book will begin by introducing you to Metasploit and its functionality. Next, you will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components used by Metasploit. Further on in the book, you will learn how to find weaknesses in the target system and hunt for vulnerabilities using Metasploit and its supporting tools. Next, you'll get hands-on experience carrying out client-side attacks. Moving on, you'll learn about web application security scanning and bypassing anti-virus and clearing traces on the target system post compromise. This book will also keep you updated with the latest security techniques and methods that can be directly applied to scan, test, hack, and secure networks and systems with Metasploit. By the end of this book, you'll get the hang of bypassing different defenses, after which you'll learn how hackers use the network to gain access into different systems.

Metasploit Penetration Testing Cookbook. Evade antiviruses, bypass firewalls, and exploit complex environments with the most widely used penetration testing framework - Third Edition

Daniel Teixeira, Abhinav Singh, Nipun Jaswal, Monika Agarwal

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool.You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more.

Metasploit. Receptury pentestera. Wydanie II

Abhinav Singh, Monika Agarwal

Najlepsze przepisy na bezpieczeństwo Twoich danych! Jeżeli Twój system przechowuje i przetwarza poufne informacje — dane osobowe, numery kart kredytowych, wiadomości e-mail, dane finansowe lub coś równie ważnego — jest łakomym kąskiem dla cyberprzestępców. Jeżeli wizja kradzieży Twoich danych spędza Ci sen z powiek i zastanawiasz się, jak najlepiej sprawdzić stan bezpieczeństwa Twojego systemu, to odpowiedź jest jedna — zaatakuj go sam! Testy penetracyjne to najskuteczniejsza metoda weryfikacji bezpieczeństwa. Metasploit to narzędzie używane przez profesjonalistów do prowadzenia testów penetracyjnych. Jeżeli chcesz poznać najlepsze przepisy na jego wykorzystanie, to trafiłeś na doskonałą książkę! Zawiera ona ponad 80 receptur omawiających najbardziej skuteczne techniki testowania. W trakcie lektury dowiesz się, jak sprawnie skonfigurować Metasploit, ominąć ochronę antywirusową oraz skanować porty w systemach. Ponadto nauczysz się prowadzić testy penetracyjne sieci bezprzewodowych, korzystać z exploitów oraz używać modułów pomocniczych. Od dawna wiadomo, że najsłabszym ogniwem w systemie bezpieczeństwa jest człowiek, dlatego warto zaznajomić się z rozdziałem omawiającym pakiet narzędzi socjotechnicznych — Social Engineer-Toolkit. Książka ta jest obowiązkową pozycją na półce każdego pentestera! Dzięki tej książce: zainstalujesz i skonfigurujesz narzędzie Metasploit wykorzystasz język Ruby do budowy skryptów przeprowadzisz testy penetracyjne sieci VoIP poznasz pakiet narzędzi socjotechnicznych skutecznie zweryfikujesz bezpieczeństwo systemu informatycznego Testy penetracyjne — zadbaj o bezpieczeństwo Twojego systemu!

Microservice Patterns and Best Practices. Explore patterns like CQRS and event sourcing to create scalable, maintainable, and testable microservices

Vinicius Feitosa Pacheco

Microservices are a hot trend in the development world right now. Many enterprises have adopted this approach to achieve agility and the continuous delivery of applications to gain a competitive advantage. This book will take you through different design patterns at different stages of the microservice application development along with their best practices.Microservice Patterns and Best Practices starts with the learning of microservices key concepts and showing how to make the right choices while designing microservices. You will then move onto internal microservices application patterns, such as caching strategy, asynchronism, CQRS and event sourcing, circuit breaker, and bulkheads. As you progress, you'll learn the design patterns of microservices.The book will guide you on where to use the perfect design pattern at the application development stage and how to break monolithic application into microservices. You will also be taken through the best practices and patterns involved while testing, securing, and deploying your microservice application. At the end of the book, you will easily be able to create interoperable microservices, which are testable and prepared for optimum performance.

Microsoft 365 Administration Cookbook. Enhance your Microsoft 365 productivity to manage and optimize its apps and services - Second Edition

Nate Chamberlain, Karuana Gatimu

Step into the world of Microsoft 365 administration with this comprehensive second edition of the Microsoft 365 Administration Cookbook. Leveraging the expertise of Nate Chamberlain, a Microsoft 365 expert who has helped millions through his books, blog, and YouTube channel, this book breaks down complex administration tasks into manageable, bite-sized recipes.Covering everything from setting up your tenant to mastering identity roles, this edition also highlights the power of PowerShell to boost your capabilities. You’ll learn how to manage communication, collaboration, security, compliance, and more within Microsoft 365.Packed with practical recipes for both common and advanced administrative tasks, you’ll gain expertise in managing SharePoint Online and Microsoft Teams, and refining user management with Microsoft Entra ID. You’ll also learn how to configure Viva Engage, fortify your defenses with Microsoft Defender, and ensure compliance with Microsoft Purview.By the end of this book, you’ll have sharpened your administrative skills, gleaned actionable insights, and learned best practices. Whether you’re a veteran admin looking for innovative solutions or a newcomer building a solid skill set, this cookbook is an indispensable resource for your professional growth.

Microsoft 365 Mobility and Security - Exam Guide MS-101. Explore threat management, governance, security, compliance, and device services in Microsoft 365

Nate Chamberlain

Exam MS-101: Microsoft 365 Mobility and Security is a part of the Microsoft 365 Certified: Enterprise Administrator Expert certification path designed to help users validate their skills in evaluating, planning, migrating, deploying, and managing Microsoft 365 services. This book will help you implement modern device services, apply Microsoft 365 security and threat management, and manage Microsoft 365 governance and compliance. Written in a succinct way, you’ll explore chapter-wise self-assessment questions, exam tips, and mock exams with answers.You’ll start by implementing mobile device management (MDM) and handling device compliance. You’ll delve into threat detection and management, learning how to manage security reports and configure Microsoft 365 alerts. Later, you’ll discover data loss prevention (DLP) tools to protect data as well as tools for configuring audit logs and policies. The book will also guide you through using Azure Information Protection (AIP) for deploying clients, applying policies, and configuring services and users to enhance data security. Finally, you’ll cover best practices for configuring settings across your tenant to ensure compliance and security.By the end of this book, you’ll have learned to work with Microsoft 365 services and covered the concepts and techniques you need to know to pass the MS-101 exam.

Microsoft 365 Security Administration: MS-500 Exam Guide. Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Peter Rising

The Microsoft 365 Security Administration (MS-500) exam is designed to measure your ability to perform technical tasks such as managing, implementing, and monitoring security and compliance solutions for Microsoft 365 environments.This book starts by showing you how to configure and administer identity and access within Microsoft 365. You will learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, the book shows you how RBAC and Azure AD Identity Protection can be used to help you detect risks and secure information in your organization. You will also explore concepts, such as Advanced Threat Protection, Windows Defender ATP, and Threat Intelligence. As you progress, you will learn about additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention, and Cloud App Discovery and Security. The book also ensures you are well prepared to take the exam by giving you the opportunity to work through a mock paper, topic summaries, illustrations that briefly review key points, and real-world scenarios.By the end of this Microsoft 365 book, you will be able to apply your skills in the real world, while also being well prepared to achieve Microsoft certification.

Microsoft 365 Security and Compliance for Administrators. A definitive guide to planning, implementing, and maintaining Microsoft 365 security posture

Sasha Kranjac, Omar Kudovic

In today's hostile cyber landscape, securing data and complying with regulations is paramount for individuals, businesses, and organizations alike. Learn how Microsoft 365 Security and Compliance offers powerful tools to protect sensitive data and defend against evolving cyber threats with this comprehensive guide for administrators.Starting with an introduction to Microsoft 365 plans and essential compliance and security features, this book delves into the role of Azure Active Directory in Microsoft 365, laying the groundwork for a robust security framework. You’ll then advance to exploring the complete range of Microsoft 365 Defender security products, their coverage, and unique protection services to combat evolving threats.From threat mitigation strategies to governance and compliance best practices, you’ll gain invaluable insights into classifying and protecting data while mastering crucial data lifecycle capabilities in Microsoft 365.By the end of this book, you’ll be able to elevate the security and compliance posture of your organization significantly.

Microsoft Azure Security. Protect your solutions from malicious users using Microsoft Azure Services

Roberto Freato, Brent C Samodien

Microsoft Azure Security Technologies Certification and Beyond. Gain practical skills to secure your Azure environment and pass the AZ-500 exam

David Okeyode

Exam preparation for the AZ-500 means you’ll need to master all aspects of the Azure cloud platform and know how to implement them. With the help of this book, you'll gain both the knowledge and the practical skills to significantly reduce the attack surface of your Azure workloads and protect your organization from constantly evolving threats to public cloud environments like Azure.While exam preparation is one of its focuses, this book isn't just a comprehensive security guide for those looking to take the Azure Security Engineer certification exam, but also a valuable resource for those interested in securing their Azure infrastructure and keeping up with the latest updates. Complete with hands-on tutorials, projects, and self-assessment questions, this easy-to-follow guide builds a solid foundation of Azure security. You’ll not only learn about security technologies in Azure but also be able to configure and manage them. Moreover, you’ll develop a clear understanding of how to identify different attack vectors and mitigate risks.By the end of this book, you'll be well-versed with implementing multi-layered security to protect identities, networks, hosts, containers, databases, and storage in Azure – and more than ready to tackle the AZ-500.

Microsoft Cybersecurity Architect Exam Ref SC-100. Ace the SC-100 exam and develop cutting-edge cybersecurity strategies - Second Edition

Dwayne Natwick, Graham Gold, Abu Zobayer

This Second Edition of Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Packed with practice questions, mock exams, interactive flashcards, and invaluable exam tips, this comprehensive resource gives you everything you need to conquer the SC-100 exam with confidence.This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture of both cloud-only and hybrid infrastructures. You'll discover how to implement zero trust principles, enhance security operations, and elevate your organization's security posture.By the end of this book, you'll be fully equipped to plan, design, and assess cybersecurity frameworks for Microsoft cloud environments—and pass the SC-100 exam with flying colors. Ready to take your cybersecurity expertise to the next level? This guide is your key to success.

Microsoft Defender for Endpoint in Depth. Take any organization's endpoint security to the next level

Paul Huijbregts, Joe Anich, Justen Graves

With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.

Microsoft Defender for Identity in Depth. An exhaustive guide to ITDR, breach prevention, and cyberattack response

Pierre Thoor, Matthew Zorich

Written by a recognized cybersecurity expert, Microsoft Defender for Identity in Depth not only lays the groundwork for deploying and managing MDI, but also takes your knowledge to expert levels, enabling you to strengthen your organization against the most advanced cyber threats.You’ll familiarize yourself with the essentials of MDI, from seamless setup to leveraging PowerShell for automation, setting the stage for exploring advanced integrations and capabilities. Through practical, real-world examples, you’ll learn how to extend MDI’s reach by using APIs and conducting proactive threat hunting with KQL to turn insights into actions.The book gradually shifts focus to operational excellence, helping you develop expertise in investigating alerts, optimizing action accounts, and troubleshooting, which will empower you to master the building and maintenance of a robust ITDR framework and strengthen your security posture.By the end of this book, you’ll be able to harness the full potential of MDI’s functionalities, positioning you as a key player in your organization’s cybersecurity defenses.

Microsoft Identity and Access Administrator SC-300 Exam Guide. Pass the SC-300 exam with confidence by using exam-focused resources - Second Edition

Aaron Guilmette, James Hardiman, Doug Haven, Dwayne Natwick

SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.