Bezpieczeństwo systemów
W kategorii Bezpieczeństwo systemów zebrano książki, które pomogą zabezpieczyć Wasze prywatne lub firmowe komputery przed programami szpiegującymi, atakami hakerów czy wirusami. Poznacie procedury i normy związane z profesjonalną ochroną informacji oraz procedury przeprowadzenia audytu bezpieczeństwa. Opanujecie zaawansowane techniki zapewniające bezpieczeństwo komputerów, niezależnie jaki system operacyjny został na nich zainstalowany. Jeżeli jesteście twórcami oprogramowania, to znajdziecie tutaj informacje jak skutecznie zabezpieczyć własne aplikacje przed crackerami i hackerami, oraz jak tworzyć bezpieczne w użytkowaniu programy czy aplikacje sieciowe.
Jean Nestor M. Dahj
The sophistication of cyber threats, such as ransomware, advanced phishing campaigns, zero-day vulnerability attacks, and advanced persistent threats (APTs), is pushing organizations and individuals to change strategies for reliable system protection. Cyber Threat Intelligence converts threat information into evidence-based intelligence that uncovers adversaries' intents, motives, and capabilities for effective defense against all kinds of threats.This book thoroughly covers the concepts and practices required to develop and drive threat intelligence programs, detailing the tasks involved in each step of the CTI lifecycle. You'll be able to plan a threat intelligence program by understanding and collecting the requirements, setting up the team, and exploring the intelligence frameworks. You'll also learn how and from where to collect intelligence data for your program, considering your organization level. With the help of practical examples, this book will help you get to grips with threat data processing and analysis. And finally, you'll be well-versed with writing tactical, technical, and strategic intelligence reports and sharing them with the community.By the end of this book, you'll have acquired the knowledge and skills required to drive threat intelligence operations from planning to dissemination phases, protect your organization, and help in critical defense decisions.
Cesar Bravo, Darren Kitchen
Every organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure.The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security.By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills.
Igor Kucherenko
The ease with which we write applications has been increasing, but with it comes the need to address their performance. A balancing act between easily implementing complex applications and keeping their performance optimal is a present-day requirement In this book, we explore how to achieve this crucial balance, while developing and deploying applications with Kotlin.The book starts by analyzing various Kotlin specifcations to identify those that have a potentially adverse effect on performance. Then, we move on to monitor techniques that enable us to identify performance bottlenecks and optimize performance metrics. Next, we look at techniques that help to us achieve high performance: memory optimization, concurrency, multi threading, scaling, and caching. We also look at fault tolerance solutions and the importance of logging. We'll also cover best practices of Kotlin programming that will help you to improve the quality of your code base.By the end of the book, you will have gained some insight into various techniques and solutions that will help to create high-performance applications in the Kotlin environment
Vijay Kumar Velu
Remote working has given hackers plenty of opportunities as more confidential information is shared over the internet than ever before. In this new edition of Mastering Kali Linux for Advanced Penetration Testing, you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You'll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances. This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.
Vijay Kumar Velu
This book will take you, as a tester or security practitioner through the journey of reconnaissance, vulnerability assessment, exploitation, and post-exploitation activities used by penetration testers and hackers. We will start off by using a laboratory environment to validate tools and techniques, and using an application that supports a collaborative approach to penetration testing. Further we will get acquainted with passive reconnaissance with open source intelligence and active reconnaissance of the external and internal networks. We will also focus on how to select, use, customize, and interpret the results from a variety of different vulnerability scanners. Specific routes to the target will also be examined, including bypassing physical security and exfiltration of data using different techniques. You will also get to grips with concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections. Later you will learn the practical aspects of attacking user client systems by backdooring executable files. You will focus on the most vulnerable part of the network—directly and bypassing the controls, attacking the end user and maintaining persistence access through social media.You will also explore approaches to carrying out advanced penetration testing in tightly secured environments, and the book's hands-on approach will help you understand everything you need to know during a Red teaming exercise or penetration testing
Michael McPhee
You will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess.By the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.
Brian Sak, Jilumudi Raghu Ram
Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit.This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology.By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.
Donald A. Tevault
This book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment. You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently.By the end of this book, you will be confident in delivering a system that will be much harder to compromise.
Chiheb Chebbi
Cyber security is crucial for both businesses and individuals. As systems are getting smarter, we now see machine learning interrupting computer security. With the adoption of machine learning in upcoming security products, it’s important for pentesters and security researchers to understand how these systems work, and to breach them for testing purposes. This book begins with the basics of machine learning and the algorithms used to build robust systems. Once you’ve gained a fair understanding of how security products leverage machine learning, you'll dive into the core concepts of breaching such systems. Through practical use cases, you’ll see how to find loopholes and surpass a self-learning security system. As you make your way through the chapters, you’ll focus on topics such as network intrusion detection and AV and IDS evasion. We’ll also cover the best practices when identifying ambiguities, and extensive techniques to breach an intelligent system.By the end of this book, you will be well-versed with identifying loopholes in a self-learning security system and will be able to efficiently breach a machine learning system.
Alexey Kleymenov, Amr Thabet
With the ever-growing proliferation of technology, the risk of encountering malicious code or malware has also increased. Malware analysis has become one of the most trending topics in businesses in recent years due to multiple prominent ransomware attacks. Mastering Malware Analysis explains the universal patterns behind different malicious software types and how to analyze them using a variety of approaches. You will learn how to examine malware code and determine the damage it can possibly cause to your systems to ensure that it won't propagate any further. Moving forward, you will cover all aspects of malware analysis for the Windows platform in detail. Next, you will get to grips with obfuscation and anti-disassembly, anti-debugging, as well as anti-virtual machine techniques. This book will help you deal with modern cross-platform malware. Throughout the course of this book, you will explore real-world examples of static and dynamic malware analysis, unpacking and decrypting, and rootkit detection. Finally, this book will help you strengthen your defenses and prevent malware breaches for IoT devices and mobile platforms. By the end of this book, you will have learned to effectively analyze, investigate, and build innovative solutions to handle any malware incidents.
Ru Campbell, Viktor Hedberg, Heike Ritter
This book will help you get up and running with Microsoft 365 Defender and help you use the whole suite effectively.You’ll start with a quick overview of cybersecurity risks that modern organizations face, such as ransomware and APT attacks, how Microsoft is making massive investments in security today, and gain an understanding of how to deploy Microsoft Defender for Endpoint by diving deep into configurations and their architecture.As you progress, you’ll learn how to configure Microsoft Defender Antivirus, and onboard and manage macOS, Android, and Linux MDE devices for effective solutions. You’ll also learn how to deploy Microsoft Defender for Identity and explore its different deployment methods that can protect your hybrid identity platform, as well as how to configure Microsoft Defender for Office 365 and Cloud Apps, and manage KQL queries for advanced hunting with ease. Toward the end, you’ll find out how M365D can be integrated with Sentinel and how to use APIs for incident response.By the end of this book, you will have a deep understanding of Microsoft 365 Defender, and how to protect and respond to security threats.
Samuel Soto
Navigate the security Wild West with Microsoft Defender for Office 365, your shield against the complex and rapidly evolving cyber threats. Written by a cybersecurity veteran with 25 years of experience, including combating nation-state adversaries and organized cybercrime gangs, this book offers unparalleled insights into modern digital security challenges by helping you secure your organization's email and communication systems and promoting a safer digital environment by staying ahead of evolving threats and fostering user awareness.This book introduces you to a myriad of security threats and challenges organizations encounter and delves into the day-to-day use of Defender for Office 365, offering insights for proactively managing security threats, investigating alerts, and effective remediation. You’ll explore advanced strategies such as leveraging threat intelligence to reduce false alerts, customizing reports, conducting attack simulation, and automating investigation and remediation. To ensure complete protection, you’ll learn to integrate Defender for Office 365 with other security tools and APIs.By the end of this book, you’ll have gained a comprehensive understanding of Defender for Office 365 and its crucial role in fortifying your organization's cybersecurity posture.
Christiaan Brinkhoff, Per Larsen, Steve Dispensa, Scott...
The slow adoption of modern work solutions, which are designed to streamline the management of your environment, can often be attributed to a lack of understanding and familiarity with those solutions. This book will provide you with all the information you need to successfully transition to Microsoft Intune.Mastering Microsoft Intune, Second Edition, explains various concepts in detail to give you the clarity on how to use Microsoft Intune and eliminate any migration challenges. You'll master Cloud Computing services such as Windows 365 Cloud PCs, Intune Suite, Windows Autopatch, Windows Autopilot, profile management, monitoring and analytics, Universal Print, and much more. The book will take you through the latest features and Microsoft Cloud services to help you to get grips with the fundamentals of Intune and understand which services you can manage. Whether you're interested in physical or cloud endpoints, it's all covered.By the end of the book, you'll be able to set up Intune and use it to run Windows and Windows 365 efficiently, using all the latest featuresof Intune
David Zientara
pfSense has the same reliability and stability as even the most popular commercial firewall offerings on the market – but, like the very best open-source software, it doesn’t limit you. You’re in control – you can exploit and customize pfSense around your security needs.Mastering pfSense - Second Edition, covers features that have long been part of pfSense such as captive portal, VLANs, traffic shaping, VPNs, load balancing, Common Address Redundancy Protocol (CARP), multi-WAN, and routing. It also covers features that have been added with the release of 2.4, such as support for ZFS partitions and OpenVPN 2.4. This book takes into account the fact that, in order to support increased cryptographic loads, pfSense version 2.5 will require a CPU that supports AES-NI. The second edition of this book places more of an emphasis on the practical side of utilizing pfSense than the previous edition, and, as a result, more examples are provided which show in step-by-step fashion how to implement many features.
José Manuel Ortega
It’s becoming more and more apparent that security is a critical aspect of IT infrastructure. A data breach is a major security incident, usually carried out by just hacking a simple network line. Increasing your network’s security helps step up your defenses against cyber attacks. Meanwhile, Python is being used for increasingly advanced tasks, with the latest update introducing many new packages. This book focuses on leveraging these updated packages to build a secure network with the help of Python scripting. This book covers topics from building a network to the different procedures you need to follow to secure it. You’ll first be introduced to different packages and libraries, before moving on to different ways to build a network with the help of Python scripting. Later, you will learn how to check a network’s vulnerability using Python security scripting, and understand how to check vulnerabilities in your network. As you progress through the chapters, you will also learn how to achieve endpoint protection by leveraging Python packages along with writing forensic scripts. By the end of this book, you will be able to get the most out of the Python language to build secure and robust networks that are resilient to attacks.
Mastering Reverse Engineering. Re-engineer your ethical hacking skills
Reginald Wong
If you want to analyze software in order to exploit its weaknesses and strengthen its defenses, then you should explore reverse engineering. Reverse Engineering is a hackerfriendly tool used to expose security flaws and questionable privacy practices.In this book, you will learn how to analyse software even without having access to its source code or design documents. You will start off by learning the low-level language used to communicate with the computer and then move on to covering reverse engineering techniques. Next, you will explore analysis techniques using real-world tools such as IDA Pro and x86dbg. As you progress through the chapters, you will walk through use cases encountered in reverse engineering, such as encryption and compression, used to obfuscate code, and how to to identify and overcome anti-debugging and anti-analysis tricks. Lastly, you will learn how to analyse other types of files that contain code.By the end of this book, you will have the confidence to perform reverse engineering.