Bezpieczeństwo systemów
Google Cloud Platform for Architects. Design and manage powerful cloud solutions
Vitthal Srinivasan, Loonycorn Ravi, Judy Raj
Using a public cloud platform was considered risky a decade ago, and unconventional even just a few years ago. Today, however, use of the public cloud is completely mainstream - the norm, rather than the exception. Several leading technology firms, including Google, have built sophisticated cloud platforms, and are locked in a fierce competition for market share.The main goal of this book is to enable you to get the best out of the GCP, and to use it with confidence and competence. You will learn why cloud architectures take the forms that they do, and this will help you become a skilled high-level cloud architect. You will also learn how individual cloud services are configured and used, so that you are never intimidated at having to build it yourself. You will also learn the right way and the right situation in which to use the important GCP services.By the end of this book, you will be able to make the most out of Google Cloud Platform design.
Gray Hat C#. Język C# w kontroli i łamaniu zabezpieczeń
Brandon Perry
C# to nowoczesny język programowania, który został od podstaw zaprojektowany jako obiektowy. Ta dojrzała technologia jest często wybierana przez twórców oprogramowania, również tego służącego do pokonywania zabezpieczeń systemów. Dzięki temu, że platforma .NET jest oprogramowaniem open source, w C# można pisać kod, który bez problemu będzie działał w każdym systemie operacyjnym. Co prawda język ten jest prosty i łatwy do nauczenia się, jednak dopiero gruntowna znajomość C# umożliwia efektywne tworzenie narzędzi związanych z bezpieczeństwem, służących choćby do wyszukiwania luk w infrastrukturze czy prowadzenia testów penetracyjnych. Ta książka jest przeznaczona dla specjalistów ds. bezpieczeństwa, którzy chcą korzystać z języka C# do takich zadań jak fuzzowanie, skanowanie w poszukiwaniu luk zabezpieczeń i analiza złośliwego oprogramowania. Opisano tu zarówno podstawy języka C#, jak i jego dość zaawansowane funkcje. Przedstawiono szereg bibliotek dostępnych dla tego języka. Pokazano, jak pisać kod wyszukujący luki w zabezpieczeniach i jak tworzyć eksploity. Przedstawiono sposoby korzystania z takich narzędzi jak Nessus, sqlmap i Cuckoo Sandbox. Dzięki technikom zaprezentowanym w książce administrator bezpieczeństwa bez problemu zautomatyzuje nawet najbardziej żmudne codzienne zadania! W tej książce między innymi: Podstawowe i zaawansowane funkcjonalności języka C# Generowanie kodu ładunków, również wieloplatformowych Skanery, w tym OpenVAS, Nessus i Nexpose Automatyczna identyfikacja luk umożliwiających wstrzyknięcie kodu SQL Tworzenie w C# narzędzi do inżynierii wstecznej C#. Sprawdź swój system zabezpieczeń! Brandon Perry jest programistą i gorącym zwolennikiem idei open source. Odkąd pojawiło się środowisko Mono, pisze aplikacje w języku C#. Tworzy też moduły dla frameworka Metasploit, analizuje pliki binarne i zarządza ciekawymi projektami (https://volatileminds.net/). Fascynuje się badaniami nad bezpieczeństwem systemów informatycznych. Chętnie dzieli się swoją wiedzą, pisze książki i pomaga innym w tworzeniu solidniejszego oprogramowania.
Christophe Foulon, Ken Underhill, Tia Hopkins
The cybersecurity field is evolving fast, and so are its job interviews. Hack the Cybersecurity Interview, Second Edition is your go-to guide for landing your dream cybersecurity job—whether you're breaking in or aiming for a senior role.This expanded edition builds on reader feedback, refines career paths, and updates strategies for success. With a real-world approach, it preps you for key technical and behavioral questions, covering roles like Cybersecurity Engineer, SOC Analyst, and CISO. You'll learn best practices for answering with confidence and standing out in a competitive market.The book helps you showcase problem-solving skills, highlight transferable experience, and navigate personal branding, job offers, and interview stress. Using the HACK method, it provides a structured approach to adapt to different roles and employer expectations.Whether you're switching careers, advancing in cybersecurity, or preparing for your first role, this book equips you with the insights, strategies, and confidence to secure your ideal cybersecurity job.
Hakowanie Androida. Kompletny przewodnik XDA Developers po rootowaniu, ROM-ach i kompozycjach
Jason Tyler (Author), Will Verduzco (Contributor)
Sprawdź, co potrafi Twój telefon! System operacyjny Android ma rzeszę fanów. Zdobył ich dzięki swym niezwykłym możliwościom, imponującej elastyczności oraz ogromowi dostępnych aplikacji. System ten łączy w sobie prostotę ważną dla początkujących użytkowników z możliwościami rozwoju i ingerencji istotnymi dla tych zaawansowanych. Jeżeli masz pomysł, jak ulepszyć Twój system operacyjny, jeżeli chcesz dostosować go do swoich potrzeb, trafiłeś na właściwą książkę! Dzięki niej dowiesz się, jak skutecznie zrootować Twoje urządzenie i przejąć nad nim pełną kontrolę. To jest pierwszy i najważniejszy krok. Gdy go wreszcie uczynisz, świat pełen różnych wersji ROM-ów, modyfikacji i atrakcyjnych funkcjonalności stanie przed Tobą otworem. W trakcie lektury nauczysz się modyfikować wygląd i styl Twojego Androida, tworzyć pełną kopię bezpieczeństwa oraz wydłużać życie baterii. Znajdziesz tu również szczegółowe informacje na temat rootowania konkretnych modeli telefonów oraz tabletów. Książka ta jest idealną pozycją dla wszystkich chcących wycisnąć jeszcze więcej z telefonów z systemem Android. Dzięki tej książce: przygotujesz środowisko pracy zrootujesz swój telefon dostosujesz wygląd systemu zainstalujesz niestandardowy ROM Naucz swój telefon nowych, fantastycznych sztuczek!
Carlos A. Lozano , Dhruv Shah, Riyaz...
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.
Alessandro Parisi
Today's organizations spend billions of dollars globally on cybersecurity. Artificial intelligence has emerged as a great solution for building smarter and safer security systems that allow you to predict and detect suspicious network activity, such as phishing or unauthorized intrusions.This cybersecurity book presents and demonstrates popular and successful AI approaches and models that you can adapt to detect potential attacks and protect your corporate systems. You'll learn about the role of machine learning and neural networks, as well as deep learning in cybersecurity, and you'll also learn how you can infuse AI capabilities into building smart defensive mechanisms. As you advance, you'll be able to apply these strategies across a variety of applications, including spam filters, network intrusion detection, botnet detection, and secure authentication.By the end of this book, you'll be ready to develop intelligent systems that can detect unusual and suspicious patterns and attacks, thereby developing strong network security defenses using AI.
Himanshu Sharma, Joe Marshall
Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.You will learn about SQli, NoSQLi, XSS, XXE, and other forms of code injection. You’ll see how to create CSRF PoC HTML snippets, how to discover hidden content (and what to do with it once it’s found), and how to create the tools for automated pentesting work?ows.Then, you’ll format all of this information within the context of a bug report that will have the greatest chance of earning you cash. With detailed walkthroughs that cover discovering, testing, and reporting vulnerabilities, this book is ideal for aspiring security professionals. You should come away from this work with the skills you need to not only find the bugs you're looking for, but also the best bug bounty programs to participate in, and how to grow your skills moving forward in freelance security research.
Hands-On Cryptography with Python. Leverage the power of Python to encrypt and decrypt data
Samuel Bowne
Cryptography is essential for protecting sensitive information, but it is often performed inadequately or incorrectly. Hands-On Cryptography with Python starts by showing you how to encrypt and evaluate your data. The book will then walk you through various data encryption methods,such as obfuscation, hashing, and strong encryption, and will show how you can attack cryptographic systems. You will learn how to create hashes, crack them, and will understand why they are so different from each other. In the concluding chapters, you will use three NIST-recommended systems: the Advanced Encryption Standard (AES), the Secure Hash Algorithm (SHA), and the Rivest-Shamir-Adleman (RSA). By the end of this book, you will be able to deal with common errors in encryption.
Dr. Erdal Ozkaya, Milad Aslaner
Organizations have always been a target of cybercrime. Hands-On Cybersecurity for Finance teaches you how to successfully defend your system against common cyber threats, making sure your financial services are a step ahead in terms of security.The book begins by providing an overall description of cybersecurity, guiding you through some of the most important services and technologies currently at risk from cyber threats. Once you have familiarized yourself with the topic, you will explore specific technologies and threats based on case studies and real-life scenarios. As you progress through the chapters, you will discover vulnerabilities and bugs (including the human risk factor), gaining an expert-level view of the most recent threats. You'll then explore information on how you can achieve data and infrastructure protection. In the concluding chapters, you will cover recent and significant updates to procedures and configurations, accompanied by important details related to cybersecurity research and development in IT-based financial services.By the end of the book, you will have gained a basic understanding of the future of information security and will be able to protect financial services and their related infrastructures.
Rajneesh Gupta
Blockchain technology is being welcomed as one of the most revolutionary and impactful innovations of today. Blockchain technology was first identified in the world’s most popular digital currency, Bitcoin, but has now changed the outlook of several organizations and empowered them to use it even for storage and transfer of value.This book will start by introducing you to the common cyberthreat landscape and common attacks such as malware, phishing, insider threats, and DDoS. The next set of chapters will help you to understand the workings of Blockchain technology, Ethereum and Hyperledger architecture and how they fit into the cybersecurity ecosystem. These chapters will also help you to write your first distributed application on Ethereum Blockchain and the Hyperledger Fabric framework. Later, you will learn about the security triad and its adaptation with Blockchain. The last set of chapters will take you through the core concepts of cybersecurity, such as DDoS protection, PKI-based identity, 2FA, and DNS security. You will learn how Blockchain plays a crucial role in transforming cybersecurity solutions.Toward the end of the book, you will also encounter some real-world deployment examples of Blockchain in security cases, and also understand the short-term challenges and future of cybersecurity with Blockchain.
Hands-On Dark Web Analysis. Learn what goes on in the Dark Web, and how to work with it
Sion Retzkin
The overall world wide web is divided into three main areas - the Surface Web, the Deep Web, and the Dark Web. The Deep Web and Dark Web are the two areas which are not accessible through standard search engines or browsers. It becomes extremely important for security professionals to have control over these areas to analyze the security of your organization.This book will initially introduce you to the concept of the Deep Web and the Dark Web and their significance in the security sector. Then we will deep dive into installing operating systems and Tor Browser for privacy, security and anonymity while accessing them. During the course of the book, we will also share some best practices which will be useful in using the tools for best effect.By the end of this book, you will have hands-on experience working with the Deep Web and the Dark Web for security analysis
Chandra Sekhar Nayak, Rivu Chakraborty
Data structures and algorithms are more than just theoretical concepts. They help you become familiar with computational methods for solving problems and writing logical code. Equipped with this knowledge, you can write efficient programs that run faster and use less memory.Hands-On Data Structures and Algorithms with Kotlin book starts with the basics of algorithms and data structures, helping you get to grips with the fundamentals and measure complexity. You'll then move on to exploring the basics of functional programming while getting used to thinking recursively. Packed with plenty of examples along the way, this book will help you grasp each concept easily. In addition to this, you'll get a clear understanding of how the data structures in Kotlin's collection framework work internally.By the end of this book, you will be able to apply the theory of data structures and algorithms to work out real-world problems.
Alexey Soshin
Design patterns enable you as a developer to speed up the development process by providing you with proven development paradigms. Reusing design patterns helps prevent complex issues that can cause major problems, improves your code base, promotes code reuse, and makes an architecture more robust.The mission of this book is to ease the adoption of design patterns in Kotlin and provide good practices for programmers. The book begins by showing you the practical aspects of smarter coding in Kotlin, explaining the basic Kotlin syntax and the impact of design patterns. From there, the book provides an in-depth explanation of the classical design patterns of creational, structural, and behavioral families, before heading into functional programming. It then takes you through reactive and concurrent patterns, teaching you about using streams, threads, and coroutines to write better code along the way By the end of the book, you will be able to efficiently address common problems faced while developing applications and be comfortable working on scalable and maintainable projects of any size.
Florent Vilmart, Giordano Scalzo, Sergio De Simone
Swift keeps gaining traction not only amongst Apple developers but also as a server-side language. This book demonstrates how to apply design patterns and best practices in real-life situations, whether that's for new or already existing projects.You’ll begin with a quick refresher on Swift, the compiler, the standard library, and the foundation, followed by the Cocoa design patterns – the ones at the core of many cocoa libraries – to follow up with the creational, structural, and behavioral patterns as defined by the GoF. You'll get acquainted with application architecture, as well as the most popular architectural design patterns, such as MVC and MVVM, and learn to use them in the context of Swift. In addition, you’ll walk through dependency injection and functional reactive programming. Special emphasis will be given to techniques to handle concurrency, including callbacks, futures and promises, and reactive programming. These techniques will help you adopt a test-driven approach to your workflow in order to use Swift Package Manager and integrate the framework into the original code base, along with Unit and UI testing.By the end of the book, you'll be able to build applications that are scalable, faster, and easier to maintain.
Saurabh Badhwar
Dynamically typed languages like Python are continuously improving. With the addition of exciting new features and a wide selection of modern libraries and frameworks, Python has emerged as an ideal language for developing enterprise applications. Hands-On Enterprise Application Development with Python will show you how to build effective applications that are stable, secure, and easily scalable.The book is a detailed guide to building an end-to-end enterprise-grade application in Python. You will learn how to effectively implement Python features and design patterns that will positively impact your application lifecycle. The book also covers advanced concurrency techniques that will help you build a RESTful application with an optimized frontend. Given that security and stability are the foundation for an enterprise application, you’ll be trained on effective testing, performance analysis, and security practices, and understand how to embed them in your codebase during the initial phase. You’ll also be guided in how to move on from a monolithic architecture to one that is service oriented, leveraging microservices and serverless deployment techniques.By the end of the book, you will have become proficient at building efficient enterprise applications in Python.
Hands-On Ethical Hacking Tactics. Strategies, tools, and techniques for effective cyber defense
Shane Hartman, Ken Dunham
If you’re an ethical hacker looking to boost your digital defenses and stay up to date with the evolving cybersecurity landscape, then this book is for you. Hands-On Ethical Hacking Tactics is a comprehensive guide that will take you from fundamental to advanced levels of ethical hacking, offering insights into both offensive and defensive techniques. Written by a seasoned professional with 20+ years of experience, this book covers attack tools, methodologies, and procedures, helping you enhance your skills in securing and defending networks.The book starts with foundational concepts such as footprinting, reconnaissance, scanning, enumeration, vulnerability assessment, and threat modeling. Next, you’ll progress to using specific tools and procedures for hacking Windows, Unix, web servers, applications, and databases. The book also gets you up to speed with malware analysis. Throughout the book, you’ll experience a smooth transition from theoretical concepts to hands-on techniques using various platforms. Finally, you’ll explore incident response, threat hunting, social engineering, IoT hacking, and cloud exploitation, which will help you address the complex aspects of ethical hacking.By the end of this book, you’ll have gained the skills you need to navigate the ever-changing world of cybersecurity.
Tamir Dresher, Amir Zuker, Shay Friedman
Today, full-stack development is the name of the game. Developers who can build complete solutions, including both backend and frontend products, are in great demand in the industry, hence being able to do so a desirable skill. However, embarking on the path to becoming a modern full-stack developer can be overwhelmingly difficult, so the key purpose of this book is to simplify and ease the process.This comprehensive guide will take you through the journey of becoming a full-stack developer in the realm of the web and .NET. It begins by implementing data-oriented RESTful APIs, leveraging ASP.NET Core and Entity Framework. Afterward, it describes the web development field, including its history and future horizons. Then, you’ll build webbased Single-Page Applications (SPAs) by learning about numerous popular technologies, namely TypeScript, Angular, React, and Vue. After that, you’ll learn about additional related concerns involving deployment, hosting, and monitoring by leveraging the cloud; specifically, Azure. By the end of this book, you’ll be able to build, deploy, and monitor cloud-based, data-oriented, RESTful APIs, as well as modern web apps, using the most popular frameworks and technologies.
Remo H. Jansen
Functional programming is a powerful programming paradigm that can help you to write better code. However, learning functional programming can be complicated, and the existing literature is often too complex for beginners. This book is an approachable introduction to functional programming and reactive programming with TypeScript for readers without previous experience in functional programming with JavaScript, TypeScript , or any other programming language.The book will help you understand the pros, cons, and core principles of functional programming in TypeScript. It will explain higher order functions, referential transparency, functional composition, and monads with the help of effective code examples. Using TypeScript as a functional programming language, you’ll also be able to brush up on your knowledge of applying functional programming techniques, including currying, laziness, and immutability, to real-world scenarios. By the end of this book, you will be confident when it comes to using core functional and reactive programming techniques to help you build effective applications with TypeScript.
Soma Halder, Sinan Ozdemir
Cyber threats today are one of the costliest losses that an organization can face. In this book, we use the most efficient tool to solve the big problems that exist in the cybersecurity domain.The book begins by giving you the basics of ML in cybersecurity using Python and its libraries. You will explore various ML domains (such as time series analysis and ensemble modeling) to get your foundations right. You will implement various examples such as building system to identify malicious URLs, and building a program to detect fraudulent emails and spam. Later, you will learn how to make effective use of K-means algorithm to develop a solution to detect and alert you to any malicious activity in the network. Also learn how to implement biometrics and fingerprint to validate whether the user is a legitimate user or not.Finally, you will see how we change the game with TensorFlow and learn how deep learning is effective for creating models and training systems
Juan Antonio Medina Iglesias
With Google's inclusion of first-class support for Kotlin in their Androidecosystem, Kotlin's future as a mainstream language is assured. Microservices helpdesign scalable, easy-to-maintain web applications; Kotlin allows us to takeadvantage of modern idioms to simplify our development and create high-qualityservices. With 100% interoperability with the JVM, Kotlin makes working withexisting Java code easier. Well-known Java systems such as Spring, Jackson, andReactor have included Kotlin modules to exploit its language features.This book guides the reader in designing and implementing services, and producingproduction-ready, testable, lean code that's shorter and simpler than a traditionalJava implementation. Reap the benefits of using the reactive paradigm and takeadvantage of non-blocking techniques to take your services to the next level in termsof industry standards. You will consume NoSQL databases reactively to allow youto create high-throughput microservices. Create cloud-native microservices thatcan run on a wide range of cloud providers, and monitor them. You will create Dockercontainers for your microservices and scale them. Finally, you will deploy yourmicroservices in OpenShift Online.
Nipun Jaswal
Network forensics is a subset of digital forensics that deals with network attacks and their investigation. In the era of network attacks and malware threat, it’s now more important than ever to have skills to investigate network attacks and vulnerabilities.Hands-On Network Forensics starts with the core concepts within network forensics, including coding, networking, forensics tools, and methodologies for forensic investigations. You’ll then explore the tools used for network forensics, followed by understanding how to apply those tools to a PCAP file and write the accompanying report. In addition to this, you will understand how statistical flow analysis, network enumeration, tunneling and encryption, and malware detection can be used to investigate your network. Towards the end of this book, you will discover how network correlation works and how to bring all the information from different types of network devices together.By the end of this book, you will have gained hands-on experience of performing forensics analysis tasks.
Phil Bramwell
Windows has always been the go-to platform for users around the globe to perform administration and ad hoc tasks, in settings that range from small offices to global enterprises, and this massive footprint makes securing Windows a unique challenge. This book will enable you to distinguish yourself to your clients.In this book, you'll learn advanced techniques to attack Windows environments from the indispensable toolkit that is Kali Linux. We'll work through core network hacking concepts and advanced Windows exploitation techniques, such as stack and heap overflows, precision heap spraying, and kernel exploitation, using coding principles that allow you to leverage powerful Python scripts and shellcode.We'll wrap up with post-exploitation strategies that enable you to go deeper and keep your access. Finally, we'll introduce kernel hacking fundamentals and fuzzing testing, so you can discover vulnerabilities and write custom exploits. By the end of this book, you'll be well-versed in identifying vulnerabilities within the Windows OS and developing the desired solutions for them.
Glen D. Singh, Sean-Philip Oriyano
Kali NetHunter is a version of the popular and powerful Kali Linux pentesting platform, designed to be installed on mobile devices. Hands-On Penetration Testing with Kali NetHunter will teach you the components of NetHunter and how to install the software. You’ll also learn about the different tools included and how to optimize and use a package, obtain desired results, perform tests, and make your environment more secure. Starting with an introduction to Kali NetHunter, you will delve into different phases of the pentesting process. This book will show you how to build your penetration testing environment and set up your lab. You will gain insight into gathering intellectual data, exploiting vulnerable areas, and gaining control over target systems. As you progress through the book, you will explore the NetHunter tools available for exploiting wired and wireless devices. You will work through new ways to deploy existing tools designed to reduce the chances of detection. In the concluding chapters, you will discover tips and best practices for integrating security hardening into your Android ecosystem. By the end of this book, you will have learned to successfully use a mobile penetration testing device based on Kali NetHunter and Android to accomplish the same tasks you would traditionally, but in a smaller and more mobile form factor.
Furqan Khan
With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers.Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you’ll explore the advanced uses of Python in the domain of penetration testing and optimization. You’ll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you’ll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python.By the end of this book, you’ll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.