Inne
Nipun Jaswal
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Mastering Mobile Forensics. Develop the capacity to dig deeper into mobile device data acquisition
Soufiane Tahiri
Mobile forensics presents a real challenge to the forensic community due to the fast and unstoppable changes in technology. This book aims to provide the forensic community an in-depth insight into mobile forensic techniques when it comes to deal with recent smartphones operating systemsStarting with a brief overview of forensic strategies and investigation procedures, you will understand the concepts of file carving, GPS analysis, and string analyzing. You will also see the difference between encryption, encoding, and hashing methods and get to grips with the fundamentals of reverse code engineering. Next, the book will walk you through the iOS, Android and Windows Phone architectures and filesystem, followed by showing you various forensic approaches and data gathering techniques. You will also explore advanced forensic techniques and find out how to deal with third-applications using case studies. The book will help you master data acquisition on Windows Phone 8. By the end of this book, you will be acquainted with best practices and the different models used in mobile forensics.
Mark Dunkerley, Matt Tumbarello
Are you looking for the most current and effective ways to protect Windows-based systems from being compromised by intruders? This updated second edition is a detailed guide that helps you gain the expertise to implement efficient security measures and create robust defense solutions using modern technologies.The first part of the book covers security fundamentals with details around building and implementing baseline controls. As you advance, you’ll learn how to effectively secure and harden your Windows-based systems through hardware, virtualization, networking, and identity and access management (IAM). The second section will cover administering security controls for Windows clients and servers with remote policy management using Intune, Configuration Manager, Group Policy, Defender for Endpoint, and other Microsoft 365 and Azure cloud security technologies. In the last section, you’ll discover how to protect, detect, and respond with security monitoring, reporting, operations, testing, and auditing.By the end of this book, you’ll have developed an understanding of the processes and tools involved in enforcing security controls and implementing zero-trust security principles to protect Windows systems.
Metasploit Revealed: Secrets of the Expert Pentester. Build your defense against complex attacks
Sagar Rahalkar, Nipun Jaswal
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.This learning path will begin by introducing you to Metasploit and its functionalities. You will learn how to set up and configure Metasploit on various platforms to create a virtual test environment. You will also get your hands on various tools and components and get hands-on experience with carrying out client-side attacks. In the next part of this learning path, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework. The final instalment of your learning journey will be covered through a bootcamp approach. You will be able to bring together the learning together and speed up and integrate Metasploit with leading industry tools for penetration testing. You’ll finish by working on challenges based on user’s preparation and work towards solving the challenge. The course provides you with highly practical content explaining Metasploit from the following Packt books:1. Metasploit for Beginners 2. Mastering Metasploit, Second Edition3. Metasploit Bootcamp
Aaron Guilmette
This book serves as a comprehensive guide to prepare you for the Microsoft Identity and Services exam, which focuses on the core identity and security aspects of a Microsoft 365 tenant. The exam MS-100 tests your proficiency in Azure AD authentication types, user management roles, access management, and workload applications.This book follows the published MS-100 blueprint, which covers identity and identity synchronization concepts, administrative roles, and crucial security topics such as self-service password reset, Azure AD password protection, and multifactor authentication. You’ll gain insights into application and authentication concepts, including OAuth application request management, enterprise application configuration, the benefits of Azure AD Application Proxy, and deploying Microsoft 365 apps.The book also delves into passwordless sign-in methods and provides overviews of configuring Exchange Online, Microsoft Teams, SharePoint Online, and OneDrive for Business in both cloud-only and hybrid deployments. You’ll be able to assess your knowledge retention at the end of each chapter.By the end of this MS-100 study guide, you’ll have built the knowledge and skills to pass the MS-100 exam and be able to ensure thorough preparation with the help of practice exam questions.
Peter Rising
The Microsoft 365 Security, Compliance, and Identity Administration is designed to help you manage, implement, and monitor security and compliance solutions for Microsoft 365 environments.With this book, you’ll first configure, administer identity and access within Microsoft 365. You’ll learn about hybrid identity, authentication methods, and conditional access policies with Microsoft Intune. Next, you’ll discover how RBAC and Azure AD Identity Protection can be used to detect risks and secure information in your organization. You’ll also explore concepts such as Microsoft Defender for endpoint and identity, along with threat intelligence. As you progress, you’ll uncover additional tools and techniques to configure and manage Microsoft 365, including Azure Information Protection, Data Loss Prevention (DLP), and Microsoft Defender for Cloud Apps.By the end of this book, you’ll be well-equipped to manage and implement security measures within your Microsoft 365 suite successfully.
Dwayne Natwick, Rod Trent
Microsoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam.This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions.By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.
Sasha Kranjac
Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities.This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation.By the end of this book, you will know how to get a view of your security posture and where to optimize security protection in your environment as well as the ins and outs of Microsoft Defender for Cloud.
Paul Huijbregts, Joe Anich, Justen Graves
With all organizational data and trade secrets being digitized, the threat of data compromise, unauthorized access, and cyberattacks has increased exponentially. Microsoft Defender for Endpoint (MDE) is a market-leading cross-platform endpoint security solution that enables you to prevent, detect, investigate, and respond to threats. MDE helps strengthen the security posture of your organization.This book starts with a history of the product and a primer on its various features. From prevention to attack surface reduction, detection, and response, you’ll learn about the features, their applicability, common misconceptions, and caveats. After planning, preparation, deployment, and configuration toward successful implementation, you’ll be taken through a day in the life of a security analyst working with the product. You’ll uncover common issues, techniques, and tools used for troubleshooting along with answers to some of the most common challenges cybersecurity professionals face. Finally, the book will wrap up with a reference guide with tips and tricks to maintain a strong cybersecurity posture.By the end of the book, you’ll have a deep understanding of Microsoft Defender for Endpoint and be well equipped to keep your organization safe from different forms of cyber threats.
Paul Huijbregts, Ru Campbell, Joe Anich, Justen...
Modern organizations run on constantly changing endpoints, yet many teams still struggle to make Microsoft Defender for Endpoint a dependable control. Coverage gaps, noisy detections, mixed platforms, and unclear device behavior often get in the way of effective prevention, detection, and response.This second edition helps you tackle those challenges directly. Updated for today’s Defender for Endpoint and the broader Microsoft Defender ecosystem, it shows how MDE works across clients, servers, and now mobile devices, and how to align deployments with real-world constraints. New chapters on mobile threat defense, production rollout, and tuning provide practical guidance for moving beyond pilot environments, handling edge cases, and protecting critical and legacy assets.Throughout, the book brings together IT and SecOps viewpoints to help you operate Defender for Endpoint with more clarity and less friction. You’ll learn how to maintain sensor health, interpret incidents confidently, reduce noise without weakening protection, and troubleshoot recurring issues.Whether you’re refining an existing deployment or planning a new one, this edition gives you a clearer path to making Defender for Endpoint a reliable part of your security program.
Aaron Guilmette, James Hardiman, Doug Haven, Dwayne...
SC-300 exam content has undergone significant changes, and this second edition aligns with the revised exam objectives. This updated edition gives you access to online exam prep resources such as chapter-wise practice questions, mock exams, interactive flashcards, and expert exam tips, providing you with all the tools you need for thorough exam preparation.You’ll get to grips with the creation, configuration, and management of Microsoft Entra identities, as well as understand the planning, implementation, and management of Microsoft Entra user authentication processes. You’ll learn to deploy and use new Global Secure Access features, design cloud application strategies, and manage application access and policies by using Microsoft Cloud App Security. You’ll also gain experience in configuring Privileged Identity Management for users and guests, working with the Permissions Creep Index, and mitigating associated risks.By the end of this book, you’ll have mastered the skills essential for securing Microsoft environments and be able to pass the SC-300 exam on your first attempt.
Andrew Taylor, Lior Bela, Lavanya Lakshman
Microsoft Intune Cookbook, Second Edition is a hands-on guide for IT administrators managing and supporting modern endpoints, built around the latest Intune capabilities and endpoint security enhancements. Written by Andrew Taylor, an experienced Intune practitioner and active community contributor, it focuses on everyday admin tasks and turns them into clear, repeatable recipes. You’ll start by preparing an Intune tenant and setting up key Entra ID foundations, then work through managing Windows, macOS, iOS, Android, and Linux using practical, proven workflows. Along the way, you’ll configure policies, enroll devices, deploy apps, and strengthen security with compliance, Defender integration, encryption, and conditional access. You’ll also go beyond the portal by using PowerShell and Microsoft Graph to automate routine work, reduce manual effort, and make changes at scale. Monitoring and reporting are covered so you can track device health, security posture, and deployment outcomes with confidence.Advanced scenarios include secure remote support, privilege elevation, cloud-based certificate management, real-time queries, and AI-assisted guidance to speed up troubleshooting and decision-making. By the end, you’ll have practical techniques you can apply immediately to run a modern, cloud-first Intune environment.
Microsoft System Center Endpoint Protection Cookbook. Click here to enter text. - Second Edition
Nicolai Henriksen
System Center Configuration Manager is now used by over 70% of all the business in the world today and many have taken advantage engaging the System Center Endpoint Protection within that great product. Through this book, you will gain knowledge about System Center Endpoint Protection, and see how to work with it from System Center Configuration Manager from an objective perspective.We’ll show you several tips, tricks, and recipes to not only help you understand and resolve your daily challenges, but hopefully enhance the security level of your business.Different scenarios will be covered, such as planning and setting up Endpoint Protection, daily operations and maintenance tips, configuring Endpoint Protection for different servers and applications, as well as workstation computers. You’ll also see how to deal with malware and infected systems that are discovered. You’ll find out how perform OS deployment, Bitlocker, and Applocker, and discover what to do if there is an attack or outbreak.You’ll find out how to ensure good control and reporting, and great defense against threats and malware software. You’ll see the huge benefits when dealing with application deployments, and get to grips with OS deployments, software updates, and disk encryption such as Bitlocker. By the end, you will be fully aware of the benefits of the System Center 2016 Endpoint Protection anti-malware product, ready to ensure your business is watertight against any threat you could face.
Prashant Verma, Akshay Dixit
Mobile attacks are on the rise. We are adapting ourselves to new and improved smartphones, gadgets, and their accessories, and with this network of smart things, come bigger risks. Threat exposure increases and the possibility of data losses increase. Exploitations of mobile devices are significant sources of such attacks.Mobile devices come with different platforms, such as Android and iOS. Each platform has its own feature-set, programming language, and a different set of tools. This means that each platform has different exploitation tricks, different malware, and requires a unique approach in regards to forensics or penetration testing. Device exploitation is a broad subject which is widely discussed, equally explored by both Whitehats and Blackhats.This cookbook recipes take you through a wide variety of exploitation techniques across popular mobile platforms. The journey starts with an introduction to basic exploits on mobile platforms and reverse engineering for Android and iOS platforms. Setup and use Android and iOS SDKs and the Pentesting environment. Understand more about basic malware attacks and learn how the malware are coded. Further, perform security testing of Android and iOS applications and audit mobile applications via static and dynamic analysis.Moving further, you'll get introduced to mobile device forensics. Attack mobile application traffic and overcome SSL, before moving on to penetration testing and exploitation.The book concludes with the basics of platforms and exploit tricks on BlackBerry and Windows Phone. By the end of the book, you will be able to use variety of exploitation techniques across popular mobile platforms with stress on Android and iOS.
Mobile Forensics - Advanced Investigative Strategies. Click here to enter text
Oleg Afonin, Vladimir Katalov
Investigating digital media is impossible without forensic tools. Dealing with complex forensic problems requires the use of dedicated tools, and even more importantly, the right strategies. In this book, you’ll learn strategies and methods to deal with information stored on smartphones and tablets and see how to put the right tools to work.We begin by helping you understand the concept of mobile devices as a source of valuable evidence. Throughout this book, you will explore strategies and plays and decide when to use each technique. We cover important techniques such as seizing techniques to shield the device, and acquisition techniques including physical acquisition (via a USB connection), logical acquisition via data backups, over-the-air acquisition. We also explore cloud analysis, evidence discovery and data analysis, tools for mobile forensics, and tools to help you discover and analyze evidence.By the end of the book, you will have a better understanding of the tools and methods used to deal with the challenges of acquiring, preserving, and extracting evidence stored on smartphones, tablets, and the cloud.
Darla Nykamp, Joseph Anderson, Jayasree Nampalli, Mari...
The threat of hacking may be the most damaging on the internet. Mobile technology is changing the way we live, work, and play, but it can leave your personal information dangerously exposed. Your online safety is at risk and the threat of information being stolen from your device is at an all- time high. Your identity is yours, yet it can be compromised if you don't manage your phone or mobile device correctly.Gain the power to manage all your mobile devices safely. With the help of this guide you can ensure that your data and that of your family is safe. The threat to your mobile security is growing on a daily basis and this guide may just be the help you need.Mobile Security: How to Secure, Privatize, and Recover Your Devices will teach you how to recognize, protect against, and recover from hacking attempts and outline the clear and present threats to your online identity posed by the use of a mobile device.In this guide you will discover just how vulnerable unsecured devices can be, and explore effective methods of mobile device management and identity protection to ensure your data's security. There will be special sections detailing extra precautions to ensure the safety of family members and how to secure your device for use at work.