Offensive Security Using Python. A hands-on guide to offensive tactics and threat mitigation using practical strategies

Rejah Rehim, Manindar Mohan, Grant Ongers

Offensive Security Using Python is your go-to manual for mastering the quick-paced field of offensive security. This book is packed with valuable insights, real-world examples, and hands-on activities to help you leverage Python to navigate the complicated world of web security, exploit vulnerabilities, and automate challenging security tasks.From detecting vulnerabilities to exploiting them with cutting-edge Python techniques, you’ll gain practical insights into web security, along with guidance on how to use automation to improve the accuracy and effectiveness of your security activities. You’ll also learn how to design personalized security automation tools. While offensive security is a great way to stay ahead of emerging threats, defensive security plays an equal role in protecting organizations from cyberattacks. In this book, you’ll get to grips with Python secure coding techniques to improve your ability to recognize dangers quickly and take appropriate action. As you progress, you’ll be well on your way to handling the contemporary challenges in the field of cybersecurity using Python, as well as protecting your digital environment from growing attacks.By the end of this book, you’ll have a solid understanding of sophisticated offensive security methods and be able to stay ahead in the constantly evolving cybersecurity space.

Offensive Shellcode from Scratch. Get to grips with shellcode countermeasures and discover how to bypass them

Rishalin Pillay

Shellcoding is a technique that is executed by many red teams and used in penetration testing and real-world attacks. Books on shellcode can be complex, and writing shellcode is perceived as a kind of dark art. Offensive Shellcode from Scratch will help you to build a strong foundation of shellcode knowledge and enable you to use it with Linux and Windows.This book helps you to explore simple to more complex examples of shellcode that are used by real advanced persistent threat (APT) groups. You'll get to grips with the components of shellcode and understand which tools are used when building shellcode, along with the automated tools that exist to create shellcode payloads. As you advance through the chapters, you'll become well versed in assembly language and its various components, such as registers, flags, and data types. This shellcode book also teaches you about the compilers and decoders that are used when creating shellcode. Finally, the book takes you through various attacks that entail the use of shellcode in both Windows and Linux environments.By the end of this shellcode book, you'll have gained the knowledge needed to understand the workings of shellcode and build your own exploits by using the concepts explored.

Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide. Become an expert and get Google Cloud certified with this practitioner’s guide

Ankush Chowdhary, Prashant Kulkarni, Phil Venables

Google Cloud security offers powerful controls to assist organizations in establishing secure and compliant cloud environments. With this book, you’ll gain in-depth knowledge of the Professional Cloud Security Engineer certification exam objectives, including Google Cloud security best practices, identity and access management (IAM), network security, data security, and security operations.The chapters go beyond the exam essentials, helping you explore advanced topics such as Google Cloud Security Command Center, the BeyondCorp Zero Trust architecture, and container security. With step-by-step explanations, practical examples, and practice exams to help you improve your skills for the exam, you'll be able to efficiently review and apply key concepts of the shared security responsibility model. Finally, you’ll get to grips with securing access, organizing cloud resources, network and data security, and logging and monitoring.By the end of this book, you'll be proficient in designing, developing, and operating security controls on Google Cloud and gain insights into emerging concepts for future exams.

OpenStack Cloud Security. Your OpenStack cloud storage contains all your vital computing resources and potentially sensitive data – secure it with this essential OpenStack tutorial

Fabio Alessandro Locati, Fabio A Locati (Duplicate)

OpenVPN Cookbook. Get the most out of OpenVPN by exploring it's advanced features. - Second Edition

Jan Just Keijser

OpenVPN provides an extensible VPN framework that has been designed to ease site-specific customization, such as providing the capability to distribute a customized installation package to clients, and supporting alternative authentication methods via OpenVPN’s plugin module interface. This book provides you with many different recipes to help you set up, monitor, and troubleshoot an OpenVPN network. You will learn to configure a scalable, load-balanced VPN server farm that can handle thousands of dynamic connections from incoming VPN clients. You will also get to grips with the encryption, authentication, security, extensibility, and certifications features of OpenSSL. You will also get an understanding of IPv6 support and will get a demonstration of how to establish a connection via IPv64. This book will explore all the advanced features of OpenVPN and even some undocumented options, covering all the common network setups such as point-to-point networks and multi-client TUN-style and TAP-style networks. Finally, you will learn to manage, secure, and troubleshoot your virtual private networks using OpenVPN 2.4.

Operationalizing Threat Intelligence. A guide to developing and operationalizing cyber threat intelligence programs

Kyle Wilhoit, Joseph Opacki

We’re living in an era where cyber threat intelligence is becoming more important. Cyber threat intelligence routinely informs tactical and strategic decision-making throughout organizational operations. However, finding the right resources on the fundamentals of operationalizing a threat intelligence function can be challenging, and that’s where this book helps.In Operationalizing Threat Intelligence, you’ll explore cyber threat intelligence in five fundamental areas: defining threat intelligence, developing threat intelligence, collecting threat intelligence, enrichment and analysis, and finally production of threat intelligence. You’ll start by finding out what threat intelligence is and where it can be applied. Next, you’ll discover techniques for performing cyber threat intelligence collection and analysis using open source tools. The book also examines commonly used frameworks and policies as well as fundamental operational security concepts. Later, you’ll focus on enriching and analyzing threat intelligence through pivoting and threat hunting. Finally, you’ll examine detailed mechanisms for the production of intelligence.By the end of this book, you’ll be equipped with the right tools and understand what it takes to operationalize your own threat intelligence function, from collection to production.

OPNsense Beginner to Professional. Protect networks and build next-generation firewalls easily with OPNsense

Julio Cesar Bueno de Camargo

OPNsense is one of the most powerful open source firewalls and routing platforms available. With OPNsense, you can now protect networks using features that were only previously available to closed source commercial firewalls.This book is a practical guide to building a comprehensive network defense strategy using OPNsense. You’ll start with the basics, understanding how to install, configure, and protect network resources using native features and additional OPNsense plugins. Next, you’ll explore real-world examples to gain in-depth knowledge of firewalls and network defense. You’ll then focus on boosting your network defense, preventing cyber threats, and improving your knowledge of firewalling using this open source security platform.By the end of this OPNsense book, you’ll be able to install, configure, and manage the OPNsense firewall by making the most of its features.

Oracle 11g Anti-hacker's Cookbook. Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you’ll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server

Adrian Neagu

For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.Oracle 11g Anti-hacker's Cookbook covers all the important security measures and includes various tips and tricks to protect your Oracle Database.Oracle 11g Anti-hacker's Cookbook uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.