Hacking
Google Cloud Platform for Architects. Design and manage powerful cloud solutions
Vitthal Srinivasan, Loonycorn Ravi, Judy Raj
Using a public cloud platform was considered risky a decade ago, and unconventional even just a few years ago. Today, however, use of the public cloud is completely mainstream - the norm, rather than the exception. Several leading technology firms, including Google, have built sophisticated cloud platforms, and are locked in a fierce competition for market share.The main goal of this book is to enable you to get the best out of the GCP, and to use it with confidence and competence. You will learn why cloud architectures take the forms that they do, and this will help you become a skilled high-level cloud architect. You will also learn how individual cloud services are configured and used, so that you are never intimidated at having to build it yourself. You will also learn the right way and the right situation in which to use the important GCP services.By the end of this book, you will be able to make the most out of Google Cloud Platform design.
Gray Hat C#. Język C# w kontroli i łamaniu zabezpieczeń
Brandon Perry
C# to nowoczesny język programowania, który został od podstaw zaprojektowany jako obiektowy. Ta dojrzała technologia jest często wybierana przez twórców oprogramowania, również tego służącego do pokonywania zabezpieczeń systemów. Dzięki temu, że platforma .NET jest oprogramowaniem open source, w C# można pisać kod, który bez problemu będzie działał w każdym systemie operacyjnym. Co prawda język ten jest prosty i łatwy do nauczenia się, jednak dopiero gruntowna znajomość C# umożliwia efektywne tworzenie narzędzi związanych z bezpieczeństwem, służących choćby do wyszukiwania luk w infrastrukturze czy prowadzenia testów penetracyjnych. Ta książka jest przeznaczona dla specjalistów ds. bezpieczeństwa, którzy chcą korzystać z języka C# do takich zadań jak fuzzowanie, skanowanie w poszukiwaniu luk zabezpieczeń i analiza złośliwego oprogramowania. Opisano tu zarówno podstawy języka C#, jak i jego dość zaawansowane funkcje. Przedstawiono szereg bibliotek dostępnych dla tego języka. Pokazano, jak pisać kod wyszukujący luki w zabezpieczeniach i jak tworzyć eksploity. Przedstawiono sposoby korzystania z takich narzędzi jak Nessus, sqlmap i Cuckoo Sandbox. Dzięki technikom zaprezentowanym w książce administrator bezpieczeństwa bez problemu zautomatyzuje nawet najbardziej żmudne codzienne zadania! W tej książce między innymi: Podstawowe i zaawansowane funkcjonalności języka C# Generowanie kodu ładunków, również wieloplatformowych Skanery, w tym OpenVAS, Nessus i Nexpose Automatyczna identyfikacja luk umożliwiających wstrzyknięcie kodu SQL Tworzenie w C# narzędzi do inżynierii wstecznej C#. Sprawdź swój system zabezpieczeń! Brandon Perry jest programistą i gorącym zwolennikiem idei open source. Odkąd pojawiło się środowisko Mono, pisze aplikacje w języku C#. Tworzy też moduły dla frameworka Metasploit, analizuje pliki binarne i zarządza ciekawymi projektami (https://volatileminds.net/). Fascynuje się badaniami nad bezpieczeństwem systemów informatycznych. Chętnie dzieli się swoją wiedzą, pisze książki i pomaga innym w tworzeniu solidniejszego oprogramowania.
Gray Hat C#. Język C# w kontroli i łamaniu zabezpieczeń
Brandon Perry
C# to nowoczesny język programowania, który został od podstaw zaprojektowany jako obiektowy. Ta dojrzała technologia jest często wybierana przez twórców oprogramowania, również tego służącego do pokonywania zabezpieczeń systemów. Dzięki temu, że platforma .NET jest oprogramowaniem open source, w C# można pisać kod, który bez problemu będzie działał w każdym systemie operacyjnym. Co prawda język ten jest prosty i łatwy do nauczenia się, jednak dopiero gruntowna znajomość C# umożliwia efektywne tworzenie narzędzi związanych z bezpieczeństwem, służących choćby do wyszukiwania luk w infrastrukturze czy prowadzenia testów penetracyjnych. Ta książka jest przeznaczona dla specjalistów ds. bezpieczeństwa, którzy chcą korzystać z języka C# do takich zadań jak fuzzowanie, skanowanie w poszukiwaniu luk zabezpieczeń i analiza złośliwego oprogramowania. Opisano tu zarówno podstawy języka C#, jak i jego dość zaawansowane funkcje. Przedstawiono szereg bibliotek dostępnych dla tego języka. Pokazano, jak pisać kod wyszukujący luki w zabezpieczeniach i jak tworzyć eksploity. Przedstawiono sposoby korzystania z takich narzędzi jak Nessus, sqlmap i Cuckoo Sandbox. Dzięki technikom zaprezentowanym w książce administrator bezpieczeństwa bez problemu zautomatyzuje nawet najbardziej żmudne codzienne zadania! W tej książce między innymi: Podstawowe i zaawansowane funkcjonalności języka C# Generowanie kodu ładunków, również wieloplatformowych Skanery, w tym OpenVAS, Nessus i Nexpose Automatyczna identyfikacja luk umożliwiających wstrzyknięcie kodu SQL Tworzenie w C# narzędzi do inżynierii wstecznej C#. Sprawdź swój system zabezpieczeń! Brandon Perry jest programistą i gorącym zwolennikiem idei open source. Odkąd pojawiło się środowisko Mono, pisze aplikacje w języku C#. Tworzy też moduły dla frameworka Metasploit, analizuje pliki binarne i zarządza ciekawymi projektami (https://volatileminds.net/). Fascynuje się badaniami nad bezpieczeństwem systemów informatycznych. Chętnie dzieli się swoją wiedzą, pisze książki i pomaga innym w tworzeniu solidniejszego oprogramowania.
Ken Underhill, Mari Galloway, Christophe Foulon, Tia...
This book is a comprehensive guide that helps both entry-level and experienced cybersecurity professionals prepare for interviews in a wide variety of career areas.Complete with the authors’ answers to different cybersecurity interview questions, this easy-to-follow and actionable book will help you get ready and be confident. You’ll learn how to prepare and form a winning strategy for job interviews. In addition to this, you’ll also understand the most common technical and behavioral interview questions, learning from real cybersecurity professionals and executives with years of industry experience.By the end of this book, you’ll be able to apply the knowledge you've gained to confidently pass your next job interview and achieve success on your cybersecurity career path.
Christophe Foulon, Ken Underhill, Tia Hopkins
The cybersecurity field is evolving fast, and so are its job interviews. Hack the Cybersecurity Interview, Second Edition is your go-to guide for landing your dream cybersecurity job—whether you're breaking in or aiming for a senior role.This expanded edition builds on reader feedback, refines career paths, and updates strategies for success. With a real-world approach, it preps you for key technical and behavioral questions, covering roles like Cybersecurity Engineer, SOC Analyst, and CISO. You'll learn best practices for answering with confidence and standing out in a competitive market.The book helps you showcase problem-solving skills, highlight transferable experience, and navigate personal branding, job offers, and interview stress. Using the HACK method, it provides a structured approach to adapt to different roles and employer expectations.Whether you're switching careers, advancing in cybersecurity, or preparing for your first role, this book equips you with the insights, strategies, and confidence to secure your ideal cybersecurity job.
Hacking and Security. The Comprehensive Guide to Penetration Testing and Cybersecurity
Rheinwerk Publishing, Inc, Michael Kofler, Klaus Gebeshuber,...
This book provides a comprehensive guide to cybersecurity, covering hacking techniques, tools, and defenses. It begins by introducing key concepts, distinguishing penetration testing from hacking, and explaining hacking tools and procedures. Early chapters focus on security fundamentals, such as attack vectors, intrusion detection, and forensic methods to secure IT systems.As the book progresses, readers explore topics like exploits, authentication, and the challenges of IPv6 security. It also examines the legal aspects of hacking, detailing laws on unauthorized access and negligent IT security. Readers are guided through installing and using Kali Linux for penetration testing, with practical examples of network scanning and exploiting vulnerabilities.Later sections cover a range of essential hacking tools, including Metasploit, OpenVAS, and Wireshark, with step-by-step instructions. The book also explores offline hacking methods, such as bypassing protections and resetting passwords, along with IT forensics techniques for analyzing digital traces and live data. Practical application is emphasized throughout, equipping readers with the skills needed to address real-world cybersecurity threats.
Hacking and Security. The Comprehensive Guide to Penetration Testing and Cybersecurity
Rheinwerk Publishing, Inc, Michael Kofler, Klaus Gebeshuber,...
This book provides a comprehensive guide to cybersecurity, covering hacking techniques, tools, and defenses. It begins by introducing key concepts, distinguishing penetration testing from hacking, and explaining hacking tools and procedures. Early chapters focus on security fundamentals, such as attack vectors, intrusion detection, and forensic methods to secure IT systems.As the book progresses, readers explore topics like exploits, authentication, and the challenges of IPv6 security. It also examines the legal aspects of hacking, detailing laws on unauthorized access and negligent IT security. Readers are guided through installing and using Kali Linux for penetration testing, with practical examples of network scanning and exploiting vulnerabilities.Later sections cover a range of essential hacking tools, including Metasploit, OpenVAS, and Wireshark, with step-by-step instructions. The book also explores offline hacking methods, such as bypassing protections and resetting passwords, along with IT forensics techniques for analyzing digital traces and live data. Practical application is emphasized throughout, equipping readers with the skills needed to address real-world cybersecurity threats.
Hacking and Security. The Comprehensive Guide to Penetration Testing and Cybersecurity
Rheinwerk Publishing, Inc, Michael Kofler, Klaus Gebeshuber,...
This book provides a comprehensive guide to cybersecurity, covering hacking techniques, tools, and defenses. It begins by introducing key concepts, distinguishing penetration testing from hacking, and explaining hacking tools and procedures. Early chapters focus on security fundamentals, such as attack vectors, intrusion detection, and forensic methods to secure IT systems.As the book progresses, readers explore topics like exploits, authentication, and the challenges of IPv6 security. It also examines the legal aspects of hacking, detailing laws on unauthorized access and negligent IT security. Readers are guided through installing and using Kali Linux for penetration testing, with practical examples of network scanning and exploiting vulnerabilities.Later sections cover a range of essential hacking tools, including Metasploit, OpenVAS, and Wireshark, with step-by-step instructions. The book also explores offline hacking methods, such as bypassing protections and resetting passwords, along with IT forensics techniques for analyzing digital traces and live data. Practical application is emphasized throughout, equipping readers with the skills needed to address real-world cybersecurity threats.
Mohammed A. Imran, Srinivasa Rao Kotipalli
With the mass explosion of Android mobile phones in the world, mobile devices have become an integral part of our everyday lives. Security of Android devices is a broad subject that should be part of our everyday lives to defend against ever-growing smartphone attacks. Everyone, starting with end users all the way up to developers and security professionals should care about android security. Hacking Android is a step-by-step guide that will get you started with Android security. You’ll begin your journey at the absolute basics, and then will slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. On this journey you’ll get to grips with various tools and techniques that can be used in your everyday pentests. You’ll gain the skills necessary to perform Android application vulnerability assessment and penetration testing and will create an Android pentesting lab.
Hakowanie Androida. Kompletny przewodnik XDA Developers po rootowaniu, ROM-ach i kompozycjach
Jason Tyler (Author), Will Verduzco (Contributor)
Sprawdź, co potrafi Twój telefon! System operacyjny Android ma rzeszę fanów. Zdobył ich dzięki swym niezwykłym możliwościom, imponującej elastyczności oraz ogromowi dostępnych aplikacji. System ten łączy w sobie prostotę ważną dla początkujących użytkowników z możliwościami rozwoju i ingerencji istotnymi dla tych zaawansowanych. Jeżeli masz pomysł, jak ulepszyć Twój system operacyjny, jeżeli chcesz dostosować go do swoich potrzeb, trafiłeś na właściwą książkę! Dzięki niej dowiesz się, jak skutecznie zrootować Twoje urządzenie i przejąć nad nim pełną kontrolę. To jest pierwszy i najważniejszy krok. Gdy go wreszcie uczynisz, świat pełen różnych wersji ROM-ów, modyfikacji i atrakcyjnych funkcjonalności stanie przed Tobą otworem. W trakcie lektury nauczysz się modyfikować wygląd i styl Twojego Androida, tworzyć pełną kopię bezpieczeństwa oraz wydłużać życie baterii. Znajdziesz tu również szczegółowe informacje na temat rootowania konkretnych modeli telefonów oraz tabletów. Książka ta jest idealną pozycją dla wszystkich chcących wycisnąć jeszcze więcej z telefonów z systemem Android. Dzięki tej książce: przygotujesz środowisko pracy zrootujesz swój telefon dostosujesz wygląd systemu zainstalujesz niestandardowy ROM Naucz swój telefon nowych, fantastycznych sztuczek!
Carlos A. Lozano , Dhruv Shah, Riyaz...
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.
Carlos A. Lozano , Dhruv Shah, Riyaz...
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.
Alessandro Parisi
Today's organizations spend billions of dollars globally on cybersecurity. Artificial intelligence has emerged as a great solution for building smarter and safer security systems that allow you to predict and detect suspicious network activity, such as phishing or unauthorized intrusions.This cybersecurity book presents and demonstrates popular and successful AI approaches and models that you can adapt to detect potential attacks and protect your corporate systems. You'll learn about the role of machine learning and neural networks, as well as deep learning in cybersecurity, and you'll also learn how you can infuse AI capabilities into building smart defensive mechanisms. As you advance, you'll be able to apply these strategies across a variety of applications, including spam filters, network intrusion detection, botnet detection, and secure authentication.By the end of this book, you'll be ready to develop intelligent systems that can detect unusual and suspicious patterns and attacks, thereby developing strong network security defenses using AI.
Alessandro Parisi
Today's organizations spend billions of dollars globally on cybersecurity. Artificial intelligence has emerged as a great solution for building smarter and safer security systems that allow you to predict and detect suspicious network activity, such as phishing or unauthorized intrusions.This cybersecurity book presents and demonstrates popular and successful AI approaches and models that you can adapt to detect potential attacks and protect your corporate systems. You'll learn about the role of machine learning and neural networks, as well as deep learning in cybersecurity, and you'll also learn how you can infuse AI capabilities into building smart defensive mechanisms. As you advance, you'll be able to apply these strategies across a variety of applications, including spam filters, network intrusion detection, botnet detection, and secure authentication.By the end of this book, you'll be ready to develop intelligent systems that can detect unusual and suspicious patterns and attacks, thereby developing strong network security defenses using AI.
Rahul Shetty
Java is one of the most commonly-used software languages by programmers and developers. Are you from a non-technical background and looking to master Java for your automation needs? Then Hands-On Automation Testing with Java for Beginners is for you.This book provides you with efficient techniques to effectively handle Java-related automation projects. You will learn how to handle strings and their functions in Java. As you make your way through the book, you will get to grips with classes and objects, along with their uses. In the concluding chapters, you will learn about the importance of inheritance and exceptions with practical examples. By the end of this book, you will have gained comprehensive knowledge of Java.
Harish Garg
Bitcoin is a cryptocurrency that’s changing the face of online payments. Hands-On Bitcoin Programming with Python teaches you to build software applications for mining and creating Bitcoins using Python.This book starts with the basics of both Bitcoin and blockchain and gives you an overview of these inherent concepts by showing you how to build Bitcoin-driven applications with Python. Packed with clear instructions and practical examples, you will learn to understand simple Python coding examples that work with this cryptocurrency.By the end of the book, you’ll be able to mine Bitcoins, accept Bitcoin payments on the app, and work with the basics of blockchain technology to create simply distributed ledgers.
Arjuna Sky Kok
Blockchain is seen as the main technological solution that works as a public ledger for all cryptocurrency transactions. This book serves as a practical guide to developing a full-fledged decentralized application with Python to interact with the various building blocks of blockchain applications.Hands-On Blockchain for Python Developers starts by demonstrating how blockchain technology and cryptocurrency hashing works. You will understand the fundamentals and benefits of smart contracts such as censorship resistance and transaction accuracy. As you steadily progress, you'll go on to build smart contracts using Vyper, which has a similar syntax to Python. This experience will further help you unravel the other benefits of smart contracts, including reliable storage and backup, and efficiency. You'll also use web3.py to interact with smart contracts and leverage the power of both the web3.py and Populus framework to build decentralized applications that offer security and seamless integration with cryptocurrencies. As you explore later chapters, you'll learn how to create your own token on top of Ethereum and build a cryptocurrency wallet graphical user interface (GUI) that can handle Ethereum and Ethereum Request for Comments (ERC-20) tokens using the PySide2 library. This will enable users to seamlessly store, send, and receive digital money. Toward the end, you'll implement InterPlanetary File System (IPFS) technology in your decentralized application to provide a peer-to-peer filesystem that can store and expose media.By the end of this book, you'll be well-versed in blockchain programming and be able to build end-to-end decentralized applications on a range of domains using Python.
Nitin Gaur, Luc Desrosiers, Venkatraman Ramakrishna, Petr...
Blockchain and Hyperledger technologies are hot topics today. Hyperledger Fabric and Hyperledger Composer are open source projects that help organizations create private, permissioned blockchain networks. These find application in finance, banking, supply chain, and IoT among several other sectors. This book will be an easy reference to explore and build blockchain networks using Hyperledger technologies.The book starts by outlining the evolution of blockchain, including an overview of relevant blockchain technologies. You will learn how to configure Hyperledger Fabric and become familiar with its architectural components. Using these components, you will learn to build private blockchain networks, along with the applications that connect to them. Starting from principles first, you’ll learn to design and launch a network, implement smart contracts in chaincode and much more. By the end of this book, you will be able to build and deploy your own decentralized applications, handling the key pain points encountered in the blockchain life cycle.
Himanshu Sharma, Joe Marshall
Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.You will learn about SQli, NoSQLi, XSS, XXE, and other forms of code injection. You’ll see how to create CSRF PoC HTML snippets, how to discover hidden content (and what to do with it once it’s found), and how to create the tools for automated pentesting work?ows.Then, you’ll format all of this information within the context of a bug report that will have the greatest chance of earning you cash. With detailed walkthroughs that cover discovering, testing, and reporting vulnerabilities, this book is ideal for aspiring security professionals. You should come away from this work with the skills you need to not only find the bugs you're looking for, but also the best bug bounty programs to participate in, and how to grow your skills moving forward in freelance security research.
Himanshu Sharma, Joe Marshall
Bug bounties have quickly become a critical part of the security economy. This book shows you how technical professionals with an interest in security can begin productively—and profitably—participating in bug bounty programs.You will learn about SQli, NoSQLi, XSS, XXE, and other forms of code injection. You’ll see how to create CSRF PoC HTML snippets, how to discover hidden content (and what to do with it once it’s found), and how to create the tools for automated pentesting work?ows.Then, you’ll format all of this information within the context of a bug report that will have the greatest chance of earning you cash. With detailed walkthroughs that cover discovering, testing, and reporting vulnerabilities, this book is ideal for aspiring security professionals. You should come away from this work with the skills you need to not only find the bugs you're looking for, but also the best bug bounty programs to participate in, and how to grow your skills moving forward in freelance security research.
Hands-On Cryptography with Python. Leverage the power of Python to encrypt and decrypt data
Samuel Bowne
Cryptography is essential for protecting sensitive information, but it is often performed inadequately or incorrectly. Hands-On Cryptography with Python starts by showing you how to encrypt and evaluate your data. The book will then walk you through various data encryption methods,such as obfuscation, hashing, and strong encryption, and will show how you can attack cryptographic systems. You will learn how to create hashes, crack them, and will understand why they are so different from each other. In the concluding chapters, you will use three NIST-recommended systems: the Advanced Encryption Standard (AES), the Secure Hash Algorithm (SHA), and the Rivest-Shamir-Adleman (RSA). By the end of this book, you will be able to deal with common errors in encryption.
Hands-On Cryptography with Python. Leverage the power of Python to encrypt and decrypt data
Samuel Bowne
Cryptography is essential for protecting sensitive information, but it is often performed inadequately or incorrectly. Hands-On Cryptography with Python starts by showing you how to encrypt and evaluate your data. The book will then walk you through various data encryption methods,such as obfuscation, hashing, and strong encryption, and will show how you can attack cryptographic systems. You will learn how to create hashes, crack them, and will understand why they are so different from each other. In the concluding chapters, you will use three NIST-recommended systems: the Advanced Encryption Standard (AES), the Secure Hash Algorithm (SHA), and the Rivest-Shamir-Adleman (RSA). By the end of this book, you will be able to deal with common errors in encryption.
Hands-On Cryptography with Python. Leverage the power of Python to encrypt and decrypt data
Samuel Bowne
Cryptography is essential for protecting sensitive information, but it is often performed inadequately or incorrectly. Hands-On Cryptography with Python starts by showing you how to encrypt and evaluate your data. The book will then walk you through various data encryption methods,such as obfuscation, hashing, and strong encryption, and will show how you can attack cryptographic systems. You will learn how to create hashes, crack them, and will understand why they are so different from each other. In the concluding chapters, you will use three NIST-recommended systems: the Advanced Encryption Standard (AES), the Secure Hash Algorithm (SHA), and the Rivest-Shamir-Adleman (RSA). By the end of this book, you will be able to deal with common errors in encryption.
Dr. Erdal Ozkaya, Milad Aslaner
Organizations have always been a target of cybercrime. Hands-On Cybersecurity for Finance teaches you how to successfully defend your system against common cyber threats, making sure your financial services are a step ahead in terms of security.The book begins by providing an overall description of cybersecurity, guiding you through some of the most important services and technologies currently at risk from cyber threats. Once you have familiarized yourself with the topic, you will explore specific technologies and threats based on case studies and real-life scenarios. As you progress through the chapters, you will discover vulnerabilities and bugs (including the human risk factor), gaining an expert-level view of the most recent threats. You'll then explore information on how you can achieve data and infrastructure protection. In the concluding chapters, you will cover recent and significant updates to procedures and configurations, accompanied by important details related to cybersecurity research and development in IT-based financial services.By the end of the book, you will have gained a basic understanding of the future of information security and will be able to protect financial services and their related infrastructures.