Hacking
Allister Banks
This book is intended for mobile security professionals who want to learn how to secure iOS operating systems and its applications. Any knowledge of iOS architecture would be an added advantage.
Learning Java Lambdas. An in-depth look at one of the most important features of modern Java
Toby Weston
In this short book, we take an in-depth look at lambdas in Java, and their supporting features. The book covers essential topics, such as functional interfaces and type inference, and the key differences between lambdas and closures. You will learn about the background to functional programming and lambdas, before moving on to understanding the basic syntax of lambdas and what differentiates these anonymous functions from standard anonymous classes. Lastly, you'll learn how to invoke lambdas and look at the bytecode generated.After reading this book, you'll understand lambdas in depth, their background, syntax, implementation details, and how and when to use them. You'll also have a clear knowledge of the difference between functions and classes, and why that's relevant to lambdas. This knowledge will enable you to appreciate the improvements to type inference that drive a lot of the new features in modern Java, and will increase your understanding of method references and scoping.
Raul Lapaz
With readily available services, support, and tools, Kubernetes has become a foundation for digital transformation and cloud-native development, but it brings significant security challenges such as breaches and supply chain attacks.This updated edition equips you with defense strategies to protect your applications and infrastructure while understanding the attacker mindset, including tactics like container escapes and exploiting vulnerabilities to compromise clusters. The author distills his 25+ years of experience to guide you through Kubernetes components, architecture, and networking, addressing authentication, authorization, image scanning, resource monitoring, and traffic sniffing. You’ll implement security controls using third-party plugins (krew) and tools like Falco, Tetragon, and Cilium. You’ll also secure core components, such as the kube-apiserver, CoreDNS, and kubelet, while hardening images, managing security contexts, and applying PodSecurityPolicy. Through practical examples, the book teaches advanced techniques like redirecting traffic from misconfigured clusters to rogue pods and enhances your support incident response with effective cluster monitoring and log analysis.By the end of the book, you'll have a solid grasp of container security as well as the skills to defend your clusters against evolving threats.
Monnappa K A
Malware analysis and memory forensics are powerful analysis and investigation techniques used in reverse engineering, digital forensics, and incident response. With adversaries becoming sophisticated and carrying out advanced malware attacks on critical infrastructures, data centers, and private and public organizations, detecting, responding to, and investigating such intrusions is critical to information security professionals. Malware analysis and memory forensics have become must-have skills to fight advanced malware, targeted attacks, and security breaches.This book teaches you the concepts, techniques, and tools to understand the behavior and characteristics of malware through malware analysis. It also teaches you techniques to investigate and hunt malware using memory forensics. This book introduces you to the basics of malware analysis, and then gradually progresses into the more advanced concepts of code analysis and memory forensics. It uses real-world malware samples, infected memory images, and visual diagrams to help you gain a better understanding of the subject and to equip you with the skills required to analyze, investigate, and respond to malware-related incidents.
Wojciech Kocjan
This is a beginner-level book, which will introduce Nagios to System Administrators who are interested in monitoring their systems. The focus is on teaching system administrators to secure their systems in a much improved manner incorporating the newer features of Nagios.It will teach Nagios beginners the basics of installation and configuration of version 3; it will show professionals who have already worked on earlier versions of Nagios the new features of Nagios like inheritance and also the new internal functions like better check scheduling. The target readers for this book are System Administrators interested in using Nagios. This book will introduce Nagios with the new features of Version 3 for System Administrators.
Samir Datt
We live in a highly networked world. Every digital device—phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network.The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to successfully close a case.
Samir Datt
We live in a highly networked world. Every digital device—phone, tablet, or computer is connected to each other, in one way or another. In this new age of connected networks, there is network crime. Network forensics is the brave new frontier of digital investigation and information security professionals to extend their abilities to catch miscreants on the network.The book starts with an introduction to the world of network forensics and investigations. You will begin by getting an understanding of how to gather both physical and virtual evidence, intercepting and analyzing network data, wireless data packets, investigating intrusions, and so on. You will further explore the technology, tools, and investigating methods using malware forensics, network tunneling, and behaviors. By the end of the book, you will gain a complete understanding of how to successfully close a case.
Christopher Duffy
Utilize Python scripting to execute effective and efficient penetration testsAbout This BookUnderstand how and where Python scripts meet the need for penetration testingFamiliarise yourself with the process of highlighting a specific methodology to exploit an environment to fetch critical dataDevelop your Python and penetration testing skills with real-world examplesWho This Book Is ForIf you are a security professional or researcher, with knowledge of different operating systems and a conceptual idea of penetration testing, and you would like to grow your knowledge in Python, then this book is ideal for you.What You Will LearnFamiliarise yourself with the generation of Metasploit resource filesUse the Metasploit Remote Procedure Call (MSFRPC) to automate exploit generation and executionUse Python’s Scapy, network, socket, office, Nmap libraries, and custom modulesParse Microsoft Office spreadsheets and eXtensible Markup Language (XML) data filesWrite buffer overflows and reverse Metasploit modules to expand capabilitiesExploit Remote File Inclusion (RFI) to gain administrative access to systems with Python and other scripting languagesCrack an organization’s Internet perimeterChain exploits to gain deeper access to an organization’s resourcesInteract with web services with PythonIn DetailPython is a powerful new-age scripting platform that allows you to build exploits, evaluate services, automate, and link solutions with ease. Python is a multi-paradigm programming language well suited to both object-oriented application development as well as functional design patterns. Because of the power and flexibility offered by it, Python has become one of the most popular languages used for penetration testing.This book highlights how you can evaluate an organization methodically and realistically. Specific tradecraft and techniques are covered that show you exactly when and where industry tools can and should be used and when Python fits a need that proprietary and open source solutions do not.Initial methodology, and Python fundamentals are established and then built on. Specific examples are created with vulnerable system images, which are available to the community to test scripts, techniques, and exploits. This book walks you through real-world penetration testing challenges and how Python can help.From start to finish, the book takes you through how to create Python scripts that meet relative needs that can be adapted to particular situations. As chapters progress, the script examples explain new concepts to enhance your foundational knowledge, culminating with you being able to build multi-threaded security tools, link security tools together, automate reports, create custom exploits, and expand Metasploit modules.Style and approachThis book is a practical guide that will help you become better penetration testers and/or Python security tool developers. Each chapter builds on concepts and tradecraft using detailed examples in test environments that you can simulate.
Aditya Gupta
This is an easy-to-follow guide, full of hands-on and real-world examples of applications. Each of the vulnerabilities discussed in the book is accompanied with the practical approach to the vulnerability, and the underlying security issue. This book is intended for all those who are looking to get started in Android security or Android application penetration testing. You don’t need to be an Android developer to learn from this book, but it is highly recommended that developers have some experience in order to learn how to create secure applications for Android.
Learning Puppet Security. Secure your IT environments with the powerful security tools of Puppet
Jason Slagle
If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.
Preston Miller, Chapin Bryce
This book will illustrate how and why you should learn Python to strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials. The tutorials use an interactive design, giving you experience of the development process so you gain a better understanding of what it means to be a forensic developer.Each chapter walks you through a forensic artifact and one or more methods to analyze the evidence. It also provides reasons why one method may be advantageous over another. We cover common digital forensics and incident response scenarios, with scripts that can be used to tackle case work in the field. Using built-in and community-sourced libraries, you will improve your problem solving skills with the addition of the Python scripting language. In addition, we provide resources for further exploration of each script so you can understand what further purposes Python can serve. With this knowledge, you can rapidly develop and deploy solutions to identify critical information and fine-tune your skill set as an examiner.
Preston Miller, Chapin Bryce
Digital forensics plays an integral role in solving complex cybercrimes and helping organizations make sense of cybersecurity incidents. This second edition of Learning Python for Forensics illustrates how Python can be used to support these digital investigations and permits the examiner to automate the parsing of forensic artifacts to spend more time examining actionable data.The second edition of Learning Python for Forensics will illustrate how to develop Python scripts using an iterative design. Further, it demonstrates how to leverage the various built-in and community-sourced forensics scripts and libraries available for Python today. This book will help strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials.By the end of this book, you will build a collection of Python scripts capable of investigating an array of forensic artifacts and master the skills of extracting metadata and parsing complex data structures into actionable reports. Most importantly, you will have developed a foundation upon which to build as you continue to learn Python and enhance your efficacy as an investigator.
Preston Miller, Chapin Bryce
Digital forensics plays an integral role in solving complex cybercrimes and helping organizations make sense of cybersecurity incidents. This second edition of Learning Python for Forensics illustrates how Python can be used to support these digital investigations and permits the examiner to automate the parsing of forensic artifacts to spend more time examining actionable data.The second edition of Learning Python for Forensics will illustrate how to develop Python scripts using an iterative design. Further, it demonstrates how to leverage the various built-in and community-sourced forensics scripts and libraries available for Python today. This book will help strengthen your analysis skills and efficiency as you creatively solve real-world problems through instruction-based tutorials.By the end of this book, you will build a collection of Python scripts capable of investigating an array of forensic artifacts and master the skills of extracting metadata and parsing complex data structures into actionable reports. Most importantly, you will have developed a foundation upon which to build as you continue to learn Python and enhance your efficacy as an investigator.
Learning Python Web Penetration Testing. Automate web penetration testing activities using Python
Christian Martorella
Web penetration testing is the use of tools and code to attack a website or web app in order to assess its vulnerability to external threats. While there are an increasing number of sophisticated, ready-made tools to scan systems for vulnerabilities, the use of Python allows you to write system-specific scripts, or alter and extend existing testing tools to find, exploit, and record as many security weaknesses as possible. Learning Python Web Penetration Testing will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for each activity throughout the process. The book begins by emphasizing the importance of knowing how to write your own tools with Python for web application penetration testing. You will then learn to interact with a web application using Python, understand the anatomy of an HTTP request, URL, headers and message body, and later create a script to perform a request, and interpret the response and its headers. As you make your way through the book, you will write a web crawler using Python and the Scrappy library. The book will also help you to develop a tool to perform brute force attacks in different parts of the web application. You will then discover more on detecting and exploiting SQL injection vulnerabilities. By the end of this book, you will have successfully created an HTTP proxy based on the mitmproxy tool.
Learning Python Web Penetration Testing. Automate web penetration testing activities using Python
Christian Martorella
Web penetration testing is the use of tools and code to attack a website or web app in order to assess its vulnerability to external threats. While there are an increasing number of sophisticated, ready-made tools to scan systems for vulnerabilities, the use of Python allows you to write system-specific scripts, or alter and extend existing testing tools to find, exploit, and record as many security weaknesses as possible. Learning Python Web Penetration Testing will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for each activity throughout the process. The book begins by emphasizing the importance of knowing how to write your own tools with Python for web application penetration testing. You will then learn to interact with a web application using Python, understand the anatomy of an HTTP request, URL, headers and message body, and later create a script to perform a request, and interpret the response and its headers. As you make your way through the book, you will write a web crawler using Python and the Scrappy library. The book will also help you to develop a tool to perform brute force attacks in different parts of the web application. You will then discover more on detecting and exploiting SQL injection vulnerabilities. By the end of this book, you will have successfully created an HTTP proxy based on the mitmproxy tool.
Miroslav Vitula
A penetration test is one of the most important methods to secure a network or any individual machine. Having knowledge of these methods can enable a user to protect himself/herself from any kinds of attacks. Penetration tests can also be used to discover flaws or loop holes in one's security system, which if not fixed, can be exploited by an unwanted entity.This book starts off with an introduction to what penetration testing is, and how it can be performed on Android using zANTI2. Once you are aware of the basics, we move on to teach you the different types of scans that can be performed to search for targets. You will then learn how to connect to open ports and intrude into an unsecured computer. From here you will explore vulnerabilities and their usage, including ShellShock and SSL Poodle vulnerability.When connected to an open network, a user is susceptible to password and session hijacking, and a number of other cyber attacks. The book therefore ends with one of the main aspects of cyber security: the Man in the Middle attack. You will get to know everything about the MITM attack, how it works, and how one can be protected against it.
Selma Lagerlöf
Klasyczny tekst w nowoczesnej formie ebooka. Pobierz go już dziś na swój podręczny czytnik i ciesz się lekturą!
Linux Networking Cookbook. Over 40 recipes to help you set up and configure Linux networks
Gregory Boyce
Linux can be configured as a networked workstation, a DNS server, a mail server, a firewall, a gateway router, and many other things. These are all part of administration tasks, hence network administration is one of the main tasks of Linux system administration. By knowing how to configure system network interfaces in a reliable and optimal manner, Linux administrators can deploy and configure several network services including file, web, mail, and servers while working in large enterprise environments.Starting with a simple Linux router that passes traffic between two private networks, you will see how to enable NAT on the router in order to allow Internet access from the network, and will also enable DHCP on the network to ease configuration of client systems. You will then move on to configuring your own DNS server on your local network using bind9 and tying it into your DHCP server to allow automatic configuration of local hostnames. You will then future enable your network by setting up IPv6 via tunnel providers.Moving on, we’ll configure Samba to centralize authentication for your network services; we will also configure Linux client to leverage it for authentication, and set up a RADIUS server that uses the directory server for authentication.Toward the end, you will have a network with a number of services running on it, and will implement monitoring in order to detect problems as they occur.
Linux Shell Scripting for Hackers. Automate and scale your hacking process with bash scripting
Valentine (Traw) Nachi, Donald A. Tevault
Mastering bash scripting is a powerful skill that separates professional hackers from the rest. This comprehensive guide explores bash scripting in depth, equipping you with the knowledge and tools you need to automate complex tasks, streamline workflows, and craft custom utilities.The book takes you on a journey through advanced scripting techniques, while helping you master the command line and use practical examples that showcase real-world applications. From automating reconnaissance processes to creating custom exploitation tools, this book provides you with the skills to tackle even the most daunting challenges. You’ll discover how to utilize bash, awk, sed, and regular expressions to manipulate data, parse logs, and extract valuable information. A dedicated section also focuses on network scripting, helping you craft scripts that interact with remote systems, scan, and gather information.By the end of this bash scripting book, you’ll be able to apply your newfound knowledge to tackle realistic scenarios, honing your skills and preparing for the front lines of cybersecurity.
Linux Shell Scripting for Hackers. Automate and scale your hacking process with bash scripting
Valentine (Traw) Nachi, Donald A. Tevault
Mastering bash scripting is a powerful skill that separates professional hackers from the rest. This comprehensive guide explores bash scripting in depth, equipping you with the knowledge and tools you need to automate complex tasks, streamline workflows, and craft custom utilities.The book takes you on a journey through advanced scripting techniques, while helping you master the command line and use practical examples that showcase real-world applications. From automating reconnaissance processes to creating custom exploitation tools, this book provides you with the skills to tackle even the most daunting challenges. You’ll discover how to utilize bash, awk, sed, and regular expressions to manipulate data, parse logs, and extract valuable information. A dedicated section also focuses on network scripting, helping you craft scripts that interact with remote systems, scan, and gather information.By the end of this bash scripting book, you’ll be able to apply your newfound knowledge to tackle realistic scenarios, honing your skills and preparing for the front lines of cybersecurity.
Linux Shell Scripting for Hackers. Automate and scale your hacking process with bash scripting
Valentine (Traw) Nachi, Donald A. Tevault
Mastering bash scripting is a powerful skill that separates professional hackers from the rest. This comprehensive guide explores bash scripting in depth, equipping you with the knowledge and tools you need to automate complex tasks, streamline workflows, and craft custom utilities.The book takes you on a journey through advanced scripting techniques, while helping you master the command line and use practical examples that showcase real-world applications. From automating reconnaissance processes to creating custom exploitation tools, this book provides you with the skills to tackle even the most daunting challenges. You’ll discover how to utilize bash, awk, sed, and regular expressions to manipulate data, parse logs, and extract valuable information. A dedicated section also focuses on network scripting, helping you craft scripts that interact with remote systems, scan, and gather information.By the end of this bash scripting book, you’ll be able to apply your newfound knowledge to tackle realistic scenarios, honing your skills and preparing for the front lines of cybersecurity.
Linux Shell Scripting for Hackers. Automate and scale your hacking process with bash scripting
Valentine (Traw) Nachi, Donald A. Tevault
Mastering bash scripting is a powerful skill that separates professional hackers from the rest. This comprehensive guide explores bash scripting in depth, equipping you with the knowledge and tools you need to automate complex tasks, streamline workflows, and craft custom utilities.The book takes you on a journey through advanced scripting techniques, while helping you master the command line and use practical examples that showcase real-world applications. From automating reconnaissance processes to creating custom exploitation tools, this book provides you with the skills to tackle even the most daunting challenges. You’ll discover how to utilize bash, awk, sed, and regular expressions to manipulate data, parse logs, and extract valuable information. A dedicated section also focuses on network scripting, helping you craft scripts that interact with remote systems, scan, and gather information.By the end of this bash scripting book, you’ll be able to apply your newfound knowledge to tackle realistic scenarios, honing your skills and preparing for the front lines of cybersecurity.