Hacking
Łamanie i zabezpieczanie aplikacji w systemie iOS
Jonathan Zdziarski
Twoja lektura obowiązkowa! iOS to obecnie jeden z najpopularniejszych systemów operacyjnych, wykorzystywany w urządzeniach firmy Apple. Jednak dzięki tej popularności jest on też łakomym kąskiem dla hakerów. Uzyskanie dostępu do danych przechowywanych w telefonie może mieć katastrofalne skutki. Dlatego jeżeli tworzysz aplikacje na platformę iOS, ta książka jest dla Ciebie pozycją obowiązkową. Jak obronić się przed atakiem? Wszystkie niezbędne informacje znajdziesz w tym wyjątkowym podręczniku. W trakcie lektury dowiesz się, jak działają hakerzy, jak wyszukują słabe punkty aplikacji oraz jak modyfikują jej kod. Ponadto nauczysz się utrudniać śledzenie kodu Twojej aplikacji oraz bezpiecznie usuwać pliki (tak, aby nie było możliwe ich odtworzenie). Wśród poruszanych tematów znajdziesz również te związane z transmisją danych: wykorzystanie protokołu SSL to nie wszystko, musisz zadbać także o to, żeby nie było możliwe przejęcie sesji SSL. Weź książkę do ręki i obroń się przed atakiem! Dzięki tej książce: zrozumiesz, jak działają hakerzy zabezpieczysz swoją aplikację przez nieuprawnionymi zmianami ochronisz swoje bezpieczne połączenia bezpowrotnie usuniesz niepotrzebne pliki zagwarantujesz bezpieczeństwo danych użytkownikom Twojej aplikacji Zadbaj o bezpieczeństwo danych użytkowników Twojej aplikacji!
Emmanuel Tsukerman
Organizations today face a major threat in terms of cybersecurity, from malicious URLs to credential reuse, and having robust security systems can make all the difference. With this book, you'll learn how to use Python libraries such as TensorFlow and scikit-learn to implement the latest artificial intelligence (AI) techniques and handle challenges faced by cybersecurity researchers.You'll begin by exploring various machine learning (ML) techniques and tips for setting up a secure lab environment. Next, you'll implement key ML algorithms such as clustering, gradient boosting, random forest, and XGBoost. The book will guide you through constructing classifiers and features for malware, which you'll train and test on real samples. As you progress, you'll build self-learning, reliant systems to handle cybersecurity tasks such as identifying malicious URLs, spam email detection, intrusion detection, network protection, and tracking user and process behavior. Later, you'll apply generative adversarial networks (GANs) and autoencoders to advanced security tasks. Finally, you'll delve into secure and private AI to protect the privacy rights of consumers using your ML models. By the end of this book, you'll have the skills you need to tackle real-world problems faced in the cybersecurity domain using a recipe-based approach.
John Paul Mueller, Rod Stephens
Businesses are leveraging the power of AI to make undertakings that used to be complicated and pricy much easier, faster, and cheaper. The first part of this book will explore these processes in more depth, which will help you in understanding the role security plays in machine learning.As you progress to the second part, you’ll learn more about the environments where ML is commonly used and dive into the security threats that plague them using code, graphics, and real-world references.The next part of the book will guide you through the process of detecting hacker behaviors in the modern computing environment, where fraud takes many forms in ML, from gaining sales through fake reviews to destroying an adversary’s reputation. Once you’ve understood hacker goals and detection techniques, you’ll learn about the ramifications of deep fakes, followed by mitigation strategies.This book also takes you through best practices for embracing ethical data sourcing, which reduces the security risk associated with data. You’ll see how the simple act of removing personally identifiable information (PII) from a dataset lowers the risk of social engineering attacks.By the end of this machine learning book, you'll have an increased awareness of the various attacks and the techniques to secure your ML systems effectively.
Malware Analysis Techniques. Tricks for the triage of adversarial software
Dylan Barker
Malicious software poses a threat to every enterprise globally. Its growth is costing businesses millions of dollars due to currency theft as a result of ransomware and lost productivity. With this book, you'll learn how to quickly triage, identify, attribute, and remediate threats using proven analysis techniques. Malware Analysis Techniques begins with an overview of the nature of malware, the current threat landscape, and its impact on businesses. Once you've covered the basics of malware, you'll move on to discover more about the technical nature of malicious software, including static characteristics and dynamic attack methods within the MITRE ATT&CK framework. You'll also find out how to perform practical malware analysis by applying all that you've learned to attribute the malware to a specific threat and weaponize the adversary's indicators of compromise (IOCs) and methodology against them to prevent them from attacking. Finally, you'll get to grips with common tooling utilized by professional malware analysts and understand the basics of reverse engineering with the NSA's Ghidra platform. By the end of this malware analysis book, you’ll be able to perform in-depth static and dynamic analysis and automate key tasks for improved defense against attacks.
Malware Analysis Techniques. Tricks for the triage of adversarial software
Dylan Barker
Malicious software poses a threat to every enterprise globally. Its growth is costing businesses millions of dollars due to currency theft as a result of ransomware and lost productivity. With this book, you'll learn how to quickly triage, identify, attribute, and remediate threats using proven analysis techniques. Malware Analysis Techniques begins with an overview of the nature of malware, the current threat landscape, and its impact on businesses. Once you've covered the basics of malware, you'll move on to discover more about the technical nature of malicious software, including static characteristics and dynamic attack methods within the MITRE ATT&CK framework. You'll also find out how to perform practical malware analysis by applying all that you've learned to attribute the malware to a specific threat and weaponize the adversary's indicators of compromise (IOCs) and methodology against them to prevent them from attacking. Finally, you'll get to grips with common tooling utilized by professional malware analysts and understand the basics of reverse engineering with the NSA's Ghidra platform. By the end of this malware analysis book, you’ll be able to perform in-depth static and dynamic analysis and automate key tasks for improved defense against attacks.
Zhassulan Zhussupov
Malware Development for Ethical Hackers is a comprehensive guide to the dark side of cybersecurity within an ethical context.This book takes you on a journey through the intricate world of malware development, shedding light on the techniques and strategies employed by cybercriminals. As you progress, you’ll focus on the ethical considerations that ethical hackers must uphold. You’ll also gain practical experience in creating and implementing popular techniques encountered in real-world malicious applications, such as Carbanak, Carberp, Stuxnet, Conti, Babuk, and BlackCat ransomware. This book will also equip you with the knowledge and skills you need to understand and effectively combat malicious software.By the end of this book, you'll know the secrets behind malware development, having explored the intricate details of programming, evasion techniques, persistence mechanisms, and more.*Email sign-up and proof of purchase required
Dominik Robakowski
Kryptologia jest trudna? Może, ale na pewno nie z tą książką! Jeśli słowo "szyfr" budzi w Tobie przyjemny dreszczyk emocji, mamy dla Ciebie prawdziwą gratkę. Już za chwilę poznasz największe tajemnice ludzkości. Prezentowane w tej książce tajemnicze kody służyły dyplomatom, armiom pierwszej i drugiej wojny światowej, wreszcie zimnowojennym szpiegom. Były kamyczkami, które wywołały lawinę rewolucji informatycznej. Bez żadnej przesady - oto szyfry, które decydowały o losach świata. I wciąż o nich decydują. Kryptologia bardzo intensywnie się rozwija. Dziś jest wręcz niezbędna do naszego funkcjonowania. Warto poznać jej podstawy, tak samo jak wypada się orientować w historii, fizyce czy biologii - choćby po to, by być na bieżąco ze współczesną nauką. Poza tym szyfrowanie i deszyfrowanie stanowi znakomitą gimnastykę dla umysłu i dobry sposób na kreatywne spędzenie czasu. Co więcej, prezentowane sposoby ukrywania wiadomości mogą nadal służyć zgodnie ze swoim pierwotnym przeznaczeniem - do ukrywania tego, co niekoniecznie chcemy przekazać wprost...
Dominik Robakowski
Kryptologia jest trudna? Może, ale na pewno nie z tą książką! Jeśli słowo "szyfr" budzi w Tobie przyjemny dreszczyk emocji, mamy dla Ciebie prawdziwą gratkę. Już za chwilę poznasz największe tajemnice ludzkości. Prezentowane w tej książce tajemnicze kody służyły dyplomatom, armiom pierwszej i drugiej wojny światowej, wreszcie zimnowojennym szpiegom. Były kamyczkami, które wywołały lawinę rewolucji informatycznej. Bez żadnej przesady - oto szyfry, które decydowały o losach świata. I wciąż o nich decydują. Kryptologia bardzo intensywnie się rozwija. Dziś jest wręcz niezbędna do naszego funkcjonowania. Warto poznać jej podstawy, tak samo jak wypada się orientować w historii, fizyce czy biologii - choćby po to, by być na bieżąco ze współczesną nauką. Poza tym szyfrowanie i deszyfrowanie stanowi znakomitą gimnastykę dla umysłu i dobry sposób na kreatywne spędzenie czasu. Co więcej, prezentowane sposoby ukrywania wiadomości mogą nadal służyć zgodnie ze swoim pierwotnym przeznaczeniem - do ukrywania tego, co niekoniecznie chcemy przekazać wprost...
Andrew Block, Austin Dewey, Rimantas Mocevicius "rimusz"
Containerization is one of the best ways to implement DevOps, and learning how to execute it effectively is an essential part of a developer’s skillset. Kubernetes is the current industry standard for container orchestration. This book will help you discover the efficiency of managing applications running on Kubernetes with Helm.Starting with a brief introduction to Helm and its impact on users working with containers and Kubernetes, you’ll delve into the primitives of Helm charts and their architecture and use cases. From there, you’ll understand how to write Helm charts in order to automate application deployment on Kubernetes and work your way toward more advanced strategies. These enterprise-ready patterns are focused on concepts beyond the basics so that you can use Helm optimally, looking at topics related to automation, application development, delivery, lifecycle management, and security.By the end of this book, you’ll have learned how to leverage Helm to build, deploy, and manage applications on Kubernetes.
Ashish Kumar, Shashank Kumar, Abbas Kudrati, Sarah...
With the rapid pace of digital change today, especially since the pandemic sped up digital transformation and technologies, it has become more important than ever to be aware of the unknown risks and the landscape of digital threats. This book highlights various risks and shows how business-as-usual operations carried out by unaware or targeted workers can lead your organization to a regulatory or business risk, which can impact your organization’s reputation and balance sheet.This book is your guide to identifying the topmost risks relevant to your business with a clear roadmap of when to start the risk mitigation process and what your next steps should be. With a focus on the new and emerging risks that remote-working companies are experiencing across diverse industries, you’ll learn how to manage risks by taking advantage of zero trust network architecture and the steps to be taken when smart devices are compromised. Toward the end, you’ll explore various types of AI-powered machines and be ready to make your business future-proof.In a nutshell, this book will direct you on how to identify and mitigate risks that the ever- advancing digital technology has unleashed.
Mastering AWS Security. Create and maintain a secure cloud ecosystem
Albert Anthony
Mastering AWS Security starts with a deep dive into the fundamentals of the shared security responsibility model. This book tells you how you can enable continuous security, continuous auditing, and continuous compliance by automating your security in AWS with the tools, services, and features it provides.Moving on, you will learn about access control in AWS for all resources. You will also learn about the security of your network, servers, data and applications in the AWS cloud using native AWS security services. By the end of this book, you will understand the complete AWS Security landscape, covering all aspects of end - to -end software and hardware security along with logging, auditing, and compliance of your entire IT environment in the AWS cloud. Lastly, the book will wrap up with AWS best practices for security.
Laurent Mathieu
If you’re trying to navigate the complex world of AWS security and fortify your organizational cloud environment, then this book is for you. Written by an accomplished cybersecurity and AWS cloud consultant, Mastering AWS Security will help you understand and master the complexities of AWS security. This book offers an in-depth and practical exploration of AWS security concepts, features, and services, focusing on how they apply to modern cloud-based application environments. As you progress, you’ll gain a thorough introduction to the art of security automation and DevSecOps. You’ll learn how to automate security tasks, integrate security into your development process, and maintain a high level of security as your applications evolve and scale. Emphasizing continuous monitoring and improvement, this book will teach you how to set up monitoring systems, interpret security data, and make informed decisions to enhance your security over time. Through real-world case studies, you’ll learn how to tackle the challenges and find solutions for securing AWS environments. By the end of this book, you’ll confidently secure your AWS environments, and stay up to date with the latest security trends and updates in the AWS ecosystem.
Mastering Azure Security. Keeping your Microsoft Azure workloads safe - Second Edition
Mustafa Toroman, Tom Janetscheck
Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.
Mastering Azure Security. Keeping your Microsoft Azure workloads safe - Second Edition
Mustafa Toroman, Tom Janetscheck
Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.
Imran Bashir
Blockchain is the backbone of cryptocurrencies, with applications in finance, government, media, and other industries. With a legacy of providing technologists with executable insights, this new edition of Mastering Blockchain is thoroughly revised and updated to the latest blockchain research with four new chapters on consensus algorithms, Serenity (the update that will introduce Ethereum 2.0), tokenization, and enterprise blockchains.This book covers the basics, including blockchain’s technical underpinnings, cryptography and consensus protocols. It also provides you with expert knowledge on decentralization, decentralized application development on Ethereum, Bitcoin, alternative coins, smart contracts, alternative blockchains, and Hyperledger.Further, you will explore blockchain solutions beyond cryptocurrencies such as the Internet of Things with blockchain, enterprise blockchains, tokenization using blockchain, and consider the future scope of this fascinating and disruptive technology.By the end of this book, you will have gained a thorough comprehension of the various facets of blockchain and understand their potential in diverse real-world scenarios.
Imran Bashir
Blockchain is the backbone of cryptocurrencies, with applications in finance, government, media, and more. With a legacy of providing technologists with executable insights, this new edition of Mastering Blockchain is thoroughly revised and updated according to the latest blockchain research. With new chapters on decentralized finance, decentralized identity, blockchain privacy, scalability, security, and bonus online content exploring alternative blockchains, this is an unmissable read for everyone who wants to gain a deep understanding of blockchain.Although this book covers the basics, including blockchain's technical underpinnings, cryptography, and consensus protocols, it doesn’t shy away from advanced topics and practical expertise, such as decentralized application (DApp) development using smart contracts. Throughout the book, you’ll explore blockchain solutions beyond cryptocurrencies, such as the Internet of Things (IoT) with blockchain, enterprise blockchains, and tokenization, and gain insight into the future scope of this fascinating and disruptive technology.By the end of this blockchain book, you will have gained a thorough understanding of the various facets of blockchain and understand the potential of this technology in diverse real-world scenarios.
Imran Bashir
Blockchain is a distributed database that enables permanent, transparent, and secure storage of data. The blockchain technology is the backbone of cryptocurrency – in fact, it’s the shared public ledger upon which the entire Bitcoin network relies – and it’s gaining popularity with people who work in finance, government, and the arts.Blockhchain technology uses cryptography to keep data secure. This book gives a detailed description of this leading technology and its implementation in the real world.This book begins with the technical foundations of blockchain, teaching you the fundamentals of cryptography and how it keeps data secure. You will learn about the mechanisms behind cryptocurrencies and how to develop applications using Ethereum, a decentralized virtual machine. You will explore different blockchain solutions and get an exclusive preview into Hyperledger, an upcoming blockchain solution from IBM and the Linux Foundation. You will also be shown how to implement blockchain beyond currencies, scability with blockchain, and the future scope of this fascinating and powerful technology.
Imran Bashir
Publisher's Note: This edition from 2018 is outdated and does not cover the latest insights on consensus algorithms, Ethereum 2.0, tokenization, and enterprise blockchains. A new and updated edition of this book that includes all the newest developments and improvements in Blockchain including the above topics is now available.A blockchain is a distributed ledger that is replicated across multiple nodes and enables immutable, transparent and cryptographically secure record-keeping of transactions. The blockchain technology is the backbone of cryptocurrencies, and it has applications in finance, government, media and almost all other industries. Mastering Blockchain, Second Edition has been thoroughly updated and revised to provide a detailed description of this leading technology and its implementation in the real world. This book begins with the technical foundations of blockchain technology, teaching you the fundamentals of distributed systems, cryptography and how it keeps data secure. You will learn about the mechanisms behind cryptocurrencies and how to develop applications using Ethereum, a decentralized virtual machine. You will also explore different other blockchain solutions and get an introduction to business blockchain frameworks under Hyperledger, a collaborative effort for the advancement of blockchain technologies hosted by the Linux Foundation. You will also be shown how to implement blockchain solutions beyond currencies, Internet of Things with blockchain, blockchain scalability, and the future scope of this fascinating and powerful technology.
Jitendra Chittoda
Solidity is among the most popular and contract-oriented programming languages used for writing decentralized applications (DApps) on Ethereum blockchain. If you’re looking to perfect your skills in writing professional-grade smart contracts using Solidity, this book can help.You will get started with a detailed introduction to blockchain, smart contracts, and Ethereum, while also gaining useful insights into the Solidity programming language. A dedicated section will then take you through the different Ethereum Request for Comments (ERC) standards, including ERC-20, ERC-223, and ERC-721, and demonstrate how you can choose among these standards while writing smart contracts. As you approach later chapters, you will cover the different smart contracts available for use in libraries such as OpenZeppelin. You’ll also learn to use different open source tools to test, review and improve the quality of your code and make it production-ready. Toward the end of this book, you’ll get to grips with techniques such as adding security to smart contracts, and gain insights into various security considerations. By the end of this book, you will have the skills you need to write secure, production-ready smart contracts in Solidity from scratch for decentralized applications on Ethereum blockchain.