Hacking

Mastering Azure Security. Keeping your Microsoft Azure workloads safe - Second Edition

Mustafa Toroman, Tom Janetscheck

Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.

Mastering Azure Security. Keeping your Microsoft Azure workloads safe - Second Edition

Mustafa Toroman, Tom Janetscheck

Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.

Mastering Blockchain. A deep dive into distributed ledgers, consensus protocols, smart contracts, DApps, cryptocurrencies, Ethereum, and more - Third Edition

Imran Bashir

Blockchain is the backbone of cryptocurrencies, with applications in finance, government, media, and other industries. With a legacy of providing technologists with executable insights, this new edition of Mastering Blockchain is thoroughly revised and updated to the latest blockchain research with four new chapters on consensus algorithms, Serenity (the update that will introduce Ethereum 2.0), tokenization, and enterprise blockchains.This book covers the basics, including blockchain’s technical underpinnings, cryptography and consensus protocols. It also provides you with expert knowledge on decentralization, decentralized application development on Ethereum, Bitcoin, alternative coins, smart contracts, alternative blockchains, and Hyperledger.Further, you will explore blockchain solutions beyond cryptocurrencies such as the Internet of Things with blockchain, enterprise blockchains, tokenization using blockchain, and consider the future scope of this fascinating and disruptive technology.By the end of this book, you will have gained a thorough comprehension of the various facets of blockchain and understand their potential in diverse real-world scenarios.

Mastering Blockchain. Deeper insights into decentralization, cryptography, Bitcoin, and popular Blockchain frameworks

Imran Bashir

Blockchain is a distributed database that enables permanent, transparent, and secure storage of data. The blockchain technology is the backbone of cryptocurrency – in fact, it’s the shared public ledger upon which the entire Bitcoin network relies – and it’s gaining popularity with people who work in finance, government, and the arts.Blockhchain technology uses cryptography to keep data secure. This book gives a detailed description of this leading technology and its implementation in the real world.This book begins with the technical foundations of blockchain, teaching you the fundamentals of cryptography and how it keeps data secure. You will learn about the mechanisms behind cryptocurrencies and how to develop applications using Ethereum, a decentralized virtual machine. You will explore different blockchain solutions and get an exclusive preview into Hyperledger, an upcoming blockchain solution from IBM and the Linux Foundation. You will also be shown how to implement blockchain beyond currencies, scability with blockchain, and the future scope of this fascinating and powerful technology.

Mastering Blockchain. Distributed ledger technology, decentralization, and smart contracts explained - Second Edition

Ankur Daharwal, Imran Bashir, Pranav Burnwal

Publisher's Note: This edition from 2018 is outdated and does not cover the latest insights on consensus algorithms, Ethereum 2.0, tokenization, and enterprise blockchains. A new and updated edition of this book that includes all the newest developments and improvements in Blockchain including the above topics is now available.A blockchain is a distributed ledger that is replicated across multiple nodes and enables immutable, transparent and cryptographically secure record-keeping of transactions. The blockchain technology is the backbone of cryptocurrencies, and it has applications in finance, government, media and almost all other industries. Mastering Blockchain, Second Edition has been thoroughly updated and revised to provide a detailed description of this leading technology and its implementation in the real world. This book begins with the technical foundations of blockchain technology, teaching you the fundamentals of distributed systems, cryptography and how it keeps data secure. You will learn about the mechanisms behind cryptocurrencies and how to develop applications using Ethereum, a decentralized virtual machine. You will also explore different other blockchain solutions and get an introduction to business blockchain frameworks under Hyperledger, a collaborative effort for the advancement of blockchain technologies hosted by the Linux Foundation. You will also be shown how to implement blockchain solutions beyond currencies, Internet of Things with blockchain, blockchain scalability, and the future scope of this fascinating and powerful technology.

Mastering Blockchain, Fourth Edition. Inner workings of blockchain, from cryptography and decentralized identities, to DeFi, NFTs and Web3 - Fourth Edition

Imran Bashir

Blockchain is the backbone of cryptocurrencies, it has had a massive impact in many sectors, including finance, supply chains, healthcare, government, and media. It’s also being used for cutting edge technologies such as AI and IoT. This new edition is thoroughly revised to offer a practical approach to using Ethereum, Hyperledger, Fabric, and Corda with step-by-step tutorials and real-world use-cases to help you understand everything you need to know about blockchain development and implementation. With new chapters on Decentralized Finance and solving privacy, identity, and security issues, as well as bonus online content exploring alternative blockchains, this is an unmissable read for everyone who wants to gain a deep understanding of blockchain.The book doesn’t shy away from advanced topics and practical expertise, such as decentralized application (DApp) development using smart contracts and oracles, and emerging trends in the blockchain space. Throughout the book, you’ll explore blockchain solutions beyond cryptocurrencies, such as the IoT with blockchain, enterprise blockchains, and tokenization, and gain insight into the future scope of this fascinating and disruptive technology.By the end of this blockchain book, you will have gained a thorough comprehension of the various facets of blockchain and understand the potential of this technology in diverse real-world scenarios.

Mastering Blockchain Programming with Solidity. Write production-ready smart contracts for Ethereum blockchain with Solidity

Jitendra Chittoda

Solidity is among the most popular and contract-oriented programming languages used for writing decentralized applications (DApps) on Ethereum blockchain. If you’re looking to perfect your skills in writing professional-grade smart contracts using Solidity, this book can help.You will get started with a detailed introduction to blockchain, smart contracts, and Ethereum, while also gaining useful insights into the Solidity programming language. A dedicated section will then take you through the different Ethereum Request for Comments (ERC) standards, including ERC-20, ERC-223, and ERC-721, and demonstrate how you can choose among these standards while writing smart contracts. As you approach later chapters, you will cover the different smart contracts available for use in libraries such as OpenZeppelin. You’ll also learn to use different open source tools to test, review and improve the quality of your code and make it production-ready. Toward the end of this book, you’ll get to grips with techniques such as adding security to smart contracts, and gain insights into various security considerations. By the end of this book, you will have the skills you need to write secure, production-ready smart contracts in Solidity from scratch for decentralized applications on Ethereum blockchain.

Mastering C++ Programming. Modern C++ 17 at your fingertips

Jeganathan Swaminathan

C++ ? ?has ? ?come ? ?a ? ?long ? ?way ? ?and ? ?has ? ?now ? ?been ? ?adopted ? ?in ? ?several ? ?contexts. Its ? ?key ? ?strengths ? ?are ? ?its ? ?software ? ?infrastructure ? ?and ? ?resource-constrained applications. ? ?The ?C++ ? ?17 ? ?release ? ?will ? ?change ? ?the ? ?way ? ?developers ? ?write code, ? ?and ? ?this ? ?book ? ?will ? ?help ?you ? ?master ? ?your ? ?developing ? ?skills ? ?with ? ?C++. With ? ?real-world, ? ?practical ? ?examples ? ?explaining ? ?each ? ?concept, ? ?the ? ?book ? ?will begin ? ?by ? ?introducing ? ?you ? ?to ? ?the ? ?latest ? ?features ? ?in ? ?C++ ? ?17. ? ?It ? ?encourages clean ? ?code ? ?practices ? ?in ? ?C++ ? ?in ? ?general, ? ?and ? ?demonstrates ? ?the ? ?GUI app-development ? ?options ? ?in ? ?C++. ? ?You’ll ? ?get ? ?tips ? ?on ? ?avoiding ? ?memory ? ?leaks using ? ?smart-pointers. ? ?Next, ? ?you’ll ? ?see ? ?how ? ?multi-threaded ?programming can ? ?help ? ?you ? ?achieve ? ?concurrency ? ?in ? ?your ? ?applications. Moving ? ?on, ? ?you’ll ? ?get ? ?an ? ?in-depth ? ?understanding ? ?of ? ?the ? ?C++ ? ?Standard Template ? ?Library. ? ?We ? ?show ? ?you ? ?the ? ?concepts ? ?of ? ?implementing ? ?TDD ? ?and BDD ? ?in ? ?your ? ?C++ ? ?programs, ? ?and ? ?explore ? ?template-based ? ?generic programming, ? ?giving ? ?you ? ?the ? ?expertise ? ?to ? ?build ? ?powerful ? ?applications. Finally, ? ?we’ll ? ?round ? ?up ? ?with ? ?debugging ? ?techniques ? ?and ? ?best ? ?practices.By ? ?the ? ?end ? ?of ? ?the ? ?book, ? ?you’ll ? ?have ? ?an ? ?in-depth ? ?understanding ? ?of ? ?the language ? ?and ? ?its ? ?various ? ?facets.

Mastering Cloud Security Posture Management (CSPM). Secure multi-cloud infrastructure across AWS, Azure, and Google Cloud using proven techniques

Qamar Nomani, Julie Davila, Rehman Khan

This book will help you secure your cloud infrastructure confidently with cloud security posture management (CSPM) through expert guidance that’ll enable you to implement CSPM effectively, ensuring an optimal security posture across multi-cloud infrastructures.The book begins by unraveling the fundamentals of cloud security, debunking myths about the shared responsibility model, and introducing key concepts such as defense-in-depth, the Zero Trust model, and compliance. Next, you’ll explore CSPM's core components, tools, selection criteria, deployment strategies, and environment settings, which will be followed by chapters on onboarding cloud accounts, dashboard customization, cloud assets inventory, configuration risks, and cyber threat hunting.As you progress, you’ll get to grips with operational practices, vulnerability and patch management, compliance benchmarks, and security alerts. You’ll also gain insights into cloud workload protection platforms (CWPPs). The concluding chapters focus on Infrastructure as Code (IaC) scanning, DevSecOps, and workflow automation, providing a thorough understanding of securing multi-cloud environments.By the end of this book, you’ll have honed the skills to make informed decisions and contribute effectively at every level, from strategic planning to day-to-day operations.

Mastering Cyber Intelligence. Gain comprehensive knowledge and skills to conduct threat intelligence for effective system defense

Jean Nestor M. Dahj

The sophistication of cyber threats, such as ransomware, advanced phishing campaigns, zero-day vulnerability attacks, and advanced persistent threats (APTs), is pushing organizations and individuals to change strategies for reliable system protection. Cyber Threat Intelligence converts threat information into evidence-based intelligence that uncovers adversaries' intents, motives, and capabilities for effective defense against all kinds of threats.This book thoroughly covers the concepts and practices required to develop and drive threat intelligence programs, detailing the tasks involved in each step of the CTI lifecycle. You'll be able to plan a threat intelligence program by understanding and collecting the requirements, setting up the team, and exploring the intelligence frameworks. You'll also learn how and from where to collect intelligence data for your program, considering your organization level. With the help of practical examples, this book will help you get to grips with threat data processing and analysis. And finally, you'll be well-versed with writing tactical, technical, and strategic intelligence reports and sharing them with the community.By the end of this book, you'll have acquired the knowledge and skills required to drive threat intelligence operations from planning to dissemination phases, protect your organization, and help in critical defense decisions.

Mastering Defensive Security. Effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure

Cesar Bravo

Every organization has its own data and digital assets that need to be protected against an ever-growing threat landscape that compromises the availability, integrity, and confidentiality of crucial data. Therefore, it is important to train professionals in the latest defensive security skills and tools to secure them. Mastering Defensive Security provides you with in-depth knowledge of the latest cybersecurity threats along with the best tools and techniques needed to keep your infrastructure secure.The book begins by establishing a strong foundation of cybersecurity concepts and advances to explore the latest security technologies such as Wireshark, Damn Vulnerable Web App (DVWA), Burp Suite, OpenVAS, and Nmap, hardware threats such as a weaponized Raspberry Pi, and hardening techniques for Unix, Windows, web applications, and cloud infrastructures. As you make progress through the chapters, you'll get to grips with several advanced techniques such as malware analysis, security automation, computer forensics, and vulnerability assessment, which will help you to leverage pentesting for security.By the end of this book, you'll have become familiar with creating your own defensive security tools using IoT devices and developed advanced defensive security skills.

Mastering Distributed Tracing. Analyzing performance in microservices and complex systems

Yuri Shkuro

Mastering Distributed Tracing will equip you to operate and enhance your own tracing infrastructure. Through practical exercises and code examples, you will learn how end-to-end tracing can be used as a powerful application performance management and comprehension tool. The rise of Internet-scale companies, like Google and Amazon, ushered in a new era of distributed systems operating on thousands of nodes across multiple data centers. Microservices increased that complexity, often exponentially. It is harder to debug these systems, track down failures, detect bottlenecks, or even simply understand what is going on. Distributed tracing focuses on solving these problems for complex distributed systems. Today, tracing standards have developed and we have much faster systems, making instrumentation less intrusive and data more valuable.Yuri Shkuro, the creator of Jaeger, a popular open-source distributed tracing system, delivers end-to-end coverage of the field in Mastering Distributed Tracing. Review the history and theoretical foundations of tracing; solve the data gathering problem through code instrumentation, with open standards like OpenTracing, W3C Trace Context, and OpenCensus; and discuss the benefits and applications of a distributed tracing infrastructure for understanding, and profiling, complex systems.

Mastering Endpoint Management using Microsoft Intune Suite. Learn Everything About Intune Suite

Saurabh Sarkar, Rahul Singh, Rudy Ooms, Anoop...

Mastering Endpoint Management using Microsoft Intune Suite is one of the first books focused solely on Microsoft’s premium Intune features, offering hands-on, in-depth coverage for IT admins, security professionals, and endpoint engineers. Co-authored by a Microsoft Intune Product Manager and a Principal Consultant who is also a Microsoft Certified Trainer (MCT), this book walks you through real-world implementation using backend architecture diagrams, registry insights, and troubleshooting techniques.You’ll start with cloud public key infrastructure (PKI), learning how to simplify certificate-based authentication. Then you’ll move on to endpoint privilege management (EPM) to enforce least-privilege access at scale. You will learn about Enterprise App Management, which helps you how to modernize app delivery, as well as Advanced Analytics, which reveals how to use Kusto Query Language (KQL) and Security Copilot for actionable insights. The book also covers Remote Help for secure support and Microsoft Tunnel for enabling BYOD access, and concludes with a curated list of essential Intune learning resources.By the end of this Intune book, you will have the practical expertise to implement, manage, and troubleshoot Intune Suite confidently in real-world enterprise environments.

Mastering Endpoint Management using Microsoft Intune Suite. Learn Everything About Intune Suite

Saurabh Sarkar, Rahul Singh, Rudy Ooms, Anoop...

Mastering Endpoint Management using Microsoft Intune Suite is one of the first books focused solely on Microsoft’s premium Intune features, offering hands-on, in-depth coverage for IT admins, security professionals, and endpoint engineers. Co-authored by a Microsoft Intune Product Manager and a Principal Consultant who is also a Microsoft Certified Trainer (MCT), this book walks you through real-world implementation using backend architecture diagrams, registry insights, and troubleshooting techniques.You’ll start with cloud public key infrastructure (PKI), learning how to simplify certificate-based authentication. Then you’ll move on to endpoint privilege management (EPM) to enforce least-privilege access at scale. You will learn about Enterprise App Management, which helps you how to modernize app delivery, as well as Advanced Analytics, which reveals how to use Kusto Query Language (KQL) and Security Copilot for actionable insights. The book also covers Remote Help for secure support and Microsoft Tunnel for enabling BYOD access, and concludes with a curated list of essential Intune learning resources.By the end of this Intune book, you will have the practical expertise to implement, manage, and troubleshoot Intune Suite confidently in real-world enterprise environments.

Mastering High Performance with Kotlin. Overcome performance difficulties in Kotlin with a range of exciting techniques and solutions

Igor Kucherenko

The ease with which we write applications has been increasing, but with it comes the need to address their performance. A balancing act between easily implementing complex applications and keeping their performance optimal is a present-day requirement In this book, we explore how to achieve this crucial balance, while developing and deploying applications with Kotlin.The book starts by analyzing various Kotlin specifcations to identify those that have a potentially adverse effect on performance. Then, we move on to monitor techniques that enable us to identify performance bottlenecks and optimize performance metrics. Next, we look at techniques that help to us achieve high performance: memory optimization, concurrency, multi threading, scaling, and caching. We also look at fault tolerance solutions and the importance of logging. We'll also cover best practices of Kotlin programming that will help you to improve the quality of your code base.By the end of the book, you will have gained some insight into various techniques and solutions that will help to create high-performance applications in the Kotlin environment

Mastering Information Security Compliance Management. A comprehensive handbook on ISO/IEC 27001:2022 compliance

Adarsh Nair, Greeshma M. R.

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body.The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001.By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

Mastering Information Security Compliance Management. A comprehensive handbook on ISO/IEC 27001:2022 compliance

Adarsh Nair, Greeshma M. R.

ISO 27001 and ISO 27002 are globally recognized standards for information security management systems (ISMSs), providing a robust framework for information protection that can be adapted to all organization types and sizes. Organizations with significant exposure to information-security–related risks are increasingly choosing to implement an ISMS that complies with ISO 27001. This book will help you understand the process of getting your organization's information security management system certified by an accredited certification body.The book begins by introducing you to the standards, and then takes you through different principles and terminologies. Once you completely understand these standards, you’ll explore their execution, wherein you find out how to implement these standards in different sizes of organizations. The chapters also include case studies to enable you to understand how you can implement the standards in your organization. Finally, you’ll get to grips with the auditing process, planning, techniques, and reporting and learn to audit for ISO 27001.By the end of this book, you’ll have gained a clear understanding of ISO 27001/27002 and be ready to successfully implement and audit for these standards.

Mastering Kali Linux for Advanced Penetration Testing. Become a cybersecurity ethical hacking expert using Metasploit, Nmap, Wireshark, and Burp Suite - Fourth Edition

Vijay Kumar Velu

Remote working has given hackers plenty of opportunities as more confidential information is shared over the internet than ever before. In this new edition of Mastering Kali Linux for Advanced Penetration Testing, you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You'll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances. This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.

Mastering Kali Linux for Advanced Penetration Testing. Become a cybersecurity ethical hacking expert using Metasploit, Nmap, Wireshark, and Burp Suite - Fourth Edition

Vijay Kumar Velu

Remote working has given hackers plenty of opportunities as more confidential information is shared over the internet than ever before. In this new edition of Mastering Kali Linux for Advanced Penetration Testing, you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You'll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances. This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.

Mastering Kali Linux for Advanced Penetration Testing, Second Edition. Secure your network with Kali Linux – the ultimate white hat hackers' toolkit - Second Edition

Vijay Kumar Velu

This book will take you, as a tester or security practitioner through the journey of reconnaissance, vulnerability assessment, exploitation, and post-exploitation activities used by penetration testers and hackers. We will start off by using a laboratory environment to validate tools and techniques, and using an application that supports a collaborative approach to penetration testing. Further we will get acquainted with passive reconnaissance with open source intelligence and active reconnaissance of the external and internal networks. We will also focus on how to select, use, customize, and interpret the results from a variety of different vulnerability scanners. Specific routes to the target will also be examined, including bypassing physical security and exfiltration of data using different techniques. You will also get to grips with concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections. Later you will learn the practical aspects of attacking user client systems by backdooring executable files. You will focus on the most vulnerable part of the network—directly and bypassing the controls, attacking the end user and maintaining persistence access through social media.You will also explore approaches to carrying out advanced penetration testing in tightly secured environments, and the book's hands-on approach will help you understand everything you need to know during a Red teaming exercise or penetration testing