Hacking
W kategorii Hacking zebrano publikacje dotyczące nie tylko hackerów, crackerów i ich technik działania, ale także opisujące różne aspekty bezpieczeństwa komputerów i danych na nich przechowywanych. Poznacie technikę przeprowadzania audytów bezpieczeństwa oraz sposoby zabezpieczania się przed atakami hackerów, programami szpiegującymi czy zwykłą plagą wirusów.
Nauczycie się chronić nie tylko poszczególne komputery ale całe sieci komputerowe przez opracowanie i wdrożenie odpowiedniej polityki bezpieczeństwa, poprawne użycie firewalli czy odpowiednie skonfigurowanie serwerów pracujących pod Waszym nadzorem, a także opanujecie sposoby bezpiecznego surfowania po internecie.
Francisco Javier Santiago Vázquez
Bug bounty programs help to enhance cybersecurity by incentivizing ethical hackers to discover vulnerabilities. This book is a comprehensive guide, equipping you with practical skills to excel in bug bounty programs and contribute to a safer digital ecosystem.You’ll start with an introduction to the bug bounty world, followed by preparation techniques for participation, including vulnerability discovery methods, tools, and resources. Specific sections will provide you with tips and best practices to help you optimize rewards. The book also aims to cover fundamental aspects, such as program structure, key tools, methodologies, and common vulnerabilities, drawing insights from community hackers’ public reports. As you progress, you’ll discover that ethical hacking can be legally learned through bug bounty programs, gaining practical knowledge of offensive security and bug bounty platform operations.By the end of this bug bounty book, you’ll have the confidence you need to navigate bug bounty programs, find security vulnerabilities, craft reports, and reap rewards.
Carlos A. Lozano , Shahmeer Amir
Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed.This book will get you started with bug bounty hunting and its fundamentals.
Carlos A. Lozano , Shahmeer Amir
Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers.This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed.This book will get you started with bug bounty hunting and its fundamentals.
Aniruddha Loya
Amazon Honeycode enables you to build fully managed, customizable, and scalable mobile and web applications for personal or professional use with little to no code. With this practical guide to Amazon Honeycode, you’ll be able to bring your app ideas to life, improving your and your team’s/organization’s productivity.You’ll begin by creating your very first app from the get-go and use it as a means to explore the Honeycode development environment and concepts. Next, you’ll learn how to set up and organize the data to build and bind an app on Honeycode as well as deconstruct different templates to understand the common structures and patterns that can be used. Finally, you’ll build a few apps from scratch and discover how to apply the concepts you’ve learned.By the end of this app development book, you’ll have gained the knowledge you need to be able to build and deploy your own mobile and web applications. You’ll also be able to invite and share your app with people you want to collaborate with.
Building a Cyber Resilient Business. A cyber handbook for executives and boards
Dr. Magda Lilia Chelly , Shamane Tan,...
With cyberattacks on the rise, it has become essential for C-suite executives and board members to step up and collectively recognize cyber risk as a top priority business risk. However, non-cyber executives find it challenging to understand their role in increasing the business’s cyber resilience due to its complex nature and the lack of a clear return on investment.This book demystifies the perception that cybersecurity is a technical problem, drawing parallels between the key responsibilities of the C-suite roles to line up with the mission of the Chief Information Security Officer (CISO).The book equips you with all you need to know about cyber risks to run the business effectively. Each chapter provides a holistic overview of the dynamic priorities of the C-suite (from the CFO to the CIO, COO, CRO, and so on), and unpacks how cybersecurity must be embedded in every business function. The book also contains self-assessment questions, which are a helpful tool in evaluating any major cybersecurity initiatives and/or investment required.With this book, you’ll have a deeper appreciation of the various ways all executives can contribute to the organization’s cyber program, in close collaboration with the CISO and the security team, and achieve a cyber-resilient, profitable, and sustainable business.
William Pretty
One of the best kept secrets of the security industry is just how simple the monitoring hardware actually is - BeagleBone has all the computing power you need to build yourself an extremely sophisticated access control, alarm panel, and home automation and network intrusion-detection system. Security companies make a fortune each year by charging exorbitant fees to their customers. You will learn how easy it is to make an alarm system with Beaglebone.A company-maintained-and-monitored alarm system has its place - your dear old mum is probably not going to be creating her own system any time soon. But if you are reading this book, you are probably a builder or a hobbyist with all the skills required to do it yourself. With Building a Home Security System with BeagleBone, you will learn everything you need to know to develop your own state-of-the-art security system, all for less than a year's worth of monitoring charges from your local alarm company!You will start by building and testing your hardware and open source software on an experimenter's prototype board before progressing to more complex systems. You will then learn how to test your new creations in a modular fashion and begin to utilize BeagleBone. Once your system is built and tested, you will install some of the professional-grade sensors used in modern alarm systems and learn how to use them. You will also discover how to extend your alarm system in a variety of different ways. The only limit will be your imagination.
Matthew Poole
The Raspberry Pi is a powerful low-cost credit-card-sized computer, which lends itself perfectly as the controller for a sophisticated home security system. Using the on-board interfaces available, the Raspberry Pi can be expanded to allow the connection of a virtually infinite number of security sensors and devices. The Raspberry Pi has the processing power and interfaces available to build a sophisticated home security system but at a fraction of the cost of commercially available systems.Building a Home Security System with Raspberry Pi starts off by showing you the Raspberry Pi and how to set up the Linux-based operating system. It then guides you through connecting switch sensors and LEDs to the native GPIO connector safely, and how to access them using simple Bash scripts. As you dive further in, you’ll learn how to build an input/output expansion board using the I2C interface and power supply, allowing the connection of the large number of sensors needed for a typical home security setup. In the later chapters of the book, we'll look at more sophisticated topics such as adding cameras, remotely accessing the system using your mobile phone, receiving intrusion alerts and images by e-mail, and more.By the end of the book, you will be well-versed with the use of Raspberry Pi to power a home-based security system that sends message alerts whenever it is triggered and will be able to build a truly sophisticated and modular home security system. You will also gain a good understanding of Raspberry Pi's ecosystem and be able to write the functions required for a security system.
Ashish Kothekar
This comprehensive guide to QRadar will help you build an efficient security operations center (SOC) for threat hunting and need-to-know software updates, as well as understand compliance and reporting and how IBM QRadar stores network data in real time.The book begins with a quick introduction to QRadar components and architecture, teaching you the different ways of deploying QRadar. You’ll grasp the importance of being aware of the major and minor upgrades in software and learn how to scale, upgrade, and maintain QRadar. Once you gain a detailed understanding of QRadar and how its environment is built, the chapters will take you through the features and how they can be tailored to meet specifi c business requirements. You’ll also explore events, flows, and searches with the help of examples. As you advance, you’ll familiarize yourself with predefined QRadar applications and extensions that successfully mine data and find out how to integrate AI in threat management with confidence. Toward the end of this book, you’ll create different types of apps in QRadar, troubleshoot and maintain them, and recognize the current security challenges and address them through QRadar XDR.By the end of this book, you’ll be able to apply IBM QRadar SOC’s prescriptive practices and leverage its capabilities to build a very efficient SOC in your enterprise.
Ashish Kothekar
This comprehensive guide to QRadar will help you build an efficient security operations center (SOC) for threat hunting and need-to-know software updates, as well as understand compliance and reporting and how IBM QRadar stores network data in real time.The book begins with a quick introduction to QRadar components and architecture, teaching you the different ways of deploying QRadar. You’ll grasp the importance of being aware of the major and minor upgrades in software and learn how to scale, upgrade, and maintain QRadar. Once you gain a detailed understanding of QRadar and how its environment is built, the chapters will take you through the features and how they can be tailored to meet specifi c business requirements. You’ll also explore events, flows, and searches with the help of examples. As you advance, you’ll familiarize yourself with predefined QRadar applications and extensions that successfully mine data and find out how to integrate AI in threat management with confidence. Toward the end of this book, you’ll create different types of apps in QRadar, troubleshoot and maintain them, and recognize the current security challenges and address them through QRadar XDR.By the end of this book, you’ll be able to apply IBM QRadar SOC’s prescriptive practices and leverage its capabilities to build a very efficient SOC in your enterprise.
Joshua Arvin Lat
The significant increase in the number of cloud-related threats and issues has led to a surge in the demand for cloud security professionals. This book will help you set up vulnerable-by-design environments in the cloud to minimize the risks involved while learning all about cloud penetration testing and ethical hacking.This step-by-step guide begins by helping you design and build penetration testing labs that mimic modern cloud environments running on AWS, Azure, and Google Cloud Platform (GCP). Next, you’ll find out how to use infrastructure as code (IaC) solutions to manage a variety of lab environments in the cloud. As you advance, you’ll discover how generative AI tools, such as ChatGPT, can be leveraged to accelerate the preparation of IaC templates and configurations. You’ll also learn how to validate vulnerabilities by exploiting misconfigurations and vulnerabilities using various penetration testing tools and techniques. Finally, you’ll explore several practical strategies for managing the complexity, cost, and risks involved when dealing with penetration testing lab environments in the cloud.By the end of this penetration testing book, you’ll be able to design and build cost-effective vulnerable cloud lab environments where you can experiment and practice different types of attacks and penetration testing techniques.
Samuel Zhou
Enter the world of Decentralized Finance (DeFi) with Building Full Stack DeFi Applications. Understand how this blockchain-based financial technology, designed to manage crypto assets, runs independently without centralized financial institutions like banks and brokerages, eliminating the fees that banks and other financial companies charge for using their services. This book will show you how DeFi solutions are built with smart contracts running on blockchains and how they allow users to gain and earn crypto assets based on the trust of the smart contracts.This book uncovers the inner workings of DeFi by guiding you through the mathematical foundations and teaching you how to build real-world DeFi products with Solidity and JavaScript. As you progress through the chapters, you’ll learn how to implement smart contracts of liquidity pools to trade cryptocurrencies and implement staking, including farming features that allow users to earn. You’ll also find out how to create asset pools that allow users to lend and borrow cryptocurrencies and generate interest. Additionally, you’ll discover how to use Web3 libraries to build the frontend of DeFi products.By the end of this book, you’ll will be well acquainted with popular tools, libraries, and design patterns for implementing a full-stack DeFi application with Web3 and Solidity.
Sherwin John C. Tragura
FastAPI is an Asynchronous Server Gateway Interface (ASGI)-based framework that can help build modern, manageable, and fast microservices. Because of its asynchronous core platform, this ASGI-based framework provides the best option when it comes to performance, reliability, and scalability over the WSGI-based Django and Flask. When working with Python, Flask, and Django microservices, you’ll be able to put your knowledge to work with this practical guide to building seamlessly manageable and fast microservices.You’ll begin by understanding the background of FastAPI and learning how to install, configure, and use FastAPI to decompose business units. You’ll explore a unique and asynchronous REST API framework that can provide a better option when it comes to building microservices. After that, this book will guide you on how to apply and translate microservices design patterns in building various microservices applications and RESTful APIs using the FastAPI framework.By the end of this microservices book, you’ll be able to understand, build, deploy, test, and experiment with microservices and their components using the FastAPI framework.
Sherwin John C. Tragura
FastAPI is an Asynchronous Server Gateway Interface (ASGI)-based framework that can help build modern, manageable, and fast microservices. Because of its asynchronous core platform, this ASGI-based framework provides the best option when it comes to performance, reliability, and scalability over the WSGI-based Django and Flask. When working with Python, Flask, and Django microservices, you’ll be able to put your knowledge to work with this practical guide to building seamlessly manageable and fast microservices.You’ll begin by understanding the background of FastAPI and learning how to install, configure, and use FastAPI to decompose business units. You’ll explore a unique and asynchronous REST API framework that can provide a better option when it comes to building microservices. After that, this book will guide you on how to apply and translate microservices design patterns in building various microservices applications and RESTful APIs using the FastAPI framework.By the end of this microservices book, you’ll be able to understand, build, deploy, test, and experiment with microservices and their components using the FastAPI framework.
Jalem Raj Rohit
Serverless architectures allow you to build and run applications and services without having to manage the infrastructure. Many companies have adopted this architecture to save cost and improve scalability. This book will help you design serverless architectures for your applications with AWS and Python.The book is divided into three modules. The first module explains the fundamentals of serverless architecture and how AWS lambda functions work. In the next module, you will learn to build, release, and deploy your application to production. You will also learn to log and test your application. In the third module, we will take you through advanced topics such as building a serverless API for your application. You will also learn to troubleshoot and monitor your app and master AWS lambda programming concepts with API references. Moving on, you will also learn how to scale up serverless applications and handle distributed serverless systems in production.By the end of the book, you will be equipped with the knowledge required to build scalable and cost-efficient Python applications with a serverless framework.
Building Serverless Architectures. Unleash the power of AWS Lambdas for your applications
Cagatay Gurturk
Over the past years, all kind of companies from start-ups to giant enterprises started their move to public cloud providers in order to save their costs and reduce the operation effort needed to keep their shops open. Now it is even possible to craft a complex software system consisting of many independent micro-functions that will run only when they are needed without needing to maintain individual servers.The focus of this book is to design serverless architectures, and weigh the advantages and disadvantages of this approach, along with decision factors to consider. You will learn how to design a serverless application, get to know that key points of services that serverless applications are based on, and known issues and solutions.The book addresses key challenges such as how to slice out the core functionality of the software to be distributed in different cloud services and cloud functions. It covers basic and advanced usage of these services, testing and securing the serverless software, automating deployment, and more.By the end of the book, you will be equipped with knowledge of new tools and techniques to keep up with this evolution in the IT industry.
Kevin Cardwell
Written in an easy-to-follow approach using hands-on examples, this book helps you create virtual environments for advanced penetration testing, enabling you to build a multi-layered architecture to include firewalls, IDS/IPS, web application firewalls, and endpoint protection, which is essential in the penetration testing world.If you are a penetration tester, security consultant, security test engineer, or analyst who wants to practice and perfect penetration testing skills by building virtual pentesting labs in varying industry scenarios, this is the book for you. This book is ideal if you want to build and enhance your existing pentesting methods and skills. Basic knowledge of network security features is expected along with web application testing experience.
Kevin Cardwell
Security flaws and new hacking techniques emerge overnight – security professionals need to make sure they always have a way to keep . With this practical guide, learn how to build your own virtual pentesting lab environments to practice and develop your security skills. Create challenging environments to test your abilities, and overcome them with proven processes and methodologies used by global penetration testing teams. Get to grips with the techniques needed to build complete virtual machines perfect for pentest training. Construct and attack layered architectures, and plan specific attacks based on the platforms you’re going up against. Find new vulnerabilities for different kinds of systems and networks, and what these mean for your clients.Driven by a proven penetration testing methodology that has trained thousands of testers, Building Virtual Labs for Advanced Penetration Testing, Second Edition will prepare you for participation in professional security teams.
Kevin Cardwell
Security flaws and new hacking techniques emerge overnight – security professionals need to make sure they always have a way to keep . With this practical guide, learn how to build your own virtual pentesting lab environments to practice and develop your security skills. Create challenging environments to test your abilities, and overcome them with proven processes and methodologies used by global penetration testing teams. Get to grips with the techniques needed to build complete virtual machines perfect for pentest training. Construct and attack layered architectures, and plan specific attacks based on the platforms you’re going up against. Find new vulnerabilities for different kinds of systems and networks, and what these mean for your clients.Driven by a proven penetration testing methodology that has trained thousands of testers, Building Virtual Labs for Advanced Penetration Testing, Second Edition will prepare you for participation in professional security teams.
Burp Suite Cookbook. Practical recipes to help you master web penetration testing with Burp Suite
Dr. Sunny Wear
Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers.The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices.By the end of the book, you will be up and running with deploying Burp for securing web applications.
Burp Suite Cookbook. Practical recipes to help you master web penetration testing with Burp Suite
Dr. Sunny Wear
Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers.The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices.By the end of the book, you will be up and running with deploying Burp for securing web applications.
Burp Suite Cookbook. Web application security made easy with Burp Suite - Second Edition
Dr. Sunny Wear
With its many features, easy-to-use interface, and flexibility, Burp Suite is the top choice for professionals looking to strengthen web application and API security.This book offers solutions to challenges related to identifying, testing, and exploiting vulnerabilities in web applications and APIs. It provides guidance on identifying security weaknesses in diverse environments by using different test cases. Once you’ve learned how to configure Burp Suite, the book will demonstrate the effective utilization of its tools, such as Live tasks, Scanner, Intruder, Repeater, and Decoder, enabling you to evaluate the security vulnerability of target applications. Additionally, you’ll explore various Burp extensions and the latest features of Burp Suite, including DOM Invader.By the end of this book, you’ll have acquired the skills needed to confidently use Burp Suite to conduct comprehensive security assessments of web applications and APIs.