Hacking
Lee Allen, Kevin Cardwell
The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes.The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration testing methodologies, and following this you will learn a step-by-step methodology of professional security testing, including stealth, methods of evasion, and obfuscation to perform your tests and not be detected!The final challenge will allow you to create your own complex layered architecture with defences and protections in place, and provide the ultimate testing range for you to practice the methods shown throughout the book. The challenge is as close to an actual penetration test assignment as you can get!
Lee Allen
The internet security field has grown by leaps and bounds over the last decade. Everyday more people around the globe gain access to the internet and not all of them with good intentions. The need for penetration testers has grown now that the security industryhas had time to mature. Simply running a vulnerability scanner is a thing of the past and is no longer an effective method of determining a business's true security posture. Learn effective penetration testing skills so that you can effectively meet and manage the rapidly changing security needs of your company. Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You'll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution.Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more.
John Sotiropoulos
Adversarial attacks trick AI systems with malicious data, creating new security risks by exploiting how AI learns. This challenges cybersecurity as it forces us to defend against a whole new kind of threat. This book demystifies adversarial attacks and equips you with the skills to secure AI technologies. Learn how to defend AI and LLM systems against manipulation and intrusion through adversarial attacks such as poisoning, trojan horses, and model extraction, leveraging DevSecOps, MLOps, and other methods to secure systems.This is a comprehensive guide to AI security, combining structured frameworks with practical examples to help you identify and counter adversarial attacks. Part 1 introduces the foundations of AI and adversarial attacks. Parts 2, 3, and 4 cover key attack types, showing how each is performed and how to defend against them. Part 5 presents secure-by-design AI strategies, including threat modeling, MLSecOps, and guidance aligned with OWASP and NIST. The book concludes with a blueprint for maturing enterprise AI security based on NIST pillars, addressing ethics and safety under Trustworthy AI.By the end of this book, you’ll be able to develop, deploy, and secure AI systems against the threat of adversarial attacks effectively.*Email sign-up and proof of purchase required
Adversarial Tradecraft in Cybersecurity. Offense versus defense in real-time computer conflict
Dan Borges
Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.This book contains two subsections in each chapter, specifically focusing on the offensive and defensive teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.Throughout this book, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors’ motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will learn how to gain an advantage through advanced research and thoughtfully concluding an operation.By the end of this book, you will have achieved a solid understanding of cyberattacks from both an attacker’s and a defender’s perspective.
Adversarial Tradecraft in Cybersecurity. Offense versus defense in real-time computer conflict
Dan Borges
Little has been written about what to do when live hackers are on your system and running amok. Even experienced hackers tend to choke up when they realize the network defender has caught them and is zoning in on their implants in real time. This book will provide tips and tricks all along the kill chain of an attack, showing where hackers can have the upper hand in a live conflict and how defenders can outsmart them in this adversarial game of computer cat and mouse.This book contains two subsections in each chapter, specifically focusing on the offensive and defensive teams. It begins by introducing you to adversarial operations and principles of computer conflict where you will explore the core principles of deception, humanity, economy, and more about human-on-human conflicts. Additionally, you will understand everything from planning to setting up infrastructure and tooling that both sides should have in place.Throughout this book, you will learn how to gain an advantage over opponents by disappearing from what they can detect. You will further understand how to blend in, uncover other actors’ motivations and means, and learn to tamper with them to hinder their ability to detect your presence. Finally, you will learn how to gain an advantage through advanced research and thoughtfully concluding an operation.By the end of this book, you will have achieved a solid understanding of cyberattacks from both an attacker’s and a defender’s perspective.
Orhan Yildirim
AI agents have moved from demos to practical tooling, especially for offensive security work where repeatability and context matter. This book shows you how to apply agentic AI to real penetration testing automation, keeping a human in the loop while speeding up reconnaissance, validation, and reporting.You’ll build end-to-end workflows with n8n for reconnaissance automation, attack surface management, and repeatable testing tasks such as port scanning and PCI segmentation testing. You’ll also create browser-based security testing tools using the Model Context Protocol (MCP), enabling LLM-powered agents to coordinate tooling, manage context, and assist with vulnerability analysis and documentation. The focus is hands-on practice, as you’ll assemble practical offensive workflows for web application testing, exploitation support, and professional pentest reporting, then extend your pipeline with threat intelligence automation, including agents that monitor CVE feeds and keep your testing aligned with emerging risk.If you’re a penetration tester, red teamer, or security engineer looking to make assessments faster, more consistent, and easier to scale across engagements, this book gives you patterns that you can adapt to your environment.
Orhan Yildirim
AI agents have moved from demos to practical tooling, especially for offensive security work where repeatability and context matter. This book shows you how to apply agentic AI to real penetration testing automation, keeping a human in the loop while speeding up reconnaissance, validation, and reporting.You’ll build end-to-end workflows with n8n for reconnaissance automation, attack surface management, and repeatable testing tasks such as port scanning and PCI segmentation testing. You’ll also create browser-based security testing tools using the Model Context Protocol (MCP), enabling LLM-powered agents to coordinate tooling, manage context, and assist with vulnerability analysis and documentation. The focus is hands-on practice, as you’ll assemble practical offensive workflows for web application testing, exploitation support, and professional pentest reporting, then extend your pipeline with threat intelligence automation, including agents that monitor CVE feeds and keep your testing aligned with emerging risk.If you’re a penetration tester, red teamer, or security engineer looking to make assessments faster, more consistent, and easier to scale across engagements, this book gives you patterns that you can adapt to your environment.
Orhan Yildirim
AI agents have moved from demos to practical tooling, especially for offensive security work where repeatability and context matter. This book shows you how to apply agentic AI to real penetration testing automation, keeping a human in the loop while speeding up reconnaissance, validation, and reporting.You’ll build end-to-end workflows with n8n for reconnaissance automation, attack surface management, and repeatable testing tasks such as port scanning and PCI segmentation testing. You’ll also create browser-based security testing tools using the Model Context Protocol (MCP), enabling LLM-powered agents to coordinate tooling, manage context, and assist with vulnerability analysis and documentation. The focus is hands-on practice, as you’ll assemble practical offensive workflows for web application testing, exploitation support, and professional pentest reporting, then extend your pipeline with threat intelligence automation, including agents that monitor CVE feeds and keep your testing aligned with emerging risk.If you’re a penetration tester, red teamer, or security engineer looking to make assessments faster, more consistent, and easier to scale across engagements, this book gives you patterns that you can adapt to your environment.
Agile Security Operations. Engineering for agility in cyber defense, detection, and response
Hinne Hettema
Agile security operations allow organizations to survive cybersecurity incidents, deliver key insights into the security posture of an organization, and operate security as an integral part of development and operations. It is, deep down, how security has always operated at its best.Agile Security Operations will teach you how to implement and operate an agile security operations model in your organization. The book focuses on the culture, staffing, technology, strategy, and tactical aspects of security operations. You'll learn how to establish and build a team and transform your existing team into one that can execute agile security operations. As you progress through the chapters, you’ll be able to improve your understanding of some of the key concepts of security, align operations with the rest of the business, streamline your operations, learn how to report to senior levels in the organization, and acquire funding.By the end of this Agile book, you'll be ready to start implementing agile security operations, using the book as a handy reference.
AI Networking Cookbook. Practical recipes for AI-assisted network automation and development
Eric Chou, John Capobianco
Transform your approach to network automation with the power of AI LLM assistants guided by hands-on recipes for building custom automation solutions quickly using artificial intelligence.You’ll learn tools and techniques such as Vibe coding for conversational development, OpenAI API scripts, prompt engineering for better outputs, local LLM fine-tuning, combining models with LangChain, and Streamlit-based frontends development. The book progresses from simple Python scripts to advanced AI-assisted automation techniques, including multi-vendor API integration, showing you how AI can enhance network configuration, monitoring, security, and troubleshooting.Each recipe presents realistic mock data, complete code examples, and step-by-step guidance, creating a safe environment for experimentation while building a solid foundation for future production use. Whether you want to automate routine configuration, implement AI-driven troubleshooting, or build compliance monitoring systems, this cookbook helps you connect your networking expertise with the capabilities of modern AI.
AI-Native LLM Security. Threats, defenses, and best practices for building safe and trustworthy AI
Vaibhav Malik, Ken Huang, Ads Dawson
Adversarial AI attacks present a unique set of security challenges, exploiting the very foundation of how AI learns. This book explores these threats in depth, equipping cybersecurity professionals with the tools needed to secure generative AI and LLM applications. Rather than skimming the surface of emerging risks, it focuses on practical strategies, industry standards, and recent research to build a robust defense framework.Structured around actionable insights, the chapters introduce a secure-by-design methodology, integrating threat modeling and MLSecOps practices to fortify AI systems. You’ll discover how to leverage established taxonomies from OWASP, NIST, and MITRE to identify and mitigate vulnerabilities. Through real-world examples, the book highlights best practices for incorporating security controls into AI development life cycles, covering key areas such as CI/CD, MLOps, and open-access LLMs.Built on the expertise of its co-authors—pioneers in the OWASP Top 10 for LLM applications—this guide also addresses the ethical implications of AI security, contributing to the broader conversation on trustworthy AI. By the end of this book, you’ll be able to develop, deploy, and secure AI technologies with confidence and clarity.*Email sign-up and proof of purchase required
AI-Native LLM Security. Threats, defenses, and best practices for building safe and trustworthy AI
Vaibhav Malik, Ken Huang, Ads Dawson
Adversarial AI attacks present a unique set of security challenges, exploiting the very foundation of how AI learns. This book explores these threats in depth, equipping cybersecurity professionals with the tools needed to secure generative AI and LLM applications. Rather than skimming the surface of emerging risks, it focuses on practical strategies, industry standards, and recent research to build a robust defense framework.Structured around actionable insights, the chapters introduce a secure-by-design methodology, integrating threat modeling and MLSecOps practices to fortify AI systems. You’ll discover how to leverage established taxonomies from OWASP, NIST, and MITRE to identify and mitigate vulnerabilities. Through real-world examples, the book highlights best practices for incorporating security controls into AI development life cycles, covering key areas such as CI/CD, MLOps, and open-access LLMs.Built on the expertise of its co-authors—pioneers in the OWASP Top 10 for LLM applications—this guide also addresses the ethical implications of AI security, contributing to the broader conversation on trustworthy AI. By the end of this book, you’ll be able to develop, deploy, and secure AI technologies with confidence and clarity.*Email sign-up and proof of purchase required