Wydawca: K-i-s-publishing
Jan Palach, Jan Palach V Cruz da...
Password Cracking with Kali Linux. Unlock Windows Security with Kali Linux Expertise
Daniel W. Dieterle
Unlock the secrets of Windows password security with Password Cracking with Kali Linux, your essential guide to navigating password-cracking techniques. This book offers a comprehensive introduction to Windows security fundamentals, arming you with the knowledge and tools for effective ethical hacking.The course begins with a foundational understanding of password security, covering prerequisites, lab setup, and an overview of the journey ahead. You'll explore Kerberoasting, tools like Rubeus, Mimikatz, and various attack methods, providing a solid base for understanding password vulnerabilities.The course focuses on practical applications of password cracking, including wordlist generation using tools like Crunch and Hashcat, and exploring various attack strategies. You'll delve into John the Ripper and Hashcat functionalities, learning to identify hash types and crack complex passwords efficiently.The course wraps up with advanced techniques in Linux password cracking and defense strategies. You'll gain insights into creating leaderboards, achievements, and monetizing games, equipping you with skills to not just crack passwords but also secure systems effectively.
PCI DSS Version 4.0.1. A guide to the payment card industry data security standard
IT Governance Publishing, Stephen Hancock
This book provides an essential resource for anyone involved in managing or ensuring PCI DSS compliance. It begins by introducing the Payment Card Industry Data Security Standard (PCI DSS), explaining its importance, and the regulatory framework that governs it. Readers will understand how to assess their organization’s compliance status and the vital steps to avoid data breaches. The book offers a comprehensive exploration of compliance programs and how organizations can design their own effective strategies.The text then dives into the specifics of PCI DSS, focusing on its core components and requirements. Key chapters describe how to comply with and maintain compliance, as well as how to use tools like the PCI self-assessment questionnaire (SAQ). Real-world case studies of cardholder data breaches highlight the consequences of non-compliance. Readers will also learn about the integration of PCI DSS with other standards like ISO/IEC 27001.Throughout, this guide emphasizes practical advice for implementing key security frameworks such as the Software Security Framework (SSF) and Point-to-Point Encryption (P2PE). By the end of the book, readers will have a clear roadmap to not only meet but sustain PCI DSS compliance and strengthen their organization's data security practices.
Penetration Testing: A Survival Guide. A Survival Guide
Wolf Halton, Bo Weaver, Juned Ahmed Ansari,...
The need for penetration testers has grown well over what the IT industry ever anticipated. Running just a vulnerability scanner is no longer an effective method to determine whether a business is truly secure. This learning path will help you develop the most effective penetration testing skills to protect your Windows, web applications, and Android devices. The first module focuses on the Windows platform, which is one of the most common OSes, and managing its security spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Employs the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. In this module first,you’ll be introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities so you can exploit a system remotely. You’ll not only learn to penetrate in the machine, but will also learn to work with Windows privilege escalations.The second module will help you get to grips with the tools used in Kali Linux 2.0 that relate to web application hacking. You will get to know about scripting and input validation flaws, AJAX, and security issues related to AJAX. You will also use an automated technique called fuzzing so you can identify flaws in a web application. Finally, you’ll understand the web application vulnerabilities and the ways they can be exploited.In the last module, you’ll get started with Android security. Android, being the platform with the largest consumer base, is the obvious primary target for attackers. You’ll begin this journey with the absolute basics and will then slowly gear up to the concepts of Android rooting, application security assessments, malware, infecting APK files, and fuzzing. You’ll gain the skills necessary to perform Android application vulnerability assessments and to create an Android pentesting lab.This Learning Path is a blend of content from the following Packt products:• Kali Linux 2: Windows Penetration Testing by Wolf Halton and Bo Weaver• Web Penetration Testing with Kali Linux, Second Edition by Juned Ahmed Ansari• Hacking Android by Srinivasa Rao Kotipalli and Mohammed A. Imran
David Okeyode, Karl Fosaaen, Charles Horton
“If you’re looking for this book, you need it.” — 5* Amazon ReviewCurious about how safe Azure really is? Put your knowledge to work with this practical guide to penetration testing. This book offers a no-faff, hands-on approach to exploring Azure penetration testing methodologies, which will get up and running in no time with the help of real-world examples, scripts, and ready-to-use source code.As you learn about the Microsoft Azure platform and understand how hackers can attack resources hosted in the Azure cloud, you'll find out how to protect your environment by identifying vulnerabilities, along with extending your pentesting tools and capabilities. First, you’ll be taken through the prerequisites for pentesting Azure and shown how to set up a pentesting lab. You'll then simulate attacks on Azure assets such as web applications and virtual machines from anonymous and authenticated perspectives.In the later chapters, you'll learn about the opportunities for privilege escalation in Azure tenants and ways in which an attacker can create persistent access to an environment.By the end of this book, you'll be able to leverage your ethical hacking skills to identify and implement different tools and techniques to perform successful penetration tests on your own Azure infrastructure.
Penetration Testing Bootcamp. Quickly get up and running with pentesting techniques
Jason Beltrame
Penetration Testing Bootcamp delivers practical, learning modules in manageable chunks. Each chapter is delivered in a day, and each day builds your competency in Penetration Testing.This book will begin by taking you through the basics and show you how to set up and maintain the C&C Server. You will also understand how to scan for vulnerabilities and Metasploit, learn how to setup connectivity to a C&C server and maintain that connectivity for your intelligence gathering as well as offsite processing. Using TCPDump filters, you will gain understanding of the sniffing and spoofing traffic. This book will also teach you the importance of clearing up the tracks you leave behind after the penetration test and will show you how to build a report from all the data obtained from the penetration test.In totality, this book will equip you with instructions through rigorous tasks, practical callouts, and assignments to reinforce your understanding of penetration testing.
Michael McPhee, Jason Beltrame
This book will show you how to utilize the latest credit card sized Raspberry Pi 3 and create a portable, low-cost hacking tool using Kali Linux 2.You’ll begin by installing and tuning Kali Linux 2 on Raspberry Pi 3 and then get started with penetration testing. You will be exposed to various network security scenarios such as wireless security, scanning network packets in order to detect any issues in the network, and capturing sensitive data. You will also learn how to plan and perform various attacks such as man-in-the-middle, password cracking, bypassing SSL encryption, compromising systems using various toolkits, and many more. Finally, you’ll see how to bypass security defenses and avoid detection, turn your Pi 3 into a honeypot, and develop a command and control system to manage a remotely-placed Raspberry Pi 3.By the end of this book you will be able to turn Raspberry Pi 3 into a hacking arsenal to leverage the most popular open source toolkit, Kali Linux 2.0.
Joseph Muniz, Joseph Muniz, Aamir Lakhani
María Carina Roldán, Doug Moran
Pentaho Data Integration (a.k.a. Kettle) is a full-featured open source ETL (Extract, Transform, and Load) solution. Although PDI is a feature-rich tool, effectively capturing, manipulating, cleansing, transferring, and loading data can get complicated.This book is full of practical examples that will help you to take advantage of Pentaho Data Integration's graphical, drag-and-drop design environment. You will quickly get started with Pentaho Data Integration by following the step-by-step guidance in this book. The useful tips in this book will encourage you to exploit powerful features of Pentaho Data Integration and perform ETL operations with ease.Starting with the installation of the PDI software, this book will teach you all the key PDI concepts. Each chapter introduces new features, allowing you to gradually get involved with the tool. First, you will learn to work with plain files, and to do all kinds of data manipulation. Then, the book gives you a primer on databases and teaches you how to work with databases inside PDI. Not only that, you'll be given an introduction to data warehouse concepts and you will learn to load data in a data warehouse. After that, you will learn to implement simple and complex processes.Once you've learned all the basics, you will build a simple datamart that will serve to reinforce all the concepts learned through the book.
Mariano, GARCIA MATTIO, Dario R. Bernabeu
Open source reporting tools and techniques, such as PRD, have been comparable in quality to their commercial counterparts this is largely due to the market's marked tendency to choose open source solutions. PRD is a very powerful tool and in order to take full advantage of it you need to pay attention to the important details. Pentaho 5.0 Reporting by Example: Beginner's Guide clearly explains the the foundation and then puts those concepts into practice through step-by-step visual guides. Feeling confident with your newly discovered, desirable, skill you will have the power to create your very own professional reports including graphics, formulas, sub-reports and many other forms of data reporting.Pentaho 5.0 Reporting By Example: Beginner's Guide is a step-by-step guide to create high quality, professional reports. Starting with the basics we will explore each feature to ensure a thorough understanding to peel back the curtain and take full advantage of the power that Pentaho puts at our fingertips.This book gives you the necessary resources to create a great variety of reports. You will be able to make reports that contain sub-reports, include graphics, sparklines and so on. You will also be able to parameterize your reports so that the final user can decide what information to visualize. You will be able to create your own stoplight type indicators and drill down in your reports. and execute your reports from your own web application.Pentaho 5.0 Reporting By Example: Beginner's Guide lets you learn everything necessary to work seriously with one of the world's most popular open source reporting tools. This book will guide you chapter by chapter through examples, graphics, and theoretical explanations so that you feel comfortable interacting with Pentaho Report Designer and creating your own reports.
Francesco Corti
This hands-on tutorial, filled with exercises and examples, introduces the reader to a variety of concepts within Pentaho Reporting. With screenshots that show you how reports look at design time as well as how they should look when rendered as PDF, Excel, HTML, Text, Rich-Text-File, XML, and CSV, this book also contains complete example source code that you can copy and paste into your environment to get up-and-running quickly. Updated to cover the features of Pentaho 8, this book will teach you everything you need to know to build fast, efficient reports using Pentaho. If your interest lies in the technical details of creating reports and you want to see how to solve common reporting problems with a minimum of fuss, this is the book for you.
Joel Latino, Harris Ward, Joel André Latino,...
MongoDB is an open source, schemaless NoSQL database system. Pentaho as a famous open source Analysis tool provides high performance, high availability, and easy scalability for large sets of data. The variant features in Pentaho for MongoDB are designed to empower organizations to be more agile and scalable and also enables applications to have better flexibility, faster performance, and lower costs.Whether you are brand new to online learning or a seasoned expert, this book will provide you with the skills you need to create turnkey analytic solutions that deliver insight and drive value for your organization.The book will begin by taking you through Pentaho Data Integration and how it works with MongoDB. You will then be taken through the Kettle Thin JDBC Driver for enabling a Java application to interact with a database. This will be followed by exploration of a MongoDB collection using Pentaho Instant view and creating reports with MongoDB as a datasource using Pentaho Report Designer. The book will then teach you how to explore and visualize your data in Pentaho BI Server using Pentaho Analyzer. You will then learn how to create advanced dashboards with your data. The book concludes by highlighting contributions of the Pentaho Community.
Pentaho Data Integration 4 Cookbook. Over 70 recipes to solve ETL problems using Pentaho Kettle
Adri?É?íÂ!°n Sergio Pulvirenti, Lance Walter, María Carina...
Pentaho Data Integration (PDI, also called Kettle), one of the data integration tools leaders, is broadly used for all kind of data manipulation such as migrating data between applications or databases, exporting data from databases to flat files, data cleansing, and much more. Do you need quick solutions to the problems you face while using Kettle?Pentaho Data Integration 4 Cookbook explains Kettle features in detail through clear and practical recipes that you can quickly apply to your solutions. The recipes cover a broad range of topics including processing files, working with databases, understanding XML structures, integrating with Pentaho BI Suite, and more.Pentaho Data Integration 4 Cookbook shows you how to take advantage of all the aspects of Kettle through a set of practical recipes organized to find quick solutions to your needs. The initial chapters explain the details about working with databases, files, and XML structures. Then you will see different ways for searching data, executing and reusing jobs and transformations, and manipulating streams. Further, you will learn all the available options for integrating Kettle with other Pentaho tools.Pentaho Data Integration 4 Cookbook has plenty of recipes with easy step-by-step instructions to accomplish specific tasks. There are examples and code that are ready for adaptation to individual needs.
María Carina Roldán
Capturing, manipulating, cleansing, transferring, and loading data effectively are the prime requirements in every IT organization. Achieving these tasks require people devoted to developing extensive software programs, or investing in ETL or data integration tools that can simplify this work.Pentaho Data Integration is a full-featured open source ETL solution that allows you to meet these requirements. Pentaho Data Integration has an intuitive, graphical, drag-and-drop design environment and its ETL capabilities are powerful. However, getting started with Pentaho Data Integration can be difficult or confusing.Pentaho Data Integration Beginner's Guide - Second Edition provides the guidance needed to overcome that difficulty, covering all the possible key features of Pentaho Data Integration.Pentaho Data Integration Beginner's Guide - Second Edition starts with the installation of Pentaho Data Integration software and then moves on to cover all the key Pentaho Data Integration concepts. Each chapter introduces new features, allowing you to gradually get involved with the tool. First, you will learn to do all kinds of data manipulation and work with plain files. Then, the book gives you a primer on databases and teaches you how to work with databases inside Pentaho Data Integration. Moreover, you will be introduced to data warehouse concepts and you will learn how to load data in a data warehouse. After that, you will learn to implement simple and complex processes. Finally, you will have the opportunity of applying and reinforcing all the learned concepts through the implementation of a simple datamart.With Pentaho Data Integration Beginner's Guide - Second Edition, you will learn everything you need to know in order to meet your data manipulation requirements.
Adrian Sergio Pulvirenti, María Carina Roldán, Alex...
Pentaho Data Integration is the premier open source ETL tool, providing easy, fast, and effective ways to move and transform data. While PDI is relatively easy to pick up, it can take time to learn the best practices so you can design your transformations to process data faster and more efficiently. If you are looking for clear and practical recipes that will advance your skills in Kettle, then this is the book for you.Pentaho Data Integration Cookbook Second Edition guides you through the features of explains the Kettle features in detail and provides easy to follow recipes on file management and databases that can throw a curve ball to even the most experienced developers.Pentaho Data Integration Cookbook Second Edition provides updates to the material covered in the first edition as well as new recipes that show you how to use some of the key features of PDI that have been released since the publication of the first edition. You will learn how to work with various data sources – from relational and NoSQL databases, flat files, XML files, and more. The book will also cover best practices that you can take advantage of immediately within your own solutions, like building reusable code, data quality, and plugins that can add even more functionality.Pentaho Data Integration Cookbook Second Edition will provide you with the recipes that cover the common pitfalls that even seasoned developers can find themselves facing. You will also learn how to use various data sources in Kettle as well as advanced features.
Pentaho Data Integration Quick Start Guide. Create ETL processes using Pentaho
María Carina Roldán
Pentaho Data Integration(PDI) is an intuitive and graphical environment packed with drag and drop design and powerful Extract-Transform-Load (ETL) capabilities. Given its power and flexibility, initial attempts to use the Pentaho Data Integration tool can be difficult or confusing. This book is the ideal solution.This book reduces your learning curve with PDI. It provides the guidance needed to make you productive, covering the main features of Pentaho Data Integration. It demonstrates the interactive features of the graphical designer, and takes you through the main ETL capabilities that the tool offers.By the end of the book, you will be able to use PDI for extracting, transforming, and loading the types of data you encounter on a daily basis.
Lance Walter, Will Gorman
Pentaho Reporting lets you create, generate, and distribute rich and sophisticated report content from different data sources. Knowing how to use it quickly and efficiently gives you the edge in producing reports from your database. If you have been looking for a book that has plenty of easy-to-understand instructions and also contains lots of examples and screenshots, this is where your search ends.This book shows you how to replace or build your enterprise reporting solution from scratch with Pentaho's Reporting Suite. Through detailed examples, it dives deeply into all aspects of Pentaho's reporting functionalities, providing you with the knowledge you need to master report creation.This book starts off with a number of examples to get you familiar with the tools and technology of the Pentaho Reporting Suite. Then, with additional examples, it goes into advanced subjects such as charting, sub-reporting, cross tabs, as well as API generation of reports. There are also details and examples on extending Pentaho's open source reporting engine. The reader will learn the ins and outs of Pentaho Report Designer, including a cheat sheet with all the available short-cut keys, to make report design efficient and painless.Embedding reports into your Java application can be difficult. With Pentaho Reporting it's just a few lines of code. The book provides examples of how to embed reporting into your J2EE and client Java applications, as well as showing you how to build dynamic reports from scratch using Pentaho Reporting's simple Java Bean-based report generation API.Setting up and integrating a reporting server in an enterprise environment can be arduous. In addition to learning how to build great embeddable reports, you'll also learn how to combine Pentaho Reporting with Pentaho's BI Server for a zero-code, easy-to-configure, enterprise reporting solution.
Denis Isakov
This book teaches you the tactics and techniques used to attack a Windows-based environment, along with showing you how to detect malicious activities and remediate misconfigurations and vulnerabilities.You’ll begin by deploying your lab, where every technique can be replicated. The chapters help you master every step of the attack kill chain and put new knowledge into practice. You’ll discover how to evade defense of common built-in security mechanisms, such as AMSI, AppLocker, and Sysmon; perform reconnaissance and discovery activities in the domain environment by using common protocols and tools; and harvest domain-wide credentials. You’ll also learn how to move laterally by blending into the environment’s traffic to stay under radar, escalate privileges inside the domain and across the forest, and achieve persistence at the domain level and on the domain controller. Every chapter discusses OpSec considerations for each technique, and you’ll apply this kill chain to perform the security assessment of other Microsoft products and services, such as Exchange, SQL Server, and SCCM.By the end of this book, you'll be able to perform a full-fledged security assessment of the Microsoft environment, detect malicious activity in your network, and guide IT engineers on remediation steps to improve the security posture of the company.
Pentesting APIs. A practical guide to discovering, fingerprinting, and exploiting APIs
Maurício Harley
Understanding API security is crucial as APIs form the backbone of modern interconnected applications, making them prime targets for cyberattacks. Drawing on nearly 30 years of cybersecurity experience and an extensive background in network security and forensic analysis, this book provides the knowledge and tools to strengthen your API security practices and protect against cyber threats comprehensively.This book begins by establishing a foundational understanding of APIs, particularly focusing on REST and GraphQL, emphasizing their critical role and potential security vulnerabilities. It guides you through setting up a penetration testing environment to ensure the practical application of concepts. You’ll learn reconnaissance techniques, information-gathering strategies, and the discovery of API vulnerabilities. Authentication and authorization testing are thoroughly explored, covering mechanisms, weaknesses, and methods to bypass security controls. By comprehensively addressing these aspects, the book equips you to understand, identify, and mitigate risks, strengthening API security and effectively minimizing potential attack surfaces.By the end of this book, you’ll have developed practical skills to identify, exploit, and secure APIs against various vulnerabilities and attacks.
Paul Smith
The industrial cybersecurity domain has grown significantly in recent years. To completely secure critical infrastructure, red teams must be employed to continuously test and exploit the security integrity of a company's people, processes, and products.This is a unique pentesting book, which takes a different approach by helping you gain hands-on experience with equipment that you’ll come across in the field. This will enable you to understand how industrial equipment interacts and operates within an operational environment.You'll start by getting to grips with the basics of industrial processes, and then see how to create and break the process, along with gathering open-source intel to create a threat landscape for your potential customer. As you advance, you'll find out how to install and utilize offensive techniques used by professional hackers. Throughout the book, you'll explore industrial equipment, port and service discovery, pivoting, and much more, before finally launching attacks against systems in an industrial network.By the end of this penetration testing book, you'll not only understand how to analyze and navigate the intricacies of an industrial control system (ICS), but you'll also have developed essential offensive and defensive skills to proactively protect industrial networks from modern cyberattacks.
Bayo Erinle
Performance testing with JMeter 2.9 is critical to the success of any software product launch and continued scalability. Irrespective of the size of the application's user base, it's vital to deliver the best user experience to consumers. Apache JMeter is an excellent testing tool that provides an insight into how applications might behave under load enabling organizations to focus on making adequate preparations.Performance Testing with JMeter 2.9 is a practical, hands-on guide that equips you with all the essential skills needed to effectively use JMeter to test web applications using a number of clear and practical step-by-step guides. It allows you take full advantage of the real power behind Apache JMeter, quickly taking you from novice to master.Performance Testing with JMeter 2.9 begins with the fundamentals of performance testing and gets you acquainted with JMeter. It will guide you through recording realistic and maintainable scripts.You will acquire new skills working with tools such as Vagrant, Puppet, and AWS, allowing you to leverage the cloud to aid in distributed testing. You will learn how to do some BeanShell scripting and take advantage of regular expressions, JMeter properties, and extension points to build comprehensive and robust test suites. Also, you will learn how to test RESTful web services, deal with XML, JSON, file downloads/uploads, and much more. Topics like resource monitoring, distributed testing, managing sessions, and extending JMeter are also covered.Performance Testing with JMeter 2.9 will teach you all you need to know to take full advantage of JMeter for testing web applications, dazzle your co-workers, and impress your boss! You will go from novice to pro in no time.
Performance Testing with JMeter 3. Enhance the performance of your web application - Third Edition
Bayo Erinle
JMeter is a Java application designed to load and test performance for web application. JMeter extends to improve the functioning of various other static and dynamic resources. This book is a great starting point to learn about JMeter. It covers the new features introduced with JMeter 3 and enables you to dive deep into the new techniques needed for measuring your website performance.The book starts with the basics of performance testing and guides you through recording your first test scenario, before diving deeper into JMeter. You will also learn how to configure JMeter and browsers to help record test plans.Moving on, you will learn how to capture form submission in JMeter, dive into managing sessions with JMeter and see how to leverage some of the components provided by JMeter to handle web application HTTP sessions. You will also learn how JMeter can help monitor tests in real-time.Further, you will go in depth into distributed testing and see how to leverage the capabilities of JMeter to accomplish this. You will get acquainted with some tips and best practices with regard to performance testing. By the end of the book, you will have learned how to take full advantage of the real power behind Apache JMeter.