/dev/reading
Category

Security

108 books, 1 subcategories
Order by
View
A Guided Tour Through the Wilds of Software Security
by Tobias Klein

Seemingly simple bugs can have drastic consequences, allowing attackers to compromise systems, escalate local privileges, and otherwise wreak havoc on a system.

A Bug Hunter's Diary follows security expert Tobias Klein as he tracks down and exploits bugs in some of the world's most popular software, like Apple's iOS, the VLC media player, web browsers, and even the Mac OS X kernel. In this one-of-a-kind account, you'll see how the developers responsible for these flaws patched the bugs—or failed to respond at all. As you follow Klein on his journey, you'll gain deep technical knowledge and insight into how hackers approach difficult problems and experience the true joys (and frustrations) of bug hunting.

Along the way you'll learn how to:

  • Use field-tested techniques to find bugs, like identifying and tracing user input data and reverse engineering
  • Exploit vulnerabilities like NULL pointer dereferences, buffer overflows, and type conversion flaws
  • Develop proof of concept code that verifies the security flaw
  • Report bugs to vendors or third party brokers A Bug Hunter's Diary is packed with real-world examples of vulnerable code and the custom programs used to find and test bugs. Whether you're hunting bugs for fun, for profit, or to make the world a safer place, you'll learn valuable new skills by looking over the shoulder of a professional bug hunter in action.
An In-Depth Guide to Android's Security Architecture
by Nikolay Elenkov

There are more than one billion Android devices in use today, each one a potential target. Unfortunately, many fundamental Android security features have been little more than a black box to all but the most elite security professionals—until now.

In Android Security Internals, top Android security expert Nikolay Elenkov takes us under the hood of the Android security sys­tem. Elenkov describes Android security archi­tecture from the bottom up, delving into the imple­mentation of major security-related components and subsystems, like Binder IPC, permissions, cryptographic providers, and device administration.

You’ll learn:

  • How Android permissions are declared, used, and enforced
  • How Android manages application packages and employs code signing to verify their authenticity
  • How Android implements the Java Cryp­­­tog­raphy Architecture (JCA) and Java Secure Socket Extension (JSSE) frameworks
  • About Android’s credential storage system and APIs, which let applications store cryptographic keys securely
  • About the online account management framework and how Google accounts integrate with Android
  • About the implementation of verified boot, disk encryption, lockscreen, and other device security features
  • How Android’s bootloader and recovery OS are used to perform full system updates, and how to obtain root access

With its unprecedented level of depth and detail, Android Security Internals is a must-have for any security-minded Android developer.

by Neil Madden

A web API is an efficient way to communicate with an application or service. However, this convenience opens your systems to new security risks.

API Security in Action gives you the skills to build strong, safe APIs you can confidently expose to the world. Inside, you’ll learn to construct secure and scalable REST APIs, deliver machine-to-machine interaction in a microservices architecture, and provide protection in resource-constrained IoT (Internet of Things) environments.

A guide for software engineers and team leaders
by Derek Fisher

Stop dangerous threats and secure your vulnerabilities without slowing down delivery. This practical book is a one-stop guide to implementing a robust application security program.

In the Application Security Program Handbook you will learn:

  • Why application security is so important to modern software
  • Application security tools you can use throughout the development lifecycle
  • Creating threat models
  • Rating discovered risks
  • Gap analysis on security tools
  • Mitigating web application vulnerabilities
  • Creating a DevSecOps pipeline
  • Application security as a service model
  • Reporting structures that highlight the value of application security
  • Creating a software security ecosystem that benefits development
  • Setting up your program for continuous improvement

The Application Security Program Handbook teaches you to implement a robust program of security throughout your development process. It goes well beyond the basics, detailing flexible security fundamentals that can adapt and evolve to new and emerging threats. Its service-oriented approach is perfectly suited to the fast pace of modern development. Your team will quickly switch from viewing security as a chore to an essential part of their daily work. Follow the expert advice in this guide and you’ll reliably deliver software that is free from security defects and critical vulnerabilities.

Collection, Detection, and Analysis
by Chris Sanders and Jason Smith

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach to NSM, complete with dozens of real-world examples that teach you the key concepts of NSM.

Network security monitoring is based on the principle that prevention eventually fails. In the current threat landscape, no matter how much you try, motivated attackers will eventually find their way into your network. At that point, it is your ability to detect and respond to that intrusion that can be the difference between a small incident and a major disaster.

The book follows the three stages of the NSM cycle: collection, detection, and analysis. As you progress through each section, you will have access to insights from seasoned NSM professionals while being introduced to relevant, practical scenarios complete with sample data.

If you've never performed NSM analysis, Applied Network Security Monitoring will give you an adequate grasp on the core concepts needed to become an effective analyst. If you are already a practicing analyst, this book will allow you to grow your analytic technique to make you more effective at your job.

  • Discusses the proper methods for data collection, and teaches you how to become a skilled NSM analyst
  • Provides thorough hands-on coverage of Snort, Suricata, Bro-IDS, SiLK, and Argus
  • Loaded with practical examples containing real PCAP files you can replay, and uses Security Onion for all its lab examples
  • Companion website includes up-to-date blogs from the authors about the latest developments in NSM
A Hacker's Guide to Capture, Analysis, and Exploitation
by James Forshaw

Attacking Network Protocols is a deep dive into network protocol security from James ­Forshaw, one of the world’s leading bug ­hunters. This comprehensive guide looks at networking from an attacker’s perspective to help you discover, exploit, and ultimately ­protect vulnerabilities.

You’ll start with a rundown of networking basics and protocol traffic capture before moving on to static and dynamic protocol analysis, common protocol structures, cryptography, and protocol security. Then you’ll turn your focus to finding and exploiting vulnerabilities, with an overview of common bug classes, fuzzing, debugging, and exhaustion attacks.

Learn how to:

  • Capture, manipulate, and replay packets
  • Develop tools to dissect traffic and reverse engineer code to understand the inner workings of a network protocol
  • Discover and exploit vulnerabilities such as memory corruptions, authentication bypasses, and denials of service
  • Use capture and analysis tools like ­Wireshark and develop your own custom network proxies to manipulate ­network traffic

Attacking Network Protocols is a must-have for any penetration tester, bug hunter, or developer looking to understand and discover network vulnerabilities.

by Dylan Shields

Running your systems in the cloud doesn’t automatically make them secure. Learn the tools and new management approaches you need to create secure apps and infrastructure on AWS.

In AWS Security you’ll learn how to:

  • Securely grant access to AWS resources to coworkers and customers
  • Develop policies for ensuring proper access controls
  • Lock-down network controls using VPCs
  • Record audit logs and use them to identify attacks
  • Track and assess the security of an AWS account
  • Counter common attacks and vulnerabilities

Written by security engineer Dylan Shields, AWS Security provides comprehensive coverage on the key tools and concepts you can use to defend AWS-based systems. You’ll learn how to honestly assess your existing security protocols, protect against the most common attacks on cloud applications, and apply best practices to configuring identity and access management and virtual private clouds.

by Bojan Magusic

Secure your Azure applications the right way. The expert DevSecOps techniques you'll learn in this essential handbook make it easy to keep your data safe.

As a Program Manager at Microsoft, Bojan Magusic has helped numerous Fortune 500 companies improve their security posture in Azure. Now, in

Azure Security he brings his experience from the cyber security frontline to ensure your Azure cloud-based systems are safe and secure.

In Azure Security you’ll learn vital security skills, including how to:

  • Set up secure access through Conditional Access policiesImplement Azure WAF on Application Gateway and Front Door
  • Deploy Azure Firewall Premium for monitoring network activities
  • Enable Microsoft Defender for Cloud to assess workload configurations
  • Utilize Microsoft Sentinel for threat detection and analytics
  • Establish Azure Policy for compliance with business rules

Correctly set up out-of-the-box Azure services to protect your web apps against both common and sophisticated threats, learn to continuously assess your systems for vulnerabilities, and discover cutting-edge operations for security hygiene, monitoring, and DevSecOps. Each stage is made clear and easy to follow with step-by-step instructions, complemented by helpful screenshots and diagrams.

Go Programming for Hackers and Pentesters
by Tom Steele, Chris Patten and Dan Kottmann

Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go.

You’ll begin your journey with a basic overview of Go’s syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You’ll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You’ll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography.

You'll learn how to:

  • Make performant tools that can be used for your own security projects
  • Create usable tools that interact with remote APIs
  • Scrape arbitrary HTML data
  • Use Go’s standard package, net/http, for building HTTP servers
  • Write your own DNS server and proxy
  • Use DNS tunneling to establish a C2 channel out of a restrictive network
  • Create a vulnerability fuzzer to discover an application’s security weaknesses
  • Use plug-ins and extensions to future-proof products
  • Build an RC2 symmetric-key brute-forcer
  • Implant data within a Portable Network Graphics (PNG) image

Are you ready to add to your arsenal of security tools? Then let’s Go!

Attacking Next Generation APIs
by Dolev Farhi and Nick Aleks

Black Hat GraphQL is for anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing. Whether you’re a penetration tester, security analyst, or software engineer, you’ll learn how to attack GraphQL APIs, develop hardening procedures, build automated security testing into your development pipeline, and validate controls, all with no prior exposure to GraphQL required.

Following an introduction to core concepts, you’ll build your lab, explore the difference between GraphQL and REST APIs, run your first query, and learn how to create custom queries.

You’ll also learn how to:

  • Use data collection and target mapping to learn about targets
  • Defend APIs against denial-of-service attacks and exploit insecure configurations in GraphQL servers to gather information on hardened targets
  • Impersonate users and take admin-level actions on a remote server
  • Uncover injection-based vulnerabilities in servers, databases, and client browsers
  • Exploit cross-site and server-side request forgery vulnerabilities, as well as cross-site WebSocket hijacking, to force a server to request sensitive information on your behalf
  • Dissect vulnerability disclosure reports and review exploit code to reveal how vulnerabilities have impacted large companies

This comprehensive resource provides everything you need to defend GraphQL APIs and build secure applications. Think of it as your umbrella in a lightning storm.

Python Programming for Hackers and Pentesters
by Justin Seitz and Tim Arnold

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In this second edition of the bestselling Black Hat Python, you’ll explore the darker side of Python’s capabilities: everything from writing network sniffers, stealing email credentials, and bruteforcing directories to crafting mutation fuzzers, investigating virtual machines, and creating stealthy trojans.

All of the code in this edition has been updated to Python 3.x. You’ll also find new coverage of bit shifting, code hygiene, and offensive forensics with the Volatility Framework as well as expanded explanations of the Python libraries ctypes, struct, lxml, and BeautifulSoup, and offensive hacking strategies like splitting bytes, leveraging computer vision libraries, and scraping websites.

You’ll learn how to:

  • Create a trojan command-and-control server using GitHub
  • Detect sandboxing and automate common malware tasks like keylogging and screenshotting
  • Extend the Burp Suite web-hacking tool
  • Escalate Windows privileges with creative process control
  • Use offensive memory forensics tricks to retrieve password hashes and find vulnerabilities on a virtual machine
  • Abuse Windows COM automation
  • Exfiltrate data from a network undetected

When it comes to offensive security, you need to be able to create powerful tools on the fly. Learn how with Black Hat Python.

The Guide to Finding and Reporting Web Vulnerabilities
by Vickie Li

A comprehensive guide for any web application hacker, Bug Bounty Bootcamp is a detailed exploration of the many vulnerabilities present in modern websites and the hands-on techniques you can use to most successfully exploit them.

Bug Bounty Bootcamp prepares you for participation in bug bounty programs, which companies set up to reward hackers for finding and reporting vulnerabilities in their applications. The Bootcamp begins with guidance on writing high-quality bug reports and building lasting relationships with client organizations. You’ll then set up a hacking lab and dive into the mechanisms of common web vulnerabilities, like XSS and SQL injection, aided by thorough explanations of what causes them, how you can exploit them, where to find them, and how to bypass protections. You’ll also explore recon strategies for gathering intel on a target and automate recon with bash scripting. Finally, you’ll wade into advanced techniques, like hacking mobile apps, testing APIs, and reviewing source code for vulnerabilities.

Along the way, you’ll learn how to:

  • Identify and successfully exploit a wide array of common web vulnerabilities
  • Set up a hacking environment, configure Burp Suite, and use its modules to intercept traffic and hunt for bugs
  • Chain together multiple bugs for maximum impact and higher payouts
  • Bypass protection mechanisms like input sanitization and blocklists to make your attacks succeed
  • Automate tedious bug-hunting tasks with fuzzing and bash scripting
  • Set up an Android app testing environment

Thousands of data breaches happen every year. By understanding vulnerabilities and how they happen, you can help prevent malicious attacks, protect apps and users, and make the internet a safer place. Happy bug hunting!

A Guide for the Penetration Tester
by Craig Smith

Modern cars are more computerized than ever. Infotainment and navigation systems, Wi-Fi, automatic software updates, and other innovations aim to make driving more ­convenient. But vehicle technologies haven’t kept pace with today’s more hostile security environment, leaving ­millions vulnerable to attack.

The Car Hacker’s Handbook will give you a deeper understanding of the computer systems and embedded software in modern ­vehicles. It begins by examining vulnerabilities and providing detailed explanations of communications over the CAN bus and ­between devices and systems.

Then, once you have an understanding of a ­vehicle’s communication network, you’ll learn how to ­intercept data and perform specific hacks to track vehicles, unlock doors, glitch engines, flood communication, and more. With a focus on low-cost, open source hacking tools such as Metasploit, Wireshark, Kayak, can-utils, and ­ChipWhisperer, The Car Hacker’s Handbook will show you how to:

  • Build an accurate threat model for your vehicle
  • Reverse engineer the CAN bus to fake engine signals
  • Exploit vulnerabilities in diagnostic and data-logging systems
  • Hack the ECU and other firmware and embedded systems
  • Feed exploits through infotainment and vehicle-to-vehicle communication systems
  • Override factory settings with performance-tuning techniques
  • Build physical and virtual test benches to try out exploits safely

If you’re curious about automotive security and have the urge to hack a two-ton computer, make The Car Hacker’s Handbook your first stop.

by Mike Chapple and David Seidl

(ISC)2 CCSP Certified Cloud Security Professional Official Study Guide, 3rd Edition is your ultimate resource for the CCSP exam. As the only official study guide reviewed and endorsed by (ISC)2, this guide helps you prepare faster and smarter with the Sybex study tools that include pre-test assessments that show you what you know, and areas you need further review. In this completely rewritten 3rd Edition, experienced cloud security professionals Mike Chapple and David Seidl use their extensive training and hands on skills to help you prepare for the CCSP exam. Objective maps, exercises, and chapter review questions help you gauge your progress along the way, and the Sybex interactive online learning environment includes access to a PDF glossary, hundreds of flashcards, and two complete practice exams. Covering all CCSP domains, this book walks you through Cloud Concepts, Architecture and Design, Cloud Data Security, Cloud Platform and Infrastructure Security, Cloud Application Security, Cloud Security Operations, and Legal, Risk, and Compliance with real-world scenarios to help you apply your skills along the way.

The CCSP credential from (ISC)2 and the Cloud Security Alliance is designed to show employers that you have what it takes to keep their organization safe in the cloud. Learn the skills you need to be confident on exam day and beyond.

  • Review 100% of all CCSP exam objectives
  • Practice applying essential concepts and skills
  • Access the industry-leading online study tool set
  • Test your knowledge with bonus practice exams and more

As organizations become increasingly reliant on cloud-based IT, the threat to data security looms larger. Employers are seeking qualified professionals with a proven cloud security skillset, and the CCSP credential brings your resume to the top of the pile. (ISC)2 CCSP Certified Cloud Security Professional Official Study Guide gives you the tools and information you need to earn that certification and apply your skills in a real-world setting.

750 Practice Test Questions
by Ric Messier

Information security and personal privacy remains a growing concern for businesses in every sector. And even as the number of certifications increases, the Certified Ethical Hacker, Version 12 (CEH v12) maintains its place as one of the most sought-after and in-demand credentials in the industry.

In CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions, you’ll find a comprehensive overview of the CEH certification requirements. Concise and easy-to-follow instructions are combined with intuitive organization that allows you to learn each exam objective in your own time and at your own pace. The Study Guide now contains more end of chapter review questions and more online practice tests. This combines the value from the previous two-book set including a practice test book into a more valuable Study Guide.

The book offers thorough and robust coverage of every relevant topic, as well as challenging chapter review questions, even more end of chapter review questions to validate your knowledge, and Exam Essentials, a key feature that identifies important areas for study. There are also twice as many online practice tests included. You’ll learn about common attack practices, like reconnaissance and scanning, intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things vulnerabilities, and more. It also provides:

  • Practical, hands-on exercises that reinforce vital, real-world job skills and exam competencies
  • Essential guidance for a certification that meets the requirements of the Department of Defense 8570 Directive for Information Assurance positions
  • Complimentary access to the Sybex online learning center, complete with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms

The CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions is your go-to official resource to prep for the challenging CEH v12 exam and a new career in information security and privacy.

by Mike Chapple and David Seidl

The (ISC)2 CISSP Official Practice Tests is a major resource for (ISC)2 Certified Information Systems Security Professional (CISSP) candidates, providing 1300 unique practice questions. The first part of the book provides 100 questions per domain. You also have access to four unique 125-question practice exams to help you master the material. As the only official practice tests endorsed by (ISC)2, this book gives you the advantage of full and complete preparation. These practice tests align with the 2021 version of the exam to ensure up-to-date preparation, and are designed to cover what you will see on exam day. Coverage includes: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, and Software Development Security.

The CISSP credential signifies a body of knowledge and a set of guaranteed skills that put you in demand in the marketplace. This book is your ticket to achieving this prestigious certification, by helping you test what you know against what you need to know.

  • Test your knowledge of the 2021 exam domains
  • Identify areas in need of further study
  • Gauge your progress throughout your exam preparation
  • Practice test taking with Sybex’s online test environment containing the questions from the book

The CISSP exam is refreshed every few years to ensure that candidates are up-to-date on the latest security topics and trends. Currently-aligned preparation resources are critical, and periodic practice tests are one of the best ways to truly measure your level of understanding.

In-Depth Guidance and Practice
by Benjamin Muschko

Vulnerabilities in software and IT infrastructure pose a major threat to organizations. In response, the Cloud Native Computing Foundation (CNCF) developed the Certified Kubernetes Security Specialist (CKS) certification to verify an administrator's proficiency to protect Kubernetes clusters and the cloud native software they contain. This practical book helps you fully prepare for the certification exam by walking you through all of the topics covered.

Different from typical multiple-choice formats used by other certifications, this performance-based exam requires deep knowledge of the tasks it covers under intense time pressure. If you want to pass the CKS exam on the first go, author Benjamin Muschko shares his personal experience to help you learn the objectives, abilities, and tips and tricks you need to pass on the first attempt.

  • Identify, mitigate, and/or minimize threats to cloud native applications and Kubernetes clusters
  • Learn the ins and outs of Kubernetes's security features, and external tools for security detection and mitigation purposes
  • Demonstrate competency to perform the responsibilities of a Kubernetes administrator or application developer with a security viewpoint
  • Solve real-world Kubernetes problems in a hands-on, command-line environment
  • Effectively navigate and solve questions during the CKS exam
by Peter H. Gregory

This integrated self-study guide enables you to take the 2022 version of the challenging CISM exam with complete confidence. Written by an expert in the field, the book offers exam-focused coverage of information security governance, information risk management, information security program development and management, and information security incident management.

CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition features learning objectives, exam tips, practice questions, and in-depth explanations. All questions closely match those on the live test in tone, format, and content. Special design elements throughout provide real-world insight and call out potentially harmful situations. Beyond fully preparing you for the exam, the book also serves as a valuable on-the-job reference.

  • Features complete coverage of all 2022 CISM exam domains
  • Online content includes 300 practice questions in the customizable TotalTester™ exam engine
  • Written by a cybersecurity expert, author, and lecturer
by Mike Chapple

As cybersecurity becomes an increasingly mission-critical issue, more and more employers and professionals are turning to ISACA's trusted and recognized Certified Information Security Manager qualification as a tried-and-true indicator of information security management expertise.

In Wiley's Certified Information Security Manager (CISM) Study Guide, you'll get the information you need to succeed on the demanding CISM exam. You'll also develop the IT security skills and confidence you need to prove yourself where it really counts: on the job.

Chapters are organized intuitively and by exam objective so you can easily keep track of what you've covered and what you still need to study. You'll also get access to a pre-assessment, so you can find out where you stand before you take your studies further.

Sharpen your skills with Exam Essentials and chapter review questions with detailed explanations in all four of the CISM exam domains: Information Security Governance, Information Security Risk Management, Information Security Program, and Incident Management.

In this essential resource, you'll also:

  • Grab a head start to an in-demand certification used across the information security industry
  • Expand your career opportunities to include rewarding and challenging new roles only accessible to those with a CISM credential
  • Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms

Perfect for anyone prepping for the challenging CISM exam or looking for a new role in the information security field, the Certified Information Security Manager (CISM) Study Guide is an indispensable resource that will put you on the fast track to success on the test and in your next job.

by Fernando Maymi and Shon Harris

Thoroughly updated for the latest release of the Certified Information Systems Security Professional exam, this comprehensive resource covers all objectives in the 2021 CISSP exam developed by the International Information Systems Security Certification Consortium (ISC)2®. CISSP All-in-One Exam Guide, Ninth Edition features learning objectives at the beginning of each chapter, exam tips, practice questions, and in-depth explanations. Written by leading experts in information security certification and training, this completely up-to-date self-study system helps you pass the exam with ease and also serves as an essential on-the-job reference.

Covers all 8 CISSP domains:

  • Security and risk management
  • Asset security
  • Security architecture and engineering
  • Communication and network security
  • Identity and access management (IAM)
  • Security assessment and testing
  • Security operations
  • Software development security

Online content includes:

  • 1400+ practice exam questions
  • Graphical question quizzes
  • Test engine that provides full-length practice exams and customizable quizzes by chapter or exam domain
  • Access to Flash cards
Official Study Guide, 9th Edition
by Mike Chapple, James Michael Stewart and Darril Gibson

(ISC)2 Certified Information Systems Security Professional (CISSP) Official Study Guide, 9th Edition has been completely updated based on the latest 2021 CISSP Exam Outline. This bestselling Sybex Study Guide covers 100% of the exam objectives. You'll prepare for the exam smarter and faster with Sybex thanks to expert content, knowledge from our real-world experience, advice on mastering this adaptive exam, access to the Sybex online interactive learning environment, and much more. Reinforce what you've learned with key topic exam essentials and chapter review questions.

The three co-authors of this book bring decades of experience as cybersecurity practitioners and educators, integrating real-world expertise with the practical knowledge you’ll need to successfully pass the CISSP exam.  Combined, they’ve taught cybersecurity concepts to millions of students through their books, video courses, and live training programs.

Along with the book, you also get access to Sybex's superior online interactive learning environment that includes:

  • Over 900 new and improved practice test questions with complete answer explanations. This includes all of the questions from the book plus four additional online-only practice exams, each with 125 unique questions. You can use the online-only practice exams as full exam simulations. Our questions will help you identify where you need to study more. Get more than 90 percent of the answers correct, and you're ready to take the certification exam.
  • More than 700 Electronic Flashcards to reinforce your learning and give you last-minute test prep before the exam
  • A searchable glossary in PDF to give you instant access to the key terms you need to know for the exam
  • New for the 9th edition: Audio Review. Author Mike Chapple reads the Exam Essentials for each chapter providing you with 2 hours and 50 minutes of new audio review for yet another way to reinforce your knowledge as you prepare.

Coverage of all of the exam topics in the book means you'll be ready for:

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
by Joshua Feldman, Seth Misenar and Eric Conrad

CISSP® Study Guide, Fourth Edition provides the latest updates on CISSP® certification, the most prestigious, globally-recognized, vendor neutral exam for information security professionals. In this new edition, readers will learn about what's included in the newest version of the exam’s Common Body of Knowledge. The eight domains are covered completely and as concisely as possible. Each domain has its own chapter, including specially designed pedagogy to help readers pass the exam. Clearly stated exam objectives, unique terms/definitions, exam warnings, learning by example, hands-on exercises, and chapter ending questions help readers fully comprehend the material.

  • Provides the most complete and effective study guide to prepare you for passing the CISSP® exam--contains only what you need to pass the test, with no fluff!
  • Eric Conrad has prepared hundreds of professionals for passing the CISSP® exam through SANS, a popular and well-known organization for information security professionals
  • Covers all of the new information in the Common Body of Knowledge updated in May 2021, and also provides tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix
A Practical Guide
by Elonka Dunin and Klaus Schmeh

Solve history’s most hidden secrets alongside expert codebreakers Elonka Dunin and Klaus Schmeh, as they guide you through the world of encrypted texts. With a focus on cracking real-world document encryptions—including some crime-based coded mysteries that remain unsolved—you’ll be introduced to the free computer software that professional cryptographers use, helping you build your skills with state-of-the art tools. You’ll also be inspired by thrilling success stories, like how the first three parts of Kryptos were broken.

Each chapter introduces you to a specific cryptanalysis technique, and presents factual examples of text encrypted using that scheme—from modern postcards to 19-century newspaper ads, war-time telegrams, notes smuggled into prisons, and even entire books written in code. Along the way, you’ll work on NSA-developed challenges, detect and break a Caesar cipher, crack an encrypted journal from the movie The Prestige, and much more.

You’ll learn:

  • How to crack simple substitution, polyalphabetic, and transposition ciphers
  • How to use free online cryptanalysis software, like CrypTool 2, to aid your analysis
  • How to identify clues and patterns to figure out what encryption scheme is being used
  • How to encrypt your own emails and secret messages

Codebreaking is the most up-to-date resource on cryptanalysis published since World War II—essential for modern forensic codebreakers, and designed to help amateurs unlock some of history’s greatest mysteries.

Exam CS0-003
by Mike Chapple and David Seidl

Prepare for the CompTIA CySA+ certification exam with the official and updated study guide for Exam CS0-003.

In the newly revised third edition of CompTIA CySA+ Study Guide: Exam CS0-003, a team of leading security experts and tech educators delivers comprehensive and accurate coverage of every topic and domain covered on the certification exam. You’ll find clear and concise information on critical security topics presented by way of practical, real-world examples, chapter reviews, and exam highlights.

Prepare for the test and for a new role in cybersecurity with the book’s useful study tools, including:

  • Hands-on lab exercises and an opportunity to create your own cybersecurity toolkit
  • Authoritative discussions of each exam competency, including security operations, vulnerability management, incident response and management, and reporting and communication
  • Complimentary access to Wiley’s proven library of digital resources, including an online test bank, bonus questions, flashcards, glossary, and more

Reduce test anxiety and get a head-start learning the on-the-job skills you’ll need on your first day in a cybersecurity career. Or augment your existing CompTIA Security+ certification with an impressive new credential. Fully updated for the newly released CS0-003 exam, CompTIA CySA+ Study Guide: Exam CS0-003, Third Edition is an essential resource for test takers and cybersecurity professionals alike.

Exam SY0-601
by Wm. Arthur Conklin, Greg White, Dwayne Williams, Roger L. Davis and Chuck Cothren

Take the latest version of the CompTIA Security+ exam with complete confidence using the detailed information contained in this highly effective self-study system. Written by two leading information security experts, this authoritative guide addresses the skills required for securing a network and managing risk and enables you to become CompTIA certified.

CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601) covers all exam domains and features 200 accurate practice questions. To aid in study, the book features learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. All questions mirror those on the live exam in tone, format, and content. Beyond fully preparing you for the challenging exam, the book also serves as a valuable on-the-job reference for IT professionals.

  • Provides 100% coverage of every objective on exam SY0-601
  • Online content includes performance-based question simulations and 200 multiple-choice practice questions
  • Written by a team of experienced IT security educators
Exam SY0-501
by David L. Prowse

This is the most comprehensive core study tool for CompTIA's latest Security+ exam. Perfect for every candidate preparing for this challenging exam, its comprehensive coverage offers all the information and insight readers need to succeed. From start to finish, the book has been organized and edited to improve retention and help network and security professionals focus on areas where they need the most assistance. Its features include:

  • End-of-chapter case studies and hands-on video exercises help students practice what they've learned
  • Three full practice tests based on the real Security + exam - with new video explanations of all answers
  • Quizzes, memory tables, study strategies, tips, notes, cautions, key terms, troubleshooting scenarios, and much more

Security training expert David L. Prowse covers every Security+ exam objective, including: communication security, infrastructure security, operational security, general security concepts, and more.

by Omar Santos, Ron Taylor and Joseph Mlodzianowski

Learn, prepare, and practice for CompTIA Security+ SY0-601 exam success with this CompTIA Security+ SY0-601 Cert Guide from Pearson IT Certification, a leader in IT certification learning.

CompTIA Security+ SY0-601 Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

CompTIA Security+ SY0-601 Cert Guide focuses specifically on the objectives for the CompTIA Security+ SY0-601 exam. Leading security experts Omar Santos, Ron Taylor, and Joseph Mlodzianowski share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

Exam SY0-701
by Ian Neil

Building on the success of its bestselling predecessor, this third edition of the CompTIA Security+ SY0-701 Certification Guide serves as your one-stop resource for the SY0-701 exam preparation. Written by cybersecurity expert Ian Neil, this comprehensive guide helps you unlock the intricacies of cybersecurity and understand the technology behind the SY0-701 certification, ensuring you approach the exam with confidence.

Delving deep into cybersecurity, this book introduces essential principles, controls, and best practices. The chapters are carefully structured to align with the exam objectives of the 701 update, bringing to you the most recent and relevant exam study material. By mastering cybersecurity fundamentals, you’ll acquire the knowledge and skills to identify and mitigate threats, manage vulnerabilities, and safeguard enterprise infrastructure. You’ll be well-equipped to apply the principles of security governance and compliance, conduct risk assessments, and excel in audit and assessment tasks. The book also contains mock tests to help reinforce your learning and assess your exam-readiness.

Whether you aim to excel the CompTIA Security+ SY0-701 exam, advance your career in cybersecurity, or enhance your existing knowledge, this book will transform you into a cybersecurity expert.

What you will learn

  • Differentiate between various security control types
  • Apply mitigation techniques for enterprise security
  • Evaluate security implications of architecture models
  • Protect data by leveraging strategies and concepts
  • Implement resilience and recovery in security
  • Automate and orchestrate for running secure operations
  • Execute processes for third-party risk assessment and management
  • Conduct various audits and assessments with specific purposes

Who this book is for

Whether you have an IT background or not, if you aspire to pass the CompTIA Security+ SY0-701 exam or pursue a career in certified security, this book is your perfect resource. It is also a valuable companion for US government and US Department of Defense personnel looking to achieve cybersecurity certification. It serves as an excellent reference guide for college students pursuing a degree in cybersecurity.

Fundamental Technology Concepts That Protect Containerized Applications
by Liz Rice

To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers, operators, and security professionals assess security risks and determine appropriate solutions.

Author Liz Rice, Chief Open Source Officer at Isovalent, looks at how the building blocks commonly used in container-based systems are constructed in Linux. You'll understand what's happening when you deploy containers and learn how to assess potential security risks that could affect your deployments. If you run container applications with kubectl or docker and use Linux command-line tools such as ps and grep, you're ready to get started.

  • Explore attack vectors that affect container deployments
  • Dive into the Linux constructs that underpin containers
  • Examine measures for hardening containers
  • Understand how misconfigurations can compromise container isolation
  • Learn best practices for building container images
  • Identify container images that have known software vulnerabilities
  • Leverage secure connections between containers
  • Use security tooling to prevent attacks on your deployment
An Introduction to Building and Breaking Ciphers
by Al Sweigart

Learn how to program in Python while making and breaking ciphers—algorithms used to create and send secret messages!

After a crash course in Python programming basics, you’ll learn to make, test, and hack programs that encrypt text with classical ciphers like the transposition cipher and Vigenère cipher. You’ll begin with simple programs for the reverse and Caesar ciphers and then work your way up to public key cryptography, the type of encryption used to secure today’s online transactions, including digital signatures, email, and Bitcoin.

Each program includes the full code and a line-by-line explanation of how things work. By the end of the book, you’ll have learned how to code in Python and you’ll have the clever programs to prove it!

You’ll also learn how to:

  • Combine loops, variables, and flow control statements into real working programs
  • Use dictionary files to instantly detect whether decrypted messages are valid English or gibberish
  • Create test programs to make sure that your code encrypts and decrypts correctly
  • Code (and hack!) a working example of the affine cipher, which uses modular arithmetic to encrypt a message
  • Break ciphers with techniques such as brute-force and frequency analysis

There’s no better way to learn to code than to play with real programs. Cracking Codes with Python makes the learning fun!

500 Tasty Tidbits for the Curious Cryptographer
by Jean-Philippe Aumasson

Cryptography from A5/0 to ZRTP

Expand your mind—and your crypto knowledge—with the ultimate desktop dictionary for all things cryptography. Written by a globally recognized cryptographer for fellow experts and novices to the field alike, Crypto Dictionary is rigorous in its definitions, yet easy to read and laced with humor. You’ll find:

  • A survey of crypto algorithms both widespread and niche, from RSA and DES to the USSR’s GOST cipher

  • Trivia from the history of cryptography, such as the MINERVA backdoor in Crypto AG’s encryption algorithms, which may have let the US read the secret communications of foreign governments

  • An explanation of why the reference to the Blowfish cipher in the TV show 24 makes absolutely no sense

  • Discussions of numerous cryptographic attacks, like the slide attack and biclique attack (and the meaning of a crypto “attack”)

  • Types of cryptographic proofs, such as zero-knowledge proofs of spacetime

  • A polemic against referring to cryptocurrency as “crypto”

  • A look toward the future of cryptography, with discussions of the threat of quantum computing poses to our current cryptosystems and a nod to post-quantum algorithms, such as lattice-based cryptographic schemes

Or, flip to any random page and learn something new, interesting, and mind-boggling for fun. Organized alphabetically, with hundreds of incisive entries and illustrations at your fingertips, Crypto Dictionary is the crypto world go-to guide that you’ll always want within reach.

Cybersecurity for the Modern Ninja
by Ben McCarty

Learn how to use key ninja techniques to find gaps in a target’s defense, strike where the enemy is negligent, master the art of invisibility, and more. McCarty outlines specific, in-depth security mitigations such as fending off social engineering attacks by being present with “the correct mind,” mapping your network like an adversary to prevent breaches, and leveraging ninja-like traps to protect your systems.

You'll also learn how to:

  • Use threat modeling to reveal network vulnerabilities
  • Identify insider threats in your organization
  • Deploy countermeasures like network sensors, time-based controls, air gaps, and authentication protocols
  • Guard against malware command and-control servers
  • Detect attackers, prevent supply-chain attacks, and counter zero-day exploits

Cyberjutsu is the playbook that every modern cybersecurity professional needs to channel their inner ninja. Turn to the old ways to combat the latest cyber threats and stay one step ahead of your adversaries.

by Alyssa Miller

Kickstart a career in cybersecurity by adapting your existing technical and non-technical skills. Author Alyssa Miller has spent fifteen years in cybersecurity leadership and talent development, and shares her unique perspective in this revealing industry guide.

In Cybersecurity Career Guide you will learn:

  • Self-analysis exercises to find your unique capabilities and help you excel in cybersecurity
  • How to adapt your existing skills to fit a cybersecurity role
  • Succeed at job searches, applications, and interviews to receive valuable offers
  • Ways to leverage professional networking and mentoring for success and career growth
  • Building a personal brand and strategy to stand out from other applicants
  • Overcoming imposter syndrome and other personal roadblocks

Cybersecurity Career Guide unlocks your pathway to becoming a great security practitioner. You’ll learn how to reliably enter the security field and quickly grow into your new career, following clear, practical advice that’s based on research and interviews with hundreds of hiring managers. Practical self-analysis exercises identify gaps in your resume, what makes you valuable to an employer, and what you want out of your career in cyber. You’ll assess the benefits of all major professional qualifications, and get practical advice on relationship building with mentors.

A No-Nonsense Guide for the Reasonably Paranoid
by Seth Enoka

Cybersecurity for Small Networks is a straightforward guide to improving network security whether you’re running Linux, Windows, or macOS.

As you work through the book’s projects, you’ll learn core hardening techniques like how to map a network, track the status of devices, and recognize unusual activity that might signal an attack. You’ll explore ways to eliminate vulnerabilities and prevent unwanted access to mobile, desktop, or even IoT endpoints. You’ll also learn how to implement custom back-up strategies and how to detect, prevent, and mitigate malware or ransomware attacks.

On the still more technical side, you will:

  • Use and configure firewalls like pfSense and iptables to filter network traffic
  • Create a network segmentation plan to separate devices by risk, manage user access, and configure wireless authentication
  • Deploy OpenVPN or Wireguard network-wide to encrypt and protect network communication
  • Use a Squid proxy to obfuscate personal or business data and control web traffic
  • Implement a traffic access point (TAP) to capture and analyze network traffic, and build a Security Onion monitoring appliance to alert you to suspicious activity
  • No matter your level of experience, Cybersecurity for Small Networks will arm you with the tools and knowledge you need to lock down your network, and defend and recover from attacks.
Uncover advanced defense techniques to craft secure application programming interfaces
by Colin Domoney

Along with the exponential growth of API adoption comes a rise in security concerns about their implementation and inherent vulnerabilities. For those seeking comprehensive insights into building, deploying, and managing APIs as the first line of cyber defense, this book offers invaluable guidance. Written by a seasoned DevSecOps expert, Defending APIs addresses the imperative task of API security with innovative approaches and techniques designed to combat API-specific safety challenges.

The initial chapters are dedicated to API building blocks, hacking APIs by exploiting vulnerabilities, and case studies of recent breaches, while the subsequent sections of the book focus on building the skills necessary for securing APIs in real-world scenarios.

Guided by clear step-by-step instructions, you’ll explore offensive techniques for testing vulnerabilities, attacking, and exploiting APIs. Transitioning to defensive techniques, the book equips you with effective methods to guard against common attacks. There are plenty of case studies peppered throughout the book to help you apply the techniques you’re learning in practice, complemented by in-depth insights and a wealth of best practices for building better APIs from the ground up.

By the end of this book, you’ll have the expertise to develop secure APIs and test them against various cyber threats targeting APIs.

What you will learn

  • Explore the core elements of APIs and their collaborative role in API development
  • Understand the OWASP API Security Top 10, dissecting the root causes of API vulnerabilities
  • Obtain insights into high-profile API security breaches with practical examples and in-depth analysis
  • Use API attacking techniques adversaries use to attack APIs to enhance your defensive strategies
  • Employ shield-right security approaches such as API gateways and firewalls
  • Defend against common API vulnerabilities across several frameworks and languages, such as .NET, Python, and Java

Who this book is for

This book is for application security engineers, blue teamers, and security professionals looking forward to building an application security program targeting API security. For red teamers and pentesters, it provides insights into exploiting API vulnerabilities. API developers will benefit understanding, anticipating, and defending against potential threats and attacks on their APIs. While basic knowledge of software and security is required to understand the attack vectors and defensive techniques explained in the book, a thorough understanding of API security is all you need to get started.

An Introduction to Kernel Hacking
by Joseph Kong

Though rootkits have a fairly negative image, they can be used for both good and evil. Designing BSD Rootkits arms you with the knowledge you need to write offensive rootkits, to defend against malicious ones, and to explore the FreeBSD kernel and operating system in the process.

Organized as a tutorial, Designing BSD Rootkits will teach you the fundamentals of programming and developing rootkits under the FreeBSD operating system. Author Joseph Kong's goal is to make you smarter, not to teach you how to write exploits or launch attacks. You'll learn how to maintain root access long after gaining access to a computer and how to hack FreeBSD.

Kong's liberal use of examples assumes no prior kernel-hacking experience but doesn't water down the information. All code is thoroughly described and analyzed, and each chapter contains at least one real-world application.

Included:

  • The fundamentals of FreeBSD kernel module programming
  • Using call hooking to subvert the FreeBSD kernel
  • Directly manipulating the objects the kernel depends upon for its internal record-keeping
  • Patching kernel code resident in main memory; in other words, altering the kernel's logic while it’s still running
  • How to defend against the attacks described

Hack the FreeBSD kernel for yourself!

A Guide for Developers
by Loren Kohnfelder

Designing Secure Software consolidates Loren Kohnfelder’s more than twenty years of experience into a concise, elegant guide to improving the security of technology products. Written for a wide range of software professionals, it emphasizes building security into software design early and involving the entire team in the process.

The book begins with a discussion of core concepts like trust, threats, mitigation, secure design patterns, and cryptography. The second part, perhaps this book’s most unique and important contribution to the field, covers the process of designing and reviewing a software design with security considerations in mind. The final section details the most common coding flaws that create vulnerabilities, making copious use of code snippets written in C and Python to illustrate implementation vulnerabilities.

You’ll learn how to:

  • Identify important assets, the attack surface, and the trust boundaries in a system
  • Evaluate the effectiveness of various threat mitigation candidates
  • Work with well-known secure coding patterns and libraries
  • Understand and prevent vulnerabilities like XSS and CSRF, memory flaws, and more
  • Use security testing to proactively identify vulnerabilities introduced into code
  • Review a software design for security flaws effectively and without judgment
by Gerard Johansen

An understanding of how digital forensics integrates with the overall response to cybersecurity incidents is key to securing your organization's infrastructure from attacks. This updated third edition will help you perform cutting-edge digital forensic activities and incident response with a new focus on responding to ransomware attacks.

After covering the fundamentals of incident response that are critical to any information security team, you'll explore incident response frameworks. From understanding their importance to creating a swift and effective response to security incidents, the book will guide you using examples. Later, you'll cover digital forensic techniques, from acquiring evidence and examining volatile memory through to hard drive examination and network-based evidence. You'll be able to apply these techniques to the current threat of ransomware. As you progress, you'll discover the role that threat intelligence plays in the incident response process. You'll also learn how to prepare an incident response report that documents the findings of your analysis. Finally, in addition to various incident response activities, the book will address malware analysis and demonstrate how you can proactively use your digital forensic skills in threat hunting.

By the end of this book, you'll be able to investigate and report unwanted security breaches and incidents in your organization.

What you will learn

  • Create and deploy an incident response capability within your own organization
  • Perform proper evidence acquisition and handling
  • Analyze the evidence collected and determine the root cause of a security incident
  • Integrate digital forensic techniques and procedures into the overall incident response process
  • Understand different techniques for threat hunting
  • Write incident reports that document the key findings of your analysis
  • Apply incident response practices to ransomware attacks
  • Leverage cyber threat intelligence to augment digital forensics findings

Who this book is for

This book is for cybersecurity and information security professionals who want to implement digital forensics and incident response in their organizations. You'll also find the book helpful if you're new to the concept of digital forensics and looking to get started with the fundamentals. A basic understanding of operating systems and some knowledge of networking fundamentals are required to get started with this book.

by Dominique Augey and Marina Alcaraz

Digital information, particularly for online newsgathering and reporting, is an industry fraught with uncertainty and rapid innovation. Digital Information Ecosystems: Smart Press crosses academic knowledge with research by media groups to understand this evolution and analyze the future of the sector, including the imminent employment of bots and artificial intelligence.

The book adopts an original and multidisciplinary approach to this topic: combining the science of media economics with the experience of a practicing journalist of a major daily newspaper. The result is an essential guide to the opportunities of the media to respond to a changing global digital landscape.

Independent news reporting is vital in the contemporary democracy; the media must itself become a new “smart press”.

A Hands-on Introduction to Breaking In
by Daniel G. Graham

Ethical Hacking is a crash course in modern hacking techniques. It's already being used to prepare the next generation of offensive security experts. In its many hands-on labs, you’ll explore crucial skills for any aspiring penetration tester, security researcher, or malware analyst.

You’ll begin with the basics: capturing a victim’s network traffic with an ARP spoofing attack and then viewing it in Wireshark. From there, you’ll deploy reverse shells that let you remotely run commands on a victim’s computer, encrypt files by writing your own ransomware in Python, and fake emails like the ones used in phishing attacks. In advanced chapters, you’ll learn how to fuzz for new vulnerabilities, craft trojans and rootkits, exploit websites with SQL injection, and escalate your privileges to extract credentials, which you’ll use to traverse a private network.

You’ll work with a wide range of professional penetration testing tools—and learn to write your own tools in Python—as you practice tasks like:

  • Deploying the Metasploit framework’s reverse shells and embedding them in innocent-seeming files
  • Capturing passwords in a corporate Windows network using Mimikatz
  • Scanning (almost) every device on the internet to find potential victims
  • Installing Linux rootkits that modify a victim’s operating system
  • Performing advanced Cross-Site Scripting (XSS) attacks that execute sophisticated JavaScript payloads

Along the way, you’ll gain a foundation in the relevant computing technologies. Discover how advanced fuzzers work behind the scenes, learn how internet traffic gets encrypted, explore the inner mechanisms of nation-state malware like Drovorub, and much more.

Developed with feedback from cybersecurity students, Ethical Hacking addresses contemporary issues in the field not often covered in other books and will prepare you for a career in penetration testing. Most importantly, you’ll be able to think like an ethical hacker⁠: someone who can carefully analyze systems and creatively gain access to them.

Want to ask questions about the book? Contact the author at: discord.thehackingbook.com

The Definitive Guide to Defeating Endpoint Detection Systems
by Matt Hand

Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you’ll learn that EDR is not a magical black box—it’s just a complex software application built around a few easy-to-understand components.

The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.

A Straightforward Introduction
by Jason Andress

A high-level survey of the information security field by best-selling author Jason Andress. The book covers the basics of a wide variety of topics, from authentication and authorization to maintaining confidentiality and performing penetration testing.

Using real-world security breaches as examples, Foundations of Information Security explores common applications of these concepts, such as operations security, network design, hardening and patching operating systems, securing mobile devices, as well as tools for assessing the security of hosts and applications.

You’ll also learn the basics of topics like:

  • Multifactor authentication and how biometrics and hardware tokens can be used to harden the authentication process
  • The principles behind modern cryptography, including symmetric and asymmetric algorithms, hashes, and certificates
  • The laws and regulations that protect systems and data
  • Anti-malware tools, firewalls, and intrusion detection systems
  • Vulnerabilities such as buffer overflows and race conditions

A valuable resource for beginning security professionals, network systems administrators, or anyone new to the field, Foundations of Information Security is a great place to start your journey into the dynamic and rewarding field of information security.

Developing Autonomous Bots for Online Games
by Nick Cano

You don’t need to be a wizard to transform a game you like into a game you love. Imagine if you could give your favorite PC game a more informative heads-up display or instantly collect all that loot from your latest epic battle.

Bring your knowledge of Windows-based development and memory management, and Game Hacking will teach you what you need to become a true game hacker. Learn the basics, like reverse engineering, assembly code analysis, programmatic memory manipulation, and code injection, and hone your new skills with hands-on example code and practice binaries.

Level up as you learn how to:

  • Scan and modify memory with Cheat Engine
  • Explore program structure and execution flow with OllyDbg
  • Log processes and pinpoint useful data files with Process Monitor
  • Manipulate control flow through NOPing, hooking, and more
  • Locate and dissect common game memory structures

You’ll even discover the secrets behind common game bots, including:

  • Extrasensory perception hacks, such as wallhacks and heads-up displays
  • Responsive hacks, such as autohealers and combo bots
  • Bots with artificial intelligence, such as cave walkers and automatic looters

Game hacking might seem like black magic, but it doesn’t have to be. Once you understand how bots are made, you’ll be better positioned to defend against them in your own games. Journey through the inner workings of PC games with Game Hacking, and leave with a deeper understanding of both game design and computer security.

  • Scan and modify memory with Cheat Engine
  • Explore program structure and execution flow with OllyDbg
  • Log processes and pinpoint useful data files with Process Monitor
  • Manipulate control flow through NOPing, hooking, and more
  • Locate and dissect common game memory structures
  • Extrasensory perception hacks, such as wallhacks and heads-up displays
  • Responsive hacks, such as autohealers and combo bots
  • Bots with artificial intelligence, such as cave walkers and automatic looters

“Game Hacking contains more than just interesting material; it contains an education. Budding programmers and game designers will gain critical insights. Perhaps, for someone with the predisposition and the will to develop their skills, this book could even kick-start a new career.” —Josh Townsend, IT Security

A Simple Introduction to Cyber Attacks and Defense
by Bryson Payne

Go H*ck Yourself is an eye-opening, hands-on introduction to the world of hacking, from an award-winning cybersecurity coach. As you perform common attacks against yourself, you’ll be shocked by how easy they are to carry out—and realize just how vulnerable most people really are. You’ll be guided through setting up a virtual hacking lab so you can safely try out attacks without putting yourself or others at risk. Then step-by-step instructions will walk you through executing every major type of attack, including physical access hacks, Google hacking and reconnaissance, social engineering and phishing, malware, password cracking, web hacking, and phone hacking. You’ll even hack a virtual car! You’ll experience each hack from the point of view of both the attacker and the target. Most importantly, every hack is grounded in real-life examples and paired with practical cyber defense tips, so you’ll understand how to guard against the hacks you perform. You’ll learn:

  • How to practice hacking within a safe, virtual environment
  • How to use popular hacking tools the way real hackers do, like Kali Linux, Metasploit, and John the Ripper
  • How to infect devices with malware, steal and crack passwords, phish for sensitive information, and more
  • How to use hacking skills for good, such as to access files on an old laptop when you can’t remember the password
  • Valuable strategies for protecting yourself from cyber attacks

You can’t truly understand cyber threats or defend against them until you’ve experienced them firsthand. By hacking yourself before the bad guys do, you’ll gain the knowledge you need to keep you and your loved ones safe.

A Hacker's Guide to Creating and Automating Security Tools
by Brandon Perry

Learn to use C#’s powerful set of core ­libraries to automate tedious yet important tasks like fuzzing, performing vulnerability scans, and analyzing malware. With some help from Mono, you’ll write your own practical security tools that will run on Windows, OS X, Linux, and even mobile devices.

After a crash course in C# and some of its advanced features, you’ll learn how to:

  • Generate shellcode in Metasploit to create cross-platform and cross-architecture payloads
  • Automate Nessus, OpenVAS, and sqlmap to scan for vulnerabilities and exploit SQL injections
  • Write a .NET decompiler for OS X and Linux
  • Parse and read offline registry hives to dump system information
  • Automate the security tools Arachni and Metasploit using their MSGPACK RPCs

Streamline and simplify your workday by making the most of C#’s extensive repertoire of powerful tools and libraries with Gray Hat C#.

Python Programming for Hackers and Reverse Engineers
by Justin Seitz

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools—and how to build your own when the pre-built ones won't cut it.

You'll learn how to:

  • Automate tedious reversing and security tasks
  • Design and program your own debugger
  • Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
  • Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
  • Sniff secure traffic out of an encrypted web browser session
  • Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more

The world's best hackers are using Python to do their handiwork. Shouldn't you?

The Art of Exploitation
by Jon Erickson

Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.

The included LiveCD provides a complete Linux programming and debugging environment—all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

  • Program computers using C, assembly language, and shell scripts
  • Corrupt system memory to run arbitrary code using buffer overflows and format strings
  • Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
  • Outsmart common security measures like nonexecutable stacks and intrusion detection systems
  • Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence
  • Redirect network traffic, conceal open ports, and hijack TCP connections
  • Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

Breaking Web Application Programming Interfaces
by Corey Ball

An Application Programming Interface (API) is a software connection that allows applications to communicate and share services. Hacking APIs will teach you how to test web APIs for security vulnerabilities. You’ll learn how the common API types, REST, SOAP, and GraphQL, work in the wild. Then you’ll set up a streamlined API testing lab and perform common attacks, like those targeting an API’s authentication mechanisms, and the injection vulnerabilities commonly found in web applications. In the book’s guided labs, which target intentionally vulnerable APIs, you’ll practice:

  • Enumerating API users and endpoints using fuzzing techniques
  • Using Postman to discover an excessive data exposure vulnerability
  • Performing a JSON Web Token attack against an API authentication process
  • Combining multiple API attack techniques to perform a NoSQL injection
  • Attacking a GraphQL API to uncover a broken object level authorization vulnerability

By the end of the book, you’ll be prepared to uncover those high-payout API bugs that other hackers aren’t finding, and improve the security of applications on the web.

Protocols, Attacks, and Countermeasures
by Himanshu Dwivedi

Voice over Internet Protocol (VoIP) networks have freed users from the tyranny of big telecom, allowing people to make phone calls over the Internet at very low or no cost. But while VoIP is easy and cheap, it's notoriously lacking in security. With minimal effort, hackers can eavesdrop on conversations, disrupt phone calls, change caller IDs, insert unwanted audio into existing phone calls, and access sensitive information.

Hacking VoIP takes a dual approach to VoIP security, explaining its many security holes to hackers and administrators. If you're serious about security, and you either use or administer VoIP, you should know where VoIP's biggest weaknesses lie and how to shore up your security. And if your intellectual curiosity is leading you to explore the boundaries of VoIP, Hacking VoIP is your map and guidebook.

Hacking VoIP will introduce you to every aspect of VoIP security, both in home and enterprise implementations. You'll learn about popular security assessment tools, the inherent vulnerabilities of common hardware and software packages, and how to:

  • Identify and defend against VoIP security attacks such as eavesdropping, audio injection, caller ID spoofing, and VoIP phishing
  • Audit VoIP network security
  • Assess the security of enterprise-level VoIP networks such as Cisco, Avaya, and Asterisk, and home VoIP solutions like Yahoo! and Vonage
  • Use common VoIP protocols like H.323, SIP, and RTP as well as unique protocols like IAX
  • Identify the many vulnerabilities in any VoIP network

Whether you’re setting up and defending your VoIP network against attacks or just having sick fun testing the limits of VoIP networks, Hacking VoIP is your go-to source for every aspect of VoIP security and defense.

The Art of Analyzing Hacked and Leaked Data
by Micah Lee

Unlock the internet’s treasure trove of public interest data with Hacks, Leaks, and Revelations by Micah Lee, an investigative reporter and security engineer. This hands-on guide blends real-world techniques for researching large datasets with lessons on coding, data authentication, and digital security. All of this is spiced up with gripping stories from the front lines of investigative journalism.

Dive into exposed datasets from a wide array of sources: the FBI, the DHS, police intelligence agencies, extremist groups like the Oath Keepers, and even a Russian ransomware gang. Lee’s own in-depth case studies on disinformation-peddling pandemic profiteers and neo-Nazi chatrooms serve as blueprints for your research.

Gain practical skills in searching massive troves of data for keywords like “antifa” and pinpointing documents with newsworthy revelations. Get a crash course in Python to automate the analysis of millions of files.

You will also learn how to:

  • Master encrypted messaging to safely communicate with whistleblowers.

  • Secure datasets over encrypted channels using Signal, Tor Browser, OnionShare, and SecureDrop.

  • Harvest data from the BlueLeaks collection of internal memos, financial records, and more from over 200 state, local, and federal agencies.

  • Probe leaked email archives about offshore detention centers and the Heritage Foundation.

  • Analyze metadata from videos of the January 6 attack on the US Capitol, sourced from the Parler social network.

We live in an age where hacking and whistleblowing can unearth secrets that alter history. Hacks, Leaks, and Revelations is your toolkit for uncovering new stories and hidden truths. Crack open your laptop, plug in a hard drive, and get ready to change history.

A Hands-On Guide for Total Beginners
by Sam Grubb

How Cybersecurity Really Works is the perfect introduction to cybersecurity. Whether you’re a computer science student or a business professional, it will teach you the basics without all the jargon.

This beginners guide covers different types of attacks, common tactics used by online adversaries, and defensive strategies you can use to protect yourself. You’ll learn what security professionals do, what an attack looks like from a cybercriminal’s viewpoint, and how to implement sophisticated cybersecurity measures on your own devices.

In addition, you’ll find explanations of topics like malware, phishing, and social engineering attacks, coupled with real-world examples and hands-on exercises to help you apply what you’ve learned. You’ll explore ways to bypass access controls, prevent infections from worms and viruses, and protect your cloud accounts from attackers.

You’ll also learn how to:

  • Analyze emails to detect phishing attempts
  • Use SQL injection to attack a website
  • Examine malware from the safety of a sandbox environment
  • Use the command line to evaluate and improve your computer and network security
  • Deploy encryption and hashing to protect your files
  • Create a comprehensive risk management plan

You can’t afford to ignore cybersecurity anymore, but attackers won’t wait while you read a long technical manual. That’s why How Cybersecurity Really Works teaches you just the essentials you need to think beyond antivirus and make the right decisions to keep the online monsters at bay.

An Illustrated Guide to Protocols, Privacy, Censorship, and Governance
by ARTICLE 19

The internet has profoundly changed interpersonal communication, but most of us don’t really understand how it works. What enables information to travel across the internet? Can we really be anonymous and private online? Who controls the internet, and why is that important? And… what’s with all the cats?

How the Internet Really Works answers these questions and more. Using clear language and whimsical illustrations, the authors translate highly technical topics into accessible, engaging prose that demystifies the world’s most intricately linked computer network. Alongside a feline guide named Catnip, you’ll learn about:

  • The “How-What-Why” of nodes, packets, and internet protocols
  • Cryptographic techniques to ensure the secrecy and integrity of your data
  • Censorship, ways to monitor it, and means for circumventing it
  • Cybernetics, algorithms, and how computers make decisions
  • Centralization of internet power, its impact on democracy, and how it hurts human rights
  • Internet governance, and ways to get involved

This book is also a call to action, laying out a roadmap for using your newfound knowledge to influence the evolution of digitally inclusive, rights-respecting internet laws and policies.

Whether you’re a citizen concerned about staying safe online, a civil servant seeking to address censorship, an advocate addressing worldwide freedom of expression issues, or simply someone with a cat-like curiosity about network infrastructure, you will be delighted — and enlightened — by Catnip’s felicitously fun guide to understanding how the internet really works!

Breaching the Cloud
by Sparc Flow

Go deep into the mind of a master hacker as he breaks into a hostile, cloud-based security environment. Sparc Flow invites you to shadow him every step of the way, from recon to infiltration, as you hack a shady, data-driven political consulting firm. While the target is fictional, the corporation’s vulnerabilities are based on real-life weaknesses in today’s advanced cybersecurity defense systems. You’ll experience all the thrills, frustrations, dead-ends, and eureka moments of his mission first-hand, while picking up practical, cutting-edge techniques for penetrating cloud technologies.

There are no do-overs for hackers, so your training starts with basic OpSec procedures, using an ephemeral OS, Tor, bouncing servers, and detailed code to build an anonymous, replaceable hacking infrastructure guaranteed to avoid detection. From there, you’ll examine some effective recon techniques, develop tools from scratch, and deconstruct low-level features in common systems to gain access to the target. Spark Flow’s clever insights, witty reasoning, and stealth maneuvers teach you how to think on your toes and adapt his skills to your own hacking tasks.

You'll learn:

  • How to set up and use an array of disposable machines that can renew in a matter of seconds to change your internet footprint
  • How to do effective recon, like harvesting hidden domains and taking advantage of DevOps automation systems to trawl for credentials
  • How to look inside and gain access to AWS’s storage systems
  • How cloud security systems like Kubernetes work, and how to hack them
  • Dynamic techniques for escalating privileges

Packed with interesting tricks, ingenious tips, and links to external resources, this fast-paced, hands-on guide to penetrating modern cloud systems will help hackers of all stripes succeed on their next adventure.

Breaking Windows
by Sparc Flow

Step into the shoes of a master hacker and break into an intelligent, highly defensive Windows environment. You’ll be infiltrating the suspicious (fictional) offshoring company G & S Trust and their hostile Microsoft stronghold. While the target is fictional, the corporation’s vulnerabilities are based on real life weaknesses in today’s advanced Windows defense systems. You’ll experience all the thrills, frustrations, dead-ends, and eureka moments of the mission first-hand, while picking up practical, cutting-edge techniques for evading Microsoft’s best security systems.

The adventure starts with setting up your elite hacking infrastructure complete with virtual Windows system. After some thorough passive recon, you’ll craft a sophisticated phishing campaign to steal credentials and gain initial access. Once inside you’ll identify the security systems, scrape passwords, plant persistent backdoors, and delve deep into areas you don’t belong. Throughout your task you’ll get caught, change tack on a tee, dance around defensive monitoring systems, and disable tools from the inside. Sparc Flow’s clever insights, witty reasoning, and stealth maneuvers teach you to be patient, persevere, and adapt your skills at the drop of a hat.  You’ll learn how to:

  • Identify and evade Microsoft security systems like Advanced Threat Analysis, QRadar, MDE, and AMSI
  • Seek out subdomains and open ports with Censys, Python scripts, and other OSINT tools
  • Scrape password hashes using Kerberoasting
  • Plant camouflaged C# backdoors and payloads
  • Grab victims’ credentials with more advanced techniques like reflection and domain replication

Like other titles in the How to Hack series, this book is packed with interesting tricks, ingenious tips, and links to useful resources to give you a fast-paced, hands-on guide to penetrating and bypassing Microsoft security systems.

The Unofficial Guide to the World's Most Popular Disassembler
by Chris Eagle

No source code? No problem. With IDA Pro, the interactive disassembler, you live in a source code-optional world. IDA can automatically analyze the millions of opcodes that make up an executable and present you with a disassembly. But at that point, your work is just beginning. With The IDA Pro Book, you'll learn how to turn that mountain of mnemonics into something you can actually use.

Hailed by the creator of IDA Pro as "profound, comprehensive, and accurate," the second edition of The IDA Pro Book covers everything from the very first steps to advanced automation techniques. You'll find complete coverage of IDA's new Qt-based user interface, as well as increased coverage of the IDA debugger, the Bochs debugger, and IDA scripting (especially using IDAPython). But because humans are still smarter than computers, you'll even learn how to use IDA's latest interactive and scriptable interfaces to your advantage.

Save time and effort as you learn to:

  • Navigate, comment, and modify disassembly
  • Identify known library routines, so you can focus your analysis on other areas of the code
  • Use code graphing to quickly make sense of cross references and function calls
  • Extend IDA to support new processors and filetypes using the SDK
  • Explore popular plug-ins that make writing IDA scripts easier, allow collaborative reverse engineering, and much more
  • Use IDA's built-in debugger to tackle hostile and obfuscated code

Whether you're analyzing malware, conducting vulnerability research, or reverse engineering software, a mastery of IDA is crucial to your success. Take your skills to the next level with this 2nd edition of The IDA Pro Book.

Supercharge your software security with DevSecOps excellence
by Vandana Verma Sehgal

DevSecOps is built on the idea that everyone is responsible for security, with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context. This practice of integrating security into every stage of the development process helps improve both the security and overall quality of the software. This book will help you get to grips with DevSecOps and show you how to implement it, starting with a brief introduction to DevOps, DevSecOps, and their underlying principles.

After understanding the principles, you'll dig deeper into different topics concerning application security and secure coding before learning about the secure development lifecycle and how to perform threat modeling properly. You’ll also explore a range of tools available for these tasks, as well as best practices for developing secure code and embedding security and policy into your application. Finally, you'll look at automation and infrastructure security with a focus on continuous security testing, infrastructure as code (IaC), protecting DevOps tools, and learning about the software supply chain.

By the end of this book, you’ll know how to apply application security, safe coding, and DevSecOps practices in your development pipeline to create robust security protocols.

What you will learn

  • Find out how DevSecOps unifies security and DevOps, bridging a significant cybersecurity gap
  • Discover how CI/CD pipelines can incorporate security checks for automatic vulnerability detection
  • Understand why threat modeling is indispensable for early vulnerability identification and action
  • Explore chaos engineering tests to monitor how systems perform in chaotic security scenarios
  • Find out how SAST pre-checks code and how DAST finds live-app vulnerabilities during runtime
  • Perform real-time monitoring via observability and its criticality for security management

Who this book is for

This book is for DevSecOps engineers and application security engineers. Developers, pentesters, and information security analysts will also find plenty of useful information in this book. Prior knowledge of the software development process and programming logic is beneficial, but not required.

The Definitive Guide for Hackers and Developers
by David Thiel

Eliminating security holes in iOS apps is critical for any developer who wants to protect their users from the bad guys. In iOS Application Security, mobile security expert David Thiel reveals common iOS coding mistakes that create serious security problems and shows you how to find and fix them.

After a crash course on iOS application structure and Objective-C design patterns, you’ll move on to spotting bad code and plugging the holes. You’ll learn about:

  • The iOS security model and the limits of its built-in protections
  • The myriad ways sensitive data can leak into places it shouldn’t, such as through the pasteboard
  • How to implement encryption with the Keychain, the Data Protection API, and CommonCrypto
  • Legacy flaws from C that still cause problems in modern iOS applications
  • Privacy issues related to gathering user data and how to mitigate potential pitfalls

Don’t let your app’s security leak become another headline. Whether you’re looking to bolster your app’s defenses or hunting bugs in other people’s code, iOS Application Security will help you get the job done well.

Building Secure Web Applications
by Jim Manico and August Detlefsen

Develop, deploy, and maintain secure Java applications using the expert techniques and open source libraries described in this Oracle Press guide. Iron-Clad Java presents the processes required to build robust and secure applications from the start and explains how to eliminate existing security bugs. Best practices for authentication, access control, data protection, attack prevention, error handling, and much more are included. Using the practical advice and real-world examples provided in this authoritative resource, you'll gain valuable secure software engineering skills.

  • Establish secure authentication and session management processes
  • Implement a robust access control design for multi-tenant web applications
  • Defend against cross-site scripting, cross-site request forgery, and clickjacking
  • Protect sensitive data while it is stored or in transit
  • Prevent SQL injection and other injection attacks
  • Ensure safe file I/O and upload
  • Use effective logging, error handling, and intrusion detection methods
  • Follow a comprehensive secure software development lifecycle

"In this book, Jim Manico and August Detlefsen tackle security education from a technical perspective and bring their wealth of industry knowledge and experience to application designers. A significant amount of thought was given to include the most useful and relevant security content for designers to defend their applications. This is not a book about security theories, it’s the hard lessons learned from those who have been exploited, turned into actionable items for application designers, and condensed into print." —From the Foreword by Milton Smith, Oracle Senior Principal Security Product Manager, Java

Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence
by William Oettinger

Computer Forensics, being a broad topic, involves a variety of skills which will involve seizing electronic evidence, acquiring data from electronic evidence, data analysis, and finally developing a forensic report.

This book will help you to build up the skills you need to work in a highly technical environment. This book's ideal goal is to get you up and running with forensics tools and techniques to successfully investigate crime and corporate misconduct. You will discover ways to collect personal information about an individual from online sources. You will also learn how criminal investigations are performed online while preserving data such as e-mails, images, and videos that may be important to a case. You will further explore networking and understand Network Topologies, IP Addressing, and Network Devices. Finally, you will how to write a proper forensic report, the most exciting portion of the forensic exam process.

By the end of this book, you will have developed a clear understanding of how to acquire, analyze, and present digital evidence, like a proficient computer forensics investigator.

What you will learn

  • Explore the investigative process, rules of evidence, legal process, and ethical guidelines
  • Understand the difference between sectors, clusters, volumes, and file slack
  • Validate forensic equipment, computer program, and examination methods
  • Create and validate forensically sterile media
  • Gain the ability to draw conclusions based on the exam discoveries
  • Record discoveries utilizing the technically correct terminology
  • Discover the limitations and guidelines for RAM Capture and its tools
  • Explore timeline analysis, media analysis, string searches, and recovery of deleted data

Who this book is for

This book is for IT beginners, students, or an investigator in the public or private sector. This book will also help IT professionals who are new to incident response and digital forensics and are looking at choosing cybersecurity as their career. Individuals planning to pass the Certified Forensic Computer Examiner (CFCE) certification will also find this book useful.

Getting Started with Networking, Scripting, and Security in Kali
by OccupyTheWeb

If you’re getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you’ll learn the basics of using the Linux operating system and acquire the tools and techniques you’ll need to take control of a Linux environment.

First, you’ll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you’ll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You’ll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to:

  • Cover your tracks by changing your network information and manipulating the rsyslog logging utility
  • Write a tool to scan for network connections, and connect and listen to wireless networks
  • Keep your internet activity stealthy using Tor, proxy servers, VPNs, and encrypted email
  • Write a bash script to scan open ports for potential targets
  • Use and abuse services like MySQL, Apache web server, and OpenSSH
  • Build your own hacking tools, such as a remote video spy camera and a password cracker Hacking is complex, and there is no single way in. Why not start at the beginning with Linux Basics for Hackers?

Covers Kali Linux and Python 3

"If you're just getting started or working your way to expert level, getting a copy of this book might be one of the best things you can do to develop your cybersecurity skills." —Sandra Henry-Stocker, Network World

"The information provided can help even a general user to get more comfortable with the Linux operating system without feeling overwhelmed by more complex, security-related topics and usage. While we could all benefit from more attention to security, Linux Basics for Hackers just might inspire the next crop of budding techies into the security rock stars of tomorrow." —Tim Everson, The Ethical Hacker Network

"Linux Basics for Hackers is immediately practical. Its quick and dirty approach to exploring and using a Linux system was welcome." —Jesse Smith, DistroWatch Weekly

"If you are starting out in Computer Science and want to get up to speed quickly on Linux and Unix like operating systems, working through this book will put you well ahead of your fellow students, and quickly." —Greg Laden, Greg Laden's Blog

Attack Detection and Response with iptables, psad, and fwsnort
by Michael Rash

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:

  • Passive network authentication and OS fingerprinting
  • iptables log analysis and policies
  • Application layer attack detection with the iptables string match extension
  • Building an iptables ruleset that emulates a Snort ruleset
  • Port knocking vs. Single Packet Authorization (SPA)
  • Tools for visualizing iptables logs

Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables—along with psad and fwsnort—to detect and even prevent compromises.

by Thomas Kranz

A jargon-busting guide to the key concepts, terminology, and technologies of cybersecurity. Perfect for anyone planning or implementing a security strategy.

In Making Sense of Cybersecurity you will learn how to:

  • Develop and incrementally improve your own cybersecurity strategy
  • Detect rogue WiFi networks and safely browse on public WiFi
  • Protect against physical attacks utilizing USB devices or building access cards
  • Use the OODA loop and a hacker mindset to plan out your own attacks
  • Connect to and browse the Dark Web
  • Apply threat models to build, measure, and improve your defenses
  • Respond to a detected cyber attack and work through a security breach

Go behind the headlines of famous attacks and learn lessons from real-world breaches that author Tom Kranz has personally helped to clean up.

Making Sense of Cybersecurity is full of clear-headed advice and examples that will help you identify risks in your organization and choose the right path to apply the important security concepts. You'll learn the three pillars of a successful security strategy and how to create and apply threat models that will iteratively improve your organization's readiness.

Attack Detection and Attribution
by Joshua Saxe and Hillary Sanders

Security has become a "big data" problem. The growth rate of malware has accelerated to tens of millions of new files per year while our networks generate an ever-larger flood of security-relevant data each day. In order to defend against these advanced attacks, you'll need to know how to think like a data scientist.

In Malware Data Science, security data scientist Joshua Saxe introduces machine learning, statistics, social network analysis, and data visualization, and shows you how to apply these methods to malware detection and analysis.

You'll learn how to:

  • Analyze malware using static analysis
  • Observe malware behavior using dynamic analysis
  • Identify adversary groups through shared code analysis
  • Catch 0-day vulnerabilities by building your own machine learning detector
  • Measure malware detector accuracy
  • Identify malware campaigns, trends, and relationships through data visualization

Whether you're a malware analyst looking to add skills to your existing arsenal, or a data scientist interested in attack detection and threat intelligence, Malware Data Science will help you stay ahead of the curve.

From Graphs and Geometry to Spatial Analysis
by Daniel Reilly

Explore the intersection of mathematics and computer security with this engaging and accessible guide.

Math for Security will equip you with essential tools to tackle complex security problems head on. All you need are some basic programming skills. Once you’ve set up your development environment and reviewed the necessary Python syntax and math notation in the early chapters, you’ll dive deep into practical applications, leveraging the power of math to analyze networks, optimize resource distribution, and much more. In the book’s final chapters, you’ll take your projects from proof of concepts to viable applications and explore options for delivering them to end users.

As you work through various security scenarios, you’ll:

  • Employ packet analysis and graph theory to detect data exfiltration attempts in a network
  • Predict potential targets and find weaknesses in social networks with Monte Carlo simulations
  • Use basic geometry and OpenCell data to triangulate a phone’s location without GPS
  • Apply computational geometry to Voronoi diagrams for use in emergency service planning
  • Train a facial recognition system with machine learning for real-time identity verification
  • Use spatial analysis to distribute physical security features effectively in an art gallery

Whether you’re an aspiring security professional, a social network analyst, or an innovator seeking to create cutting-edge security solutions, this book will empower you to solve complex problems with precision and confidence. Embrace the intricate world of math as your secret weapon in computer security!

Covers Python 3.x

The Penetration Tester's Guide
by David Kennedy, Jim O’Gorman, Devon Kearns and Mati Aharoni

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.

Once you've built your foundation for penetration testing, you’ll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You’ll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.

Learn how to:

  • Find and exploit unmaintained, misconfigured, and unpatched systems
  • Perform reconnaissance and find valuable information about your target
  • Bypass anti-virus technologies and circumvent security controls
  • Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery
  • Use the Meterpreter shell to launch further attacks from inside the network
  • Harness standalone Metasploit utilities, third-party tools, and plug-ins
  • Learn how to write your own Meterpreter post exploitation modules and scripts

You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

"The best guide to the Metasploit Framework." —HD Moore, Founder of the Metasploit Project

Tracking Hackers through Cyberspace
by Sherri Davidoff and Jonathan Ham

On the Internet, every action leaves a mark–in routers, firewalls, web proxies, and within network traffic itself. When a hacker breaks into a bank, or an insider smuggles secrets to a competitor, evidence of the crime is always left behind.

Learn to recognize hackers’ tracks and uncover network-based evidence in **Network Forensics: Tracking Hackers through Cyberspace.**Carve suspicious email attachments from packet captures. Use flow records to track an intruder as he pivots through the network. Analyze a real-world wireless encryption-cracking attack (and then crack the key yourself). Reconstruct a suspect’s web surfing history–and cached web pages, too–from a web proxy. Uncover DNS-tunneled traffic. Dissect the Operation Aurora exploit, caught on the wire.

Throughout the text, step-by-step case studies guide you through the analysis of network-based evidence.

Hackers leave footprints all across the Internet. Can you find their tracks and solve the case? Pick up Network Forensics and find out.

A Hands-On Introduction to Hacking
by Georgia Weidman

Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses.

In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine–based lab that includes Kali Linux and vulnerable operating systems, you’ll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you’ll experience the key stages of an actual assessment—including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.

Learn how to:

  • Crack passwords and wireless network keys with brute-forcing and wordlists
  • Test web applications for vulnerabilities
  • Use the Metasploit Framework to launch exploits and write your own Metasploit modules
  • Automate social-engineering attacks
  • Bypass antivirus software
  • Turn access to one machine into total control of the enterprise in the post exploitation phase

You’ll even explore writing your own exploits. Then it’s on to mobile hacking—Weidman’s particular area of research—with her tool, the Smartphone Pentest Framework.

With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.

The Definitive Guide to Testing and Securing Deployments
by Matt Burrough

Pentesting Azure Applications is a comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies. You’ll start by learning how to approach a cloud-focused penetration test and how to obtain the proper permissions to execute it; then, you’ll learn to perform reconnaissance on an Azure subscription, gain access to Azure Storage accounts, and dig into Azure’s Infrastructure as a Service (IaaS).

You’ll also learn how to:

  • Uncover weaknesses in virtual machine settings that enable you to acquire passwords, binaries, code, and settings files
  • Use PowerShell commands to find IP addresses, administrative users, and resource details
  • Find security issues related to multi-factor authentication and management certificates
  • Penetrate networks by enumerating firewall rules
  • Investigate specialized services like Azure Key Vault, Azure Web Apps, and Azure Automation
  • View logs and security events to find out when you’ve been caught

Packed with sample pentesting scripts, practical advice for completing security assessments, and tips that explain how companies can configure Azure to foil common attacks, Pentesting Azure Applications is a clear overview of how to effectively perform cloud-focused security tests and provide accurate findings and recommendations.

by Manul Laphroaig

This highly anticipated print collection gathers articles published in the much-loved International Journal of Proof-of-Concept or Get The Fuck Out.

PoC||GTFO (Proof of Concept or Get The Fuck Out) follows in the tradition of Phrack and Uninformed by publishing on the subjects of offensive security research, reverse engineering, and file format internals. Until now, the journal has only been available online or printed and distributed for free at hacker conferences worldwide.

Consistent with the journal's quirky, biblical style, this book comes with all the trimmings: a leatherette cover, ribbon bookmark, bible paper, and gilt-edged pages. The book features more than 80 technical essays from numerous famous hackers, authors of classics like "Reliable Code Execution on a Tamagotchi," "ELFs are Dorky, Elves are Cool," "Burning a Phone," "Forget Not the Humble Timing Attack," and "A Sermon on Hacker Privilege." Twenty-four full-color pages by Ange Albertini illustrate many of the clever tricks described in the text.

by Manul Laphroaig

The International Journal of Proof-of-Concept or Get The Fuck Out is a celebrated magazine of reverse engineering, retro-computing, and systems internals. This second collected volume holds all of the articles from releases nine to thirteen.

Learn how to patch the firmware of a handheld amateur radio, then emulate that radio's proprietary audio code under Linux. How to slow the Windows kernel when exploiting a race condition and how to make a PDF file that is also an Android app, an audio file, or a Gameboy speedrun. How to hack a Wacom pen table with voltage glitching, then hack it again by pure software to read RDID tags from its surface. How to disassemble every last byte of an Atari game and how to bypass every classic form of copy protection on Apple ][.

But above all else, beyond the nifty tricks and silly songs, this book exists to remind you what a clever engineer can build from a box of parts with a bit of free time. Not to show you what others have done, but to show you how they did it so that you can do the same.

by Manul Laphroaig

The International Journal of Proof-of-Concept or Get The Fuck Out is a celebrated collection of short essays on computer security, reverse engineering and retrocomputing topics by many of the world's most famous hackers. This third volume contains all articles from releases 14 to 18 in the form of an actual, bound bible.

Topics include how to dump the ROM from one of the most secure Sega Genesis games ever created; how to create a PDF that is also a Git repository; how to extract the Game Boy Advance BIOS ROM; how to sniff Bluetooth Low Energy communications with the BCC Micro:Bit; how to conceal ZIP Files in NES Cartridges; how to remotely exploit a TetriNET Server; and more.

The journal exists to remind us of what a clever engineer can build from a box of parts and a bit of free time. Not to showcase what others have done, but to explain how they did it so that readers can do these and other clever things themselves.

Build Your Own Linux Tools for Binary Instrumentation, Analysis, and Disassembly
by Dennis Andriesse

As malware increasingly obfuscates itself and applies anti-analysis techniques to thwart our analysis, we need more sophisticated methods that allow us to raise that dark curtain designed to keep us out—binary analysis can help. The goal of all binary analysis is to determine (and possibly modify) the true properties of binary programs to understand what they really do, rather than what we think they should do. While reverse engineering and disassembly are critical first steps in many forms of binary analysis, there is much more to be learned.

This hands-on guide teaches you how to tackle the fascinating but challenging topics of binary analysis and instrumentation and helps you become proficient in an area typically only mastered by a small group of expert hackers. It will take you from basic concepts to state-of-the-art methods as you dig into topics like code injection, disassembly, dynamic taint analysis, and binary instrumentation. Written for security engineers, hackers, and those with a basic working knowledge of C/C++ and x86-64, Practical Binary Analysis will teach you in-depth how binary programs work and help you acquire the tools and techniques needed to gain more control and insight into binary programs.

Once you’ve completed an introduction to basic binary formats, you’ll learn how to analyze binaries using techniques like the GNU/Linux binary analysis toolchain, disassembly, and code injection. You’ll then go on to implement profiling tools with Pin and learn how to build your own dynamic taint analysis tools with libdft and symbolic execution tools using Triton. You’ll learn how to:

  • Parse ELF and PE binaries and build a binary loader with libbfd
  • Use data-flow analysis techniques like program tracing, slicing, and reaching definitions analysis to reason about runtime flow of your programs
  • Modify ELF binaries with techniques like parasitic code injection and hex editing
  • Build custom disassembly tools with Capstone
  • Use binary instrumentation to circumvent anti-analysis tricks commonly used by malware
  • Apply taint analysis to detect control hijacking and data leak attacks
  • Use symbolic execution to build automatic exploitation tools

With exercises at the end of each chapter to help solidify your skills, you’ll go from understanding basic assembly to performing some of the most sophisticated binary analysis and instrumentation. Practical Binary Analysis gives you what you need to work effectively with binary programs and transform your knowledge from basic understanding to expert-level proficiency.

A Guide for Secure Design and Deployment
by Chris Dotson

With rapidly changing architecture and API-driven automation, cloud platforms come with unique security challenges and opportunities. In this updated second edition, you'll examine security best practices for multivendor cloud environments, whether your company plans to move legacy on-premises projects to the cloud or build a new infrastructure from the ground up.

Developers, IT architects, and security professionals will learn cloud-specific techniques for securing popular cloud platforms such as Amazon Web Services, Microsoft Azure, and IBM Cloud. IBM Distinguished Engineer Chris Dotson shows you how to establish data asset management, identity and access management (IAM), vulnerability management, network security, and incident response in your cloud environment.

  • Learn the latest threats and challenges in the cloud security space
  • Manage cloud providers that store or process data or deliver administrative control
  • Learn how standard principles and concepts—such as least privilege and defense in depth—apply in the cloud
  • Understand the critical role played by IAM in the cloud
  • Use best tactics for detecting, responding, and recovering from the most common security incidents
  • Manage various types of vulnerabilities, especially those common in multicloud or hybrid cloud architectures
  • Examine privileged access management in cloud environments
A User's Guide to the End of the World
by Michal Zalewski

As a leading security engineer, Michal Zalewski has spent his career methodically anticipating and planning for cyberattacks. In Practical Doomsday, Zalewski applies the same thoughtful, rational approach to preparing for disasters of all kinds. By sharing his research, advice, and a healthy dose of common sense, he’ll help you rest easy knowing you have a plan for the worst—even if the worst never comes.

The book outlines a level-headed model for evaluating risks, one that weighs the probability of scenarios against the cost of preparing for them. You’ll learn to apply that model to the whole spectrum of potential crises, from personal hardships like job loss or a kitchen fire, to large-scale natural disasters and industrial accidents, to recurring pop-culture fears like all-out nuclear war. You’ll then explore how basic lifestyle adjustments, such as maintaining a robust rainy-day fund, protecting yourself online, and fostering good relationships with your neighbors, can boost your readiness for a wide range of situations. You’ll also take a no-nonsense look at the supplies and equipment essential to surviving sudden catastrophes, like prolonged power outages or devastating storms, and examine the merits and legal implications of different self-defense strategies.

You’ll learn:

  • How to identify and meaningfully assess risks in your life, then develop strategies for managing them
  • Ways to build up and diversify a robust financial safety net—a key component of nearly all effective preparedness strategies
  • How to adapt your prep plans to a variety of situations, from shelter-in-place scenarios to evacuations by car or on foot
  • Sensible approaches to stockpiling food, water, and other essentials, along with recommendations on what supplies are actually worth having

Disasters happen, but they don’t have to dominate your life. Practical Doomsday will help you plan ahead, so you can stop worrying about what tomorrow may bring and start enjoying your life today.

Securing Digital Evidence with Linux Tools
by Bruce Nikkel

Forensic image acquisition is an important part of postmortem incident response and evidence collection. Digital forensic investigators acquire, preserve, and manage digital evidence to support civil and criminal cases; examine organizational policy violations; resolve disputes; and analyze cyber attacks.

Practical Forensic Imaging takes a detailed look at how to secure and manage digital evidence using Linux-based command line tools. This essential guide walks you through the entire forensic acquisition process and covers a wide range of practical scenarios and situations ­related to the imaging of storage media.

You’ll learn how to:

  • Perform forensic imaging of magnetic hard disks, SSDs and flash drives, opti­cal discs, magnetic tapes, and legacy technologies
  • Protect attached evidence media from accidental modification
  • Manage large forensic image files, storage capacity, image format conversion, compression, splitting, duplication, secure transfer and storage, and secure ­disposal
  • Preserve and verify evidence integrity with cryptographic and piecewise hashing, public key signatures, and RFC-3161 ­timestamping
  • Work with newer drive and interface tech­nologies like NVME, SATA Express, 4K-native sector drives, SSHDs, SAS, UASP/USB3x, and Thunderbolt
  • Manage drive security such as ATA pass­words; encrypted thumb drives; Opal self-encrypting drives; OS-encrypted drives using BitLocker, FileVault, and TrueCrypt; and others
  • Acquire usable images from more complex or challenging situations such as RAID systems, virtual machine images, and damaged media

With its unique focus on digital forensic acquisition and evidence preservation, ­Practical Forensic Imaging is a valuable resource for experienced digital forensic investigators wanting to advance their Linux skills and experienced Linux administrators wanting to learn digital forensics. This is a must-have reference for every digital forensics lab.

The Definitive Guide to Attacking the Internet of Things
by Fotios Chantzis, Ioannis Stais, Paulino Calderon, Evangelos Deirmentzoglou and Beau Woods

Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk.

The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of passive reconnaissance, and assess security on all layers of an IoT system. Next, you’ll perform VLAN hopping, crack MQTT authentication, abuse UPnP, develop an mDNS poisoner, and craft WS-Discovery attacks.

You’ll tackle both hardware hacking and radio hacking, with in-depth coverage of attacks against embedded IoT devices and RFID systems.

You’ll also learn how to:

  • Write a DICOM service scanner as an NSE module
  • Hack a microcontroller through the UART and SWD interfaces
  • Reverse engineer firmware and analyze mobile companion apps
  • Develop an NFC fuzzer using Proxmark3
  • Hack a smart home by jamming wireless alarms, playing back IP camera feeds, and controlling a smart treadmill

The tools and devices you’ll use are affordable and readily available, so you can easily practice what you learn. You can also download this book’s code examples at https://github.com/practical-iot-hacking.

Whether you’re a security researcher, IT team member, or hacking hobbyist, you’ll find Practical IoT Hacking indispensable in your efforts to hack all the things

REQUIREMENTS: Basic knowledge of Linux command line, TCP/IP, and programming

A Guide for Digital Investigators
by Bruce Nikkel

Practical Linux Forensics dives into the technical details of analyzing postmortem forensic images of Linux systems that have been misused, abused, or the target of malicious attacks. This essential practitioner’s guide will show you how to locate and interpret digital evidence found on Linux desktops, servers, and IoT devices, draw logical conclusions, and reconstruct timelines of past activity after a crime or security incident. It's a book written for investigators with varying levels of Linux experience, and the techniques shown are independent of the forensic analysis platform and tools used.

Early chapters provide an overview of digital forensics as well as an introduction to the Linux operating system and popular distributions. From there, the book describes the analysis of storage, filesystems, files and directories, installed software packages, and logs. Special focus is given to examining human user activity such as logins, desktop environments and artifacts, home directories, regional settings, and peripheral devices used.

You’ll learn how to:

  • Analyze partition tables, volume management, Linux filesystems, and directory layout
  • Reconstruct the Linux startup process, from system boot and kernel initialization, to systemd unit files leading up to a graphical login
  • Perform historical analysis of power, temperature, and physical environment, and find evidence of sleep, hibernation, shutdowns, reboots, and crashes
  • Analyze network configuration, including interfaces, addresses, network managers, DNS, wireless artifacts, VPNs, firewalls, and proxy settings
  • Perform analysis of time and locale settings, internationalization (language and keyboard settings), and Linux geolocation services
  • Reconstruct user login sessions, analyze desktop artifacts, and identify traces of attached peripheral devices, including disks, printers, and mobile devices
The Hands-On Guide to Dissecting Malicious Software
by Michael Sikorski and Andrew Honig

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.

For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.

You'll learn how to:

  • Set up a safe virtual environment to analyze malware
  • Quickly extract network signatures and host-based indicators
  • Use key analysis tools like IDA Pro, OllyDbg, and WinDbg
  • Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques
  • Use your newfound knowledge of Windows internals for malware analysis
  • Develop a methodology for unpacking malware and get practical experience with five of the most popular packers
  • Analyze special cases of malware with shellcode, C++, and 64-bit code   Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.

Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.