Web Application Defender's Cookbook
Web Application Defender's Cookbook

Author: Ryan C. Barnett

Publisher: John Wiley & Sons

Published: 2013-01-04

Total Pages: 563

ISBN-13: 1118417054

DOWNLOAD EBOOK

Defending your web applications against hackers and attackers The top-selling book Web Application Hacker's Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender's Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants. Each "recipe" shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more. Provides practical tactics for detecting web attacks and malicious behavior and defending against them Written by a preeminent authority on web application firewall technology and web application defense tactics Offers a series of "recipes" that include working code examples for the open-source ModSecurity web application firewall module Find the tools, techniques, and expert information you need to detect and respond to web application attacks with Web Application Defender's Cookbook: Battling Hackers and Protecting Users.

The Web Application Hacker's Handbook
The Web Application Hacker's Handbook

Author: Dafydd Stuttard

Publisher: John Wiley & Sons

Published: 2011-03-16

Total Pages: 770

ISBN-13: 1118079612

DOWNLOAD EBOOK

This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results. The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.

Web Application Obfuscation
Web Application Obfuscation

Author: Mario Heiderich

Publisher: Elsevier

Published: 2011-01-13

Total Pages: 188

ISBN-13: 1597496057

DOWNLOAD EBOOK

Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures. Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems. Find out how an attacker would bypass different types of security controls, how these very security controls introduce new types of vulnerabilities, and how to avoid common pitfalls in order to strengthen your defenses. - Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews - Looks at security tools like IDS/IPS that are often the only defense in protecting sensitive data and assets - Evaluates Web application vulnerabilties from the attacker's perspective and explains how these very systems introduce new types of vulnerabilities - Teaches how to secure your data, including info on browser quirks, new attacks and syntax tricks to add to your defenses against XSS, SQL injection, and more

Linda McCartney's Family Kitchen
Linda McCartney's Family Kitchen

Author: Linda McCartney

Publisher: Little, Brown

Published: 2021-06-29

Total Pages: 320

ISBN-13: 0316497975

DOWNLOAD EBOOK

Join the McCartney family for a feast of nearly 100 sustainable, plant-based recipes to save the planet and nourish the soul, in this deeply personal cookbook from Paul, Mary, and Stella honoring their late wife and mother, Linda McCartney “I have a passion for peace and believe it starts with compassion to animals." —Linda McCartney Linda McCartney was a trailblazer of meat-free cooking, and she shared with her family the pleasure that eating compassionately could bring. Now Paul, Mary and Stella have reimagined Linda’s best-loved recipes, in a modern collection that fits perfectly with how we want to eat now. Family favorites such as French Toast, Chili non Carne, Sausage Rolls, Shepherd’s Pie, Pulled Jackfruit Burgers and Crunchy Pecan Cookies are just some of the many simple, nourishing and sustainable vegan recipes included in this stylish book. Complete with personal stories and intimate family photos spanning three decades, Linda McCartney’s Family Kitchen is not only good for you, but for the planet too.

Android Security Cookbook
Android Security Cookbook

Author: Keith Makan

Publisher: Packt Publishing Ltd

Published: 2013-12-23

Total Pages: 533

ISBN-13: 178216717X

DOWNLOAD EBOOK

Android Security Cookbook' breaks down and enumerates the processes used to exploit and remediate Android app security vulnerabilities in the form of detailed recipes and walkthroughs. Android Security Cookbook is aimed at anyone who is curious about Android app security and wants to be able to take the necessary practical measures to protect themselves; this means that Android application developers, security researchers and analysts, penetration testers, and generally any CIO, CTO, or IT managers facing the impeding onslaught of mobile devices in the business environment will benefit from reading this book.

Kali Linux Cookbook
Kali Linux Cookbook

Author: Willie L. Pritchett

Publisher: Packt Publishing Ltd

Published: 2013-10-15

Total Pages: 371

ISBN-13: 1783289600

DOWNLOAD EBOOK

A practical, cookbook style with numerous chapters and recipes explaining the penetration testing. The cookbook-style recipes allow you to go directly to your topic of interest if you are an expert using this book as a reference, or to follow topics throughout a chapter to gain in-depth knowledge if you are a beginner.This book is ideal for anyone who wants to get up to speed with Kali Linux. It would also be an ideal book to use as a reference for seasoned penetration testers.

Soframiz
Soframiz

Author: Ana Sortun

Publisher: Ten Speed Press

Published: 2016-10-11

Total Pages: 266

ISBN-13: 1607749181

DOWNLOAD EBOOK

This charming collection of 100 recipes for everyday cooking and entertaining from Cambridge's Sofra Bakery and Cafe, showcases modern Middle Eastern spices and flavors through exotic yet accessible dishes both sweet and savory. Ana Sortun and Maura Kilpatrick have traveled extensively throughout Turkey and the Middle East, researching recipes and gaining inspiration for their popular cafe and bakery, Sofra. In their first cookbook together, the two demystify and explore the flavors of this popular region, creating accessible, fun recipes for everyday eating and entertaining. With a primer on essential ingredients and techniques, and recipes such as Morning Buns with Orange Blossom Glaze, Whipped Feta with Sweet and Hot Peppers, Eggplant Manoushe with Labne and Za'atar, and Sesame Caramel Cashews, Soframiz will transport readers to the markets and kitchens of the Middle East.

Burp Suite Cookbook
Burp Suite Cookbook

Author: Sunny Wear

Publisher: Packt Publishing Ltd

Published: 2018-09-26

Total Pages: 350

ISBN-13: 1789539277

DOWNLOAD EBOOK

Get hands-on experience in using Burp Suite to execute attacks and perform web assessments Key FeaturesExplore the tools in Burp Suite to meet your web infrastructure security demandsConfigure Burp to fine-tune the suite of tools specific to the targetUse Burp extensions to assist with different technologies commonly found in application stacksBook Description Burp Suite is a Java-based platform for testing the security of your web applications, and has been adopted widely by professional enterprise testers. The Burp Suite Cookbook contains recipes to tackle challenges in determining and exploring vulnerabilities in web applications. You will learn how to uncover security flaws with various test cases for complex environments. After you have configured Burp for your environment, you will use Burp tools such as Spider, Scanner, Intruder, Repeater, and Decoder, among others, to resolve specific problems faced by pentesters. You will also explore working with various modes of Burp and then perform operations on the web. Toward the end, you will cover recipes that target specific test scenarios and resolve them using best practices. By the end of the book, you will be up and running with deploying Burp for securing web applications. What you will learnConfigure Burp Suite for your web applicationsPerform authentication, authorization, business logic, and data validation testingExplore session management and client-side testingUnderstand unrestricted file uploads and server-side request forgeryExecute XML external entity attacks with BurpPerform remote code execution with BurpWho this book is for If you are a security professional, web pentester, or software developer who wants to adopt Burp Suite for applications security, this book is for you.

AWS Security Cookbook
AWS Security Cookbook

Author: Heartin Kanikathottu

Publisher: Packt Publishing Ltd

Published: 2020-02-27

Total Pages: 434

ISBN-13: 1838827420

DOWNLOAD EBOOK

Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, along with following cloud security best practices Key Features Explore useful recipes for implementing robust cloud security solutions on AWS Monitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, config, GuardDuty, and Macie Prepare for the AWS Certified Security-Specialty exam by exploring various security models and compliance offerings Book DescriptionAs a security consultant, securing your infrastructure by implementing policies and following best practices is critical. This cookbook discusses practical solutions to the most common problems related to safeguarding infrastructure, covering services and features within AWS that can help you implement security models such as the CIA triad (confidentiality, integrity, and availability), and the AAA triad (authentication, authorization, and availability), along with non-repudiation. The book begins with IAM and S3 policies and later gets you up to speed with data security, application security, monitoring, and compliance. This includes everything from using firewalls and load balancers to secure endpoints, to leveraging Cognito for managing users and authentication. Over the course of this book, you'll learn to use AWS security services such as Config for monitoring, as well as maintain compliance with GuardDuty, Macie, and Inspector. Finally, the book covers cloud security best practices and demonstrates how you can integrate additional security services such as Glacier Vault Lock and Security Hub to further strengthen your infrastructure. By the end of this book, you'll be well versed in the techniques required for securing AWS deployments, along with having the knowledge to prepare for the AWS Certified Security – Specialty certification.What you will learn Create and manage users, groups, roles, and policies across accounts Use AWS Managed Services for logging, monitoring, and auditing Check compliance with AWS Managed Services that use machine learning Provide security and availability for EC2 instances and applications Secure data using symmetric and asymmetric encryption Manage user pools and identity pools with federated login Who this book is for If you are an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You will also find this book useful if you’re looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

The Browser Hacker's Handbook
The Browser Hacker's Handbook

Author: Wade Alcorn

Publisher: John Wiley & Sons

Published: 2014-02-26

Total Pages: 663

ISBN-13: 111891435X

DOWNLOAD EBOOK

Hackers exploit browser vulnerabilities to attack deep within networks The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods. The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as: Bypassing the Same Origin Policy ARP spoofing, social engineering, and phishing to access browsers DNS tunneling, attacking web applications, and proxying—all from the browser Exploiting the browser and its ecosystem (plugins and extensions) Cross-origin attacks, including Inter-protocol Communication and Exploitation The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.