In Web Form Design, Luke Wroblewski draws on original research, his considerable experience at Yahoo! and eBay, and the perspectives of many of the field's leading designers to show you everything you need to know about designing effective and engaging Web forms.

    The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.

    It's a book about the fate of one idea--that the Internet might liberate us forever from government, borders, and even our physical selves. We learn of Google's struggles with the French government and Yahoo's capitulation to the Chinese regime; of how the European Union sets privacy standards on the Net for the entire world; and of eBay's struggles with fraud and how it slowly learned to trust the FBI. In a decade of events the original vision is uprooted, as governments time and time again assert their power to direct the future of the Internet. The destiny of the Internet over the next decades, argue Goldsmith and Wu, will reflect the interests of powerful nations and the conflicts within and between them.While acknowledging the many attractions of the earliest visions of the Internet, the authors describe the new order, and speaking to both its surprising virtues and unavoidable vices. Far from destroying the Internet, the experience of the last decade has lead to a quiet rediscovery of some of the oldest functions and justifications for territorial government. While territorial governments have unavoidable problems, it has proven hard to replace what legitimacy governments have, and harder yet to replace the system of rule of law that controls the unchecked evils of anarchy. While the Net will change some of the ways that territorial states govern, it will not diminish the oldest and most fundamental roles of government and challenges of governance.Well written and filled with fascinating examples, including colorful portraits of many key players in Internet history, this is a work that is bound to stir heated debate in the cyberspace community.

    Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real.

    This new revised edition confirms Web Style Guide as the go-to authority in a rapidly changing market. As web designers move from building sites from scratch to using content management and aggregation tools, the book’s focus shifts away from code samples and toward best practices, especially those involving mobile experience, social media, and accessibility. An ideal reference for web site designers in corporations, government, nonprofit organizations, and academic institutions, the book explains established design principles and covers all aspects of web design—from planning to production to maintenance. The guide also shows how these principles apply in web design projects whose primary concerns are information design, interface design, and efficient search and navigation.

    Circling them is a new generation of hackers, pro-democracy campaigners and internet activists who no longer accept that the Establishment should run the show. Award-winning journalist and campaigner Heather Brooke takes us inside the Information War and explores the most urgent questions of the digital age: where is the balance between freedom and security? In an online world, does privacy still exist? And will the internet empower individuals, or usher in a new age of censorship, surveillance and oppression?

    Boasting a full-color interior packed with design and layout examples, this book teaches you how to understand a user's needs, divulges techniques for exceeding a user's expectations, and provides a host of hard won advice for improving the overall quality of a user's experience. World-renowned UX guru Eric Reiss shares his knowledge from decades of experience making products useable for everyone...all in an engaging, easy-to-apply manner.Reveals proven tools that simply make products better, from the users' perspective Provides simple guidelines and checklists to help you evaluate and improve your own products Zeroes in on essential elements to consider when planning a product, such as its functionality and responsiveness, whether or not it is ergonomic, making it foolproof, and more Addresses considerations for product clarity, including its visibility, understandability, logicalness, consistency, and predictability Usable Usability walks you through numerous techniques that will help ensure happy customers and successful products!

    Packed with real-world examples, this book teaches you all the essentials of server-side programming, from the fundamentals of PHP and MySQL coding to advanced topics such as form validation, session IDs, cookies, database queries and joins, file I/O operations, content management, and more.Head First PHP & MySQL offers the same visually rich format that's turned every title in the Head First series into a bestseller, with plenty of exercises, quizzes, puzzles, and other interactive features to help you retain what you've learned.Use PHP to transform static HTML pages into dynamic web sites Create and populate your own MySQL database tables, and work with data stored in files Perform sophisticated MySQL queries with joins, and refine your results with LIMIT and ORDER BY Use cookies and sessions to track visitors' login information and personalize the site for users Protect your data from SQL injection attacks Use regular expressions to validate information on forms Dynamically display text based on session info and create images on the fly Pull syndicated data from other sites using PHP and XML Throughout the book, you'll build sophisticated examples -- including a mailing list, a job board, and an online dating site -- to help you learn how to harness the power of PHP and MySQL in a variety of contexts. If you're ready to build a truly dynamic website, Head First PHP & MySQL is the ideal way to get going.

    But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester's Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.Once you've built your foundation for penetration testing, you'll learn the Framework's conventions, interfaces, and module system as you launch simulated attacks. You'll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks.Learn how to:Find and exploit unmaintained, misconfigured, and unpatched systems Perform reconnaissance and find valuable information about your target Bypass anti-virus technologies and circumvent security controls Integrate Nmap, NeXpose, and Nessus with Metasploit to automate discovery Use the Meterpreter shell to launch further attacks from inside the network Harness standalone Metasploit utilities, third-party tools, and plug-ins Learn how to write your own Meterpreter post exploitation modules and scripts You'll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else's to the test, Metasploit: The Penetration Tester's Guide will take you there and beyond.

    In this question-and-answer book on jQuery, you'll find a cookbook of ready-to-go solutions to help breathe life into your web page. Topics covered include: - Scrolling, Resizing and Animating Webpage elements - Backgrounds, Slideshows, and Crossfaders - Menus, Tabs, and Panels - Buttons, Fields, and Controls - Lists, Trees, and Tables - Frames, Windows, and Dialogs - Adding interactivity with Ajax - Using the jQuery User Interface Themeroller - Writing your own jQuery plug-ins All code used to create each solution is available for download and guaranteed to be simple, efficient and cross-browser compatible.

    But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.You'll learn how to:Automate tedious reversing and security tasks Design and program your own debugger Learn how to fuzz Windows drivers and create powerful fuzzers from scratch Have fun with code and library injection, soft and hard hooking techniques, and other software trickery Sniff secure traffic out of an encrypted web browser session Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more The world's best hackers are using Python to do their handiwork. Shouldn't you?

    It provides everything you need to know about modern JavaScript, and shows what JavaScript can do for your web sites. This book doesn't waste any time looking at things you already know, like basic syntax and structures.Expert web developer and author John Resig concentrates on fundamental, vital topics--what modern JavaScripting is (and isnt), the current state of browser support, and pitfalls to be wary of. The book is organized into four sections:Modern JavaScript development using JavaScript the object-oriented way, creating reusable code, plus testing and debugging DOM scripting updating content and styles, plus events, and effect and event libraries How Ajax works, overcoming problems, and using libraries to speed up development of Ajax applications The future of JavaScript looking at cutting edge topics like JSON, HTML5, and moreAll concepts are backed up by real-world examples and case studies, and John provides numerous reusable functions and classes to save you time in your development. There are also up-to-date reference appendixes for the DOM, events, browser support (including IE7), and frameworks, so you can look up specific details quickly and easily.

    The book details the major subsystems and features of the Linux kernel, including its design, implementation, and interfaces. It covers the Linux kernel with both a practical and theoretical eye, which should appeal to readers with a variety of interests and needs. The author, a core kernel developer, shares valuable knowledge and experience on the 2.6 Linux kernel. Specific topics covered include process management, scheduling, time management and timers, the system call interface, memory addressing, memory management, the page cache, the VFS, kernel synchronization, portability concerns, and debugging techniques. This book covers the most interesting features of the Linux 2.6 kernel, including the CFS scheduler, preemptive kernel, block I/O layer, and I/O schedulers. The third edition of Linux Kernel Development includes new and updated material throughout the book:An all-new chapter on kernel data structuresDetails on interrupt handlers and bottom halvesExtended coverage of virtual memory and memory allocationTips on debugging the Linux kernelIn-depth coverage of kernel synchronization and lockingUseful insight into submitting kernel patches and working with the Linux kernel community

    Drawing on their extraordinary experience, they introduce a start-to-finish methodology for "ripping apart" applications to reveal even the most subtle and well-hidden security flaws.

    Written in a frank but engaging style, Debuggingprovides simple, foolproof principles guaranteed to help find any bug quickly. This book makes those shelves of application-specific debugging books (on C++, Perl, Java, etc.) obsolete. It changes the way readers think about debugging, making those pesky problems suddenly much easier to find and fix. Illustrating the rules with real-life bug-detection war stories, the book shows readers how to: * Understand the system: how perceiving the ""roadmap"" can hasten your journey * Quit thinking and look: when hands-on investigation can’t be avoided * Isolate critical factors: why changing one element at a time can be an essential tool * Keep an audit trail: how keeping a record of the debugging process can win the day