A complete overview of shell programming This classic edition deals specifically with the techniques of shell programming.-- Presents information in step-by-step fashion-- Covers all the features of the standard shell, with additional instructions for the Korn Shell-- Teaches how to use the shell to tailor the UNIX environment

    I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!" --Stephen Northcutt, CEO, SANS Institute "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field." --From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." --Lenny Zeltser, coauthor of Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both." --William Stearns, network security expert, www.stearns.org "This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written." --Warwick Ford, coauthor of Secure Electronic Commerce For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You'll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.Important features of this new edition includeAll-new "anatomy-of-an-attack" scenarios and tools An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking" New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit New information on dangerous, hard-to-detect, kernel-mode rootkits

    You'll systematically discover each technology in the MEAN stack as you build up an application one layer at a time, just as you'd do in a real project.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyTraditional web dev stacks use a different programming language in every layer, resulting in a complex mashup of code and frameworks. Together, the MongoDB database, the Express and AngularJS frameworks, and Node.js constitute the MEAN stack--a powerful platform that uses only one language, top to bottom: JavaScript. Developers and businesses love it because it's scalable and cost-effective. End users love it because the apps created with it are fast and responsive. It's a win-win-win!About the BookGetting MEAN with Mongo, Express, Angular, and Node teaches you how to develop web applications using the MEAN stack. First, you'll create the skeleton of a static site in Express and Node, and then push it up to a live web server. Next, you'll add a MongoDB database and build an API before using Angular to handle data manipulation and application logic in the browser. Finally you'll add an authentication system to the application, using the whole stack. When you finish, you'll have all the skills you need to build a dynamic data-driven web application.What's InsideFull-stack development using JavaScriptResponsive web techniquesEverything you need to get started with MEANBest practices for efficiency and reusabilityAbout the ReaderReaders should have some web development experience. This book is based on MongoDB 2, Express 4, Angular 1, and Node.js 4.About the AuthorSimon Holmes has been a full-stack developer since the late 1990s and runs Full Stack Training Ltd.Table of ContentsPART 1 SETTING THE BASELINEIntroducing full-stack developmentDesigning a MEAN stack architecturePART 2 BUILDING A NODE WEB APPLICATIONCreating and setting up a MEAN projectBuilding a static site with Node and ExpressBuilding a data model with MongoDB and MongooseWriting a REST API: Exposing the MongoDB database to the applicationConsuming a REST API: Using an API from inside ExpressPART 3 ADDING A DYNAMIC FRONT END WITH ANGULARAdding Angular components to an Express applicationBuilding a single-page application with Angular: FoundationsBuilding an SPA with Angular: The next levelPART 4 MANAGING AUTHENTICATION AND USER SESSIONSAuthenticating users, managing sessions, and securing APIsAPPENDIXESInstalling the stackInstalling and preparing the supporting castDealing with all of the viewsReintroducing JavaScript - available online only

    Build hands-on expertise through a series of lessons, exercises, and suggested practices—and help maximize your performance on the job.Provides in-depth, hands-on training you take at your own pace Focuses on job-role-specific expertise for using HTML5, JavaScript, and CSS3 to begin building modern web and Windows 8 apps Features pragmatic lessons, exercises, and practices Creates a foundation of skills which, along with on-the-job experience, can be measured by Microsoft Certification exams such as 70-480 Coverage includes: creating HTML5 documents; implementing styles with CSS3; JavaScript in depth; using Microsoft developer tools; AJAX; multimedia support; drawing with Canvas and SVG; drag and drop functionality; location-aware apps; web storage; offline apps; writing your first simple Windows 8 apps; and other key topics

    When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring.For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way.You'll learn how to:Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and WinDbg Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques Use your newfound knowledge of Windows internals for malware analysis Develop a methodology for unpacking malware and get practical experience with five of the most popular packers Analyze special cases of malware with shellcode, C++, and 64-bit code Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back.Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.

    This one's a keeper." --Robert C. Martin "If you want to be an expert in the state of the art in TDD, you need to understand the ideas in this book."--Michael Feathers Test-Driven Development (TDD) is now an established technique for delivering better software faster. TDD is based on a simple idea: Write tests for your code before you write the code itself. However, this simple idea takes skill and judgment to do well. Now there's a practical guide to TDD that takes you beyond the basic concepts. Drawing on a decade of experience building real-world systems, two TDD pioneers show how to let tests guide your development and "grow" software that is coherent, reliable, and maintainable. Steve Freeman and Nat Pryce describe the processes they use, the design principles they strive to achieve, and some of the tools that help them get the job done. Through an extended worked example, you'll learn how TDD works at multiple levels, using tests to drive the features and the object-oriented structure of the code, and using Mock Objects to discover and then describe relationships between objects. Along the way, the book systematically addresses challenges that development teams encounter with TDD--from integrating TDD into your processes to testing your most difficult features. Coverage includes - Implementing TDD effectively: getting started, and maintaining your momentum throughout the project - Creating cleaner, more expressive, more sustainable code - Using tests to stay relentlessly focused on sustaining quality - Understanding how TDD, Mock Objects, and Object-Oriented Design come together in the context of a real software development project - Using Mock Objects to guide object-oriented designs - Succeeding where TDD is difficult: managing complex test data, and testing persistence and concurrency

    In the second edition of Network Security, this most distinguished of author teams draws on hard-won experience to explain every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the book's extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, PKI Standards, and Web security.

    Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes became ever more brazen, eventually leading to the first-ever blackouts triggered by hackers. They culminated in the summer of 2017 when malware known as NotPetya was unleashed, compromising, disrupting, and paralyzing some of the world's largest companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. NotPetya spread around the world, inflicting an unprecedented ten billions of dollars in damage--the largest, most penetrating cyberattack the world had ever seen.The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in the internet's history: Sandworm. Believed to be working in the service of Russia's military intelligence agency, they represent a persistent, highly skilled, state-sponsored hacking force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and civilians alike.From WIRED senior writer Andy Greenberg comes Sandworm, the true story of the desperate hunt to identify and track those attackers. It considers the danger this force poses to our national stability and security. And as the Kremlin's role in manipulating foreign governments and sparking chaos globally comes into greater focus, Sandworm reveals the realities not just of Russia's global digital offensive, but of an era where warfare ceases to be waged on the battlefield--where the line between digital and physical conflict begins to blur, with world-shaking implications.

    Written by the creator of Minux, professional programmers will now have the most up-to-date tutorial and reference available today. Revised to address the latest version of MINIX (MINIX 3), this streamlined, simplified new edition remains the only operating systems text to first explain relevant principles, then demonstrate their applications using a Unix-like operating system as a detailed example. It has been especially designed for high reliability, for use in embedded systems, and for ease of teaching.

    This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.Understand OAuth 2.0’s role in authentication and authorizationLearn how OAuth’s Authorization Code flow helps you integrate data from different business applicationsDiscover why native mobile apps use OAuth differently than mobile web appsUse OpenID Connect and eliminate the need to build your own authentication system

    Scripting is a way to harness and customize the power of any Unix system, and it's an essential skill for any Unix users, including system administrators and professional OS X developers. But beneath this simple promise lies a treacherous ocean of variations in Unix commands and standards.bash Cookbook teaches shell scripting the way Unix masters practice the craft. It presents a variety of recipes and tricks for all levels of shell programmers so that anyone can become a proficient user of the most common Unix shell -- the bash shell -- and cygwin or other popular Unix emulation packages. Packed full of useful scripts, along with examples that explain how to create better scripts, this new cookbook gives professionals and power users everything they need to automate routine tasks and enable them to truly manage their systems -- rather than have their systems manage them.

    As the words "at work" suggest, Peter Seibel focuses on how his interviewees tackle the day–to–day work of programming, while revealing much more, like how they became great programmers, how they recognize programming talent in others, and what kinds of problems they find most interesting. Hundreds of people have suggested names of programmers to interview on the Coders at Work web site: http://www.codersatwork.com. The complete list was 284 names. Having digested everyone’s feedback, we selected 16 folks who’ve been kind enough to agree to be interviewed:- Frances Allen: Pioneer in optimizing compilers, first woman to win the Turing Award (2006) and first female IBM fellow- Joe Armstrong: Inventor of Erlang- Joshua Bloch: Author of the Java collections framework, now at Google- Bernie Cosell: One of the main software guys behind the original ARPANET IMPs and a master debugger- Douglas Crockford: JSON founder, JavaScript architect at Yahoo!- L. Peter Deutsch: Author of Ghostscript, implementer of Smalltalk-80 at Xerox PARC and Lisp 1.5 on PDP-1- Brendan Eich: Inventor of JavaScript, CTO of the Mozilla Corporation - Brad Fitzpatrick: Writer of LiveJournal, OpenID, memcached, and Perlbal - Dan Ingalls: Smalltalk implementor and designer- Simon Peyton Jones: Coinventor of Haskell and lead designer of Glasgow Haskell Compiler- Donald Knuth: Author of The Art of Computer Programming and creator of TeX- Peter Norvig: Director of Research at Google and author of the standard text on AI- Guy Steele: Coinventor of Scheme and part of the Common Lisp Gang of Five, currently working on Fortress- Ken Thompson: Inventor of UNIX- Jamie Zawinski: Author of XEmacs and early Netscape/Mozilla hackerWhat you’ll learn:How the best programmers in the world do their jobWho is this book for?Programmers interested in the point of view of leaders in the field. Programmers looking for approaches that work for some of these outstanding programmers.

    Reverse engineering is not about reading assembly code, but actually understanding how different pieces/components in a system work. To reverse engineer a system is to understand how it is constructed and how it works. The book provides: Coverage of x86, x64, and ARM. In the past x86 was the most common architecture on the PC; however, times have changed and x64 is becoming the dominant architecture. It brings new complexity and constructs previously not present in x86. ARM ("Advanced RISC Machine) "is very common in embedded / consumer electronic devices; for example, most if not all cell phones run on ARM. All of apple's i-devices run on ARM. This book will be the first book to cover all three.Discussion of Windows kernel-mode code (rootkits/drivers). This topic has a steep learning curve so most practitioners stay away from this area because it is highly complex. However, this book will provide a concise treatment of this topic and explain how to analyze drivers step-by-step.The book uses real world examples from the public domain. The best way to learn is through a combination of concept discussions, examples, and exercises. This book uses real-world trojans / rootkits as examples congruent with real-life scenariosHands-on exercises. End-of-chapter exercises in the form of conceptual questions and hands-on analysis so so readers can solidify their understanding of the concepts and build confidence. The exercises are also meant to teach readers about topics not covered in the book.

    From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire. Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine. Hints and instructions are provided for common uses such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks. Nmap runs on Windows, Linux, and Mac OS X.Nmap's original author, Gordon "Fyodor" Lyon, wrote this book to share everything he has learned about network scanning during more than 11 years of Nmap development. Visit http: //nmap.org/book for more information and sample chapters.

    Offering a gentle learning curve, PHP is an accessible yet powerful language for creating dynamic web pages. As its popularity has grown, PHP's basic feature set has become increasingly more sophisticated. Now PHP 5 boasts advanced features--such as new object-oriented capabilities and support for XML and Web Services--that will please even the most experienced web professionals while still remaining user-friendly enough for those with a lower tolerance for technical jargon.If you've wanted to try your hand at PHP but haven't known where to start, then Learning PHP 5 is the book you need. If you've wanted to try your hand at PHP but haven't known where to start, then Learning PHP 5 is the book you need. With attention to both PHP 4 and the new PHP version 5, it provides everything from a explanation of how PHP works with your web server and web browser to the ins and outs of working with databases and HTML forms. Written by the co-author of the popular PHP Cookbook, this book is for intelligent (but not necessarily highly-technical) readers. Learning PHP 5 guides you through every aspect of the language you'll need to master for professional web programming results. This book provides a hands-on learning experience complete with exercises to make sure the lessons stick.Learning PHP 5 covers the following topics, and more:How PHP works with your web browser and web server PHP language basics, including data, variables, logic and looping Working with arrays and functions Making web forms Working with databases like MySQL Remembering users with sessions Parsing and generating XML DebuggingWritten by David Sklar, coauthor of the PHP Cookbook and an instructor in PHP, this book offers the ideal classroom learning experience whether you're in a classroom or on your own. From learning how to install PHP to designing database-backed web applications, Learning PHP 5 will guide you through every aspect of the language you'll need to master to achieve professional web programming results.