The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
Patrick Engebretson - 2011
No prior hacking experience is needed. You learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, Hacker Defender rootkit, and more. A simple and clean explanation of how to effectively utilize these tools as well as the introduction to a four-step methodology for conducting a penetration test or hack, will provide you with know-how required to jump start your career or gain a better understanding of offensive security. The book serves as an introduction to penetration testing and hacking and will provide you with a solid foundation of knowledge. After completing the book readers will be prepared to take on in-depth and advanced topics in hacking and penetration testing. The book walks through each of the steps and tools in a structured, orderly manner allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases relate.Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phasesWritten by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State UniversityUtilizes the Backtrack Linux distribution and focuses on the seminal tools required to complete a penetration test
Implementing Domain-Driven Design
Vaughn Vernon - 2013
Vaughn Vernon couples guided approaches to implementation with modern architectures, highlighting the importance and value of focusing on the business domain while balancing technical considerations.Building on Eric Evans’ seminal book, Domain-Driven Design, the author presents practical DDD techniques through examples from familiar domains. Each principle is backed up by realistic Java examples–all applicable to C# developers–and all content is tied together by a single case study: the delivery of a large-scale Scrum-based SaaS system for a multitenant environment.The author takes you far beyond “DDD-lite” approaches that embrace DDD solely as a technical toolset, and shows you how to fully leverage DDD’s “strategic design patterns” using Bounded Context, Context Maps, and the Ubiquitous Language. Using these techniques and examples, you can reduce time to market and improve quality, as you build software that is more flexible, more scalable, and more tightly aligned to business goals.
Python Crash Course: A Hands-On, Project-Based Introduction to Programming
Eric Matthes - 2015
You'll also learn how to make your programs interactive and how to test your code safely before adding it to a project. In the second half of the book, you'll put your new knowledge into practice with three substantial projects: a Space Invaders-inspired arcade game, data visualizations with Python's super-handy libraries, and a simple web app you can deploy online.As you work through Python Crash Course, you'll learn how to: Use powerful Python libraries and tools, including matplotlib, NumPy, and PygalMake 2D games that respond to keypresses and mouse clicks, and that grow more difficult as the game progressesWork with data to generate interactive visualizationsCreate and customize simple web apps and deploy them safely onlineDeal with mistakes and errors so you can solve your own programming problemsIf you've been thinking seriously about digging into programming, Python Crash Course will get you up to speed and have you writing real programs fast. Why wait any longer? Start your engines and code!
The Practice of Network Security Monitoring: Understanding Incident Detection and Response
Richard Bejtlich - 2013
The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks — no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.You'll learn how to:Determine where to deploy NSM platforms, and size them for the monitored networks Deploy stand-alone or distributed NSM installations Use command line and graphical packet analysis tools, and NSM consoles Interpret network evidence from server-side and client-side intrusions Integrate threat intelligence into NSM software to identify sophisticated adversaries There's no foolproof way to keep attackers out of your network. But when they get in, you'll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
T.J. O'Connor - 2012
Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.
Design Patterns: Elements of Reusable Object-Oriented Software
Erich Gamma - 1994
Previously undocumented, these 23 patterns allow designers to create more flexible, elegant, and ultimately reusable designs without having to rediscover the design solutions themselves.The authors begin by describing what patterns are and how they can help you design object-oriented software. They then go on to systematically name, explain, evaluate, and catalog recurring designs in object-oriented systems. With Design Patterns as your guide, you will learn how these important patterns fit into the software development process, and how you can leverage them to solve your own design problems most efficiently. Each pattern describes the circumstances in which it is applicable, when it can be applied in view of other design constraints, and the consequences and trade-offs of using the pattern within a larger design. All patterns are compiled from real systems and are based on real-world examples. Each pattern also includes code that demonstrates how it may be implemented in object-oriented programming languages like C++ or Smalltalk.
Amazon Web Services in Action
Andreas Wittig - 2015
The book will teach you about the most important services on AWS. You will also learn about best practices regarding automation, security, high availability, and scalability.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.About the TechnologyPhysical data centers require lots of equipment and take time and resources to manage. If you need a data center, but don't want to build your own, Amazon Web Services may be your solution. Whether you're analyzing real-time data, building software as a service, or running an e-commerce site, AWS offers you a reliable cloud-based platform with services that scale. All services are controllable via an API which allows you to automate your infrastructure.About the BookAmazon Web Services in Action introduces you to computing, storing, and networking in the AWS cloud. The book will teach you about the most important services on AWS. You will also learn about best practices regarding security, high availability and scalability.You'll start with a broad overview of cloud computing and AWS and learn how to spin-up servers manually and from the command line. You'll learn how to automate your infrastructure by programmatically calling the AWS API to control every part of AWS. You will be introduced to the concept of Infrastructure as Code with the help of AWS CloudFormation.You will learn about different approaches to deploy applications on AWS. You'll also learn how to secure your infrastructure by isolating networks, controlling traffic and managing access to AWS resources. Next, you'll learn options and techniques for storing your data. You will experience how to integrate AWS services into your own applications by the use of SDKs. Finally, this book teaches you how to design for high availability, fault tolerance, and scalability.What's InsideOverview of cloud concepts and patternsManage servers on EC2 for cost-effectivenessInfrastructure automation with Infrastructure as Code (AWS CloudFormation)Deploy applications on AWSStore data on AWS: SQL, NoSQL, object storage and block storageIntegrate Amazon's pre-built servicesArchitect highly available and fault tolerant systemsAbout the ReaderWritten for developers and DevOps engineers moving distributed applications to the AWS platform.About the AuthorsAndreas Wittig and Michael Wittig are software engineers and consultants focused on AWS and web development.Table of ContentsPART 1 GETTING STARTEDWhat is Amazon Web Services?A simple example: WordPress in five minutesPART 2 BUILDING VIRTUAL INFRASTRUCTURE WITH SERVERS AND NETWORKINGUsing virtual servers: EC2Programming your infrastructure: the command line, SDKs, and CloudFormationAutomating deployment: CloudFormation, Elastic Beanstalk, and OpsWorksSecuring your system: IAM, security groups, and VPCPART 3 STORING DATA IN THE CLOUDStoring your objects: S3 and GlacierStoring your data on hard drives: EBS and instance storeUsing a relational database service: RDSProgramming for the NoSQL database service: DynamoDBPART 4 ARCHITECTING ON AWSAchieving high availability: availability zones, auto-scaling, and CloudWatchDecoupling your infrastructure: ELB and SQSDesigning for fault-toleranceScaling up and down: auto-scaling and CloudWatch
Agile Testing: A Practical Guide for Testers and Agile Teams
Lisa Crispin - 2008
The widespread adoption of agile methods has brought the need for effective testing into the limelight, and agile projects have transformed the role of testers. Much of a tester's function, however, remains largely misunderstood. What is the true role of a tester? Do agile teams actually need members with QA backgrounds? What does it really mean to be an "agile tester?"Two of the industry's most experienced agile testing practitioners and consultants, Lisa Crispin and Janet Gregory, have teamed up to bring you the definitive answers to these questions and many others. In Agile Testing, Crispin and Gregory define agile testing and illustrate the tester's role with examples from real agile teams. They teach you how to use the agile testing quadrants to identify what testing is needed, who should do it, and what tools might help. The book chronicles an agile software development iteration from the viewpoint of a tester and explains the seven key success factors of agile testing.Readers will come away from this book understanding- How to get testers engaged in agile development- Where testers and QA managers fit on an agile team- What to look for when hiring an agile tester- How to transition from a traditional cycle to agile development- How to complete testing activities in short iterations- How to use tests to successfully guide development- How to overcome barriers to test automationThis book is a must for agile testers, agile teams, their managers, and their customers.
97 Things Every Programmer Should Know: Collective Wisdom from the Experts
Kevlin Henney - 2010
With the 97 short and extremely useful tips for programmers in this book, you'll expand your skills by adopting new approaches to old problems, learning appropriate best practices, and honing your craft through sound advice.With contributions from some of the most experienced and respected practitioners in the industry--including Michael Feathers, Pete Goodliffe, Diomidis Spinellis, Cay Horstmann, Verity Stob, and many more--this book contains practical knowledge and principles that you can apply to all kinds of projects.A few of the 97 things you should know:"Code in the Language of the Domain" by Dan North"Write Tests for People" by Gerard Meszaros"Convenience Is Not an -ility" by Gregor Hohpe"Know Your IDE" by Heinz Kabutz"A Message to the Future" by Linda Rising"The Boy Scout Rule" by Robert C. Martin (Uncle Bob)"Beware the Share" by Udi Dahan
You Don't Know JS: Up & Going
Kyle Simpson - 2015
With the "You Don’t Know JS" book series, you’ll get a more complete understanding of JavaScript, including trickier parts of the language that many experienced JavaScript programmers simply avoid.The series’ first book, Up & Going, provides the necessary background for those of you with limited programming experience. By learning the basic building blocks of programming, as well as JavaScript’s core mechanisms, you’ll be prepared to dive into the other, more in-depth books in the series—and be well on your way toward true JavaScript.With this book you will:
Learn the essential programming building blocks, including operators, types, variables, conditionals, loops, and functions
Become familiar with JavaScript's core mechanisms such as values, function closures, this, and prototypes
Get an overview of other books in the series—and learn why it’s important to understand all parts of JavaScript
Enterprise Integration Patterns: Designing, Building, and Deploying Messaging Solutions
Gregor Hohpe - 2003
The authors also include examples covering a variety of different integration technologies, such as JMS, MSMQ, TIBCO ActiveEnterprise, Microsoft BizTalk, SOAP, and XSL. A case study describing a bond trading system illustrates the patterns in practice, and the book offers a look at emerging standards, as well as insights into what the future of enterprise integration might hold. This book provides a consistent vocabulary and visual notation framework to describe large-scale integration solutions across many technologies. It also explores in detail the advantages and limitations of asynchronous messaging architectures. The authors present practical advice on designing code that connects an application to a messaging system, and provide extensive information to help you determine when to send a message, how to route it to the proper destination, and how to monitor the health of a messaging system. If you want to know how to manage, monitor, and maintain a messaging system once it is in use, get this book.
How Would You Move Mount Fuji? Microsoft's Cult of the Puzzle--How the World's Smartest Companies Select the Most Creative Thinkers
William Poundstone - 2003
For the first time, William Poundstone reveals the toughest questions used at Microsoft and other Fortune 500 companies -- and supplies the answers. He traces the rise and controversial fall of employer-mandated IQ tests, the peculiar obsessions of Bill Gates (who plays jigsaw puzzles as a competitive sport), the sadistic mind games of Wall Street (which reportedly led one job seeker to smash a forty-third-story window), and the bizarre excesses of today's hiring managers (who may start off your interview with a box of Legos or a game of virtual Russian roulette). How Would You Move Mount Fuji? is an indispensable book for anyone in business. Managers seeking the most talented employees will learn to incorporate puzzle interviews in their search for the top candidates. Job seekers will discover how to tackle even the most brain-busting questions, and gain the advantage that could win the job of a lifetime. And anyone who has ever dreamed of going up against the best minds in business may discover that these puzzles are simply a lot of fun. Why are beer cans tapered on the end, anyway?
Impact Mapping: Making a Big Impact with Software Products and Projects
Gojko Adzic - 2012
The result is a tremendous amount of time and money wasted due to wrong assumptions, lack of focus, poor communication of objectives, lack of understanding and misalignment with overall goals. There has to be a better way to deliver!This handbook is a practical guide to impact mapping, a simple yet incredibly effective method for collaborative strategic planning that helps organisations make an impact with software. Impact mapping helps to create better plans and roadmaps that ensure alignment of business and delivery, and are easily adaptable to change. Impact mapping fits nicely into several current trends in software product management and release planning, including goal-oriented requirements engineering, frequent iterative delivery, agile and lean software methods, lean startup product development cycles, and design thinking.Who is this book for?The primary audience of this book are senior people involved in building software products or delivering software projects, from both business and delivery sides. This includes business sponsors and those whose responsibilities include product ownership, project oversight or portfolio management, architecture, business analysis, quality improvement and assurance and delivery. - Business people assigned to software projects will learn how to communicate their ideas better.- Senior product or project sponsors will learn how to communicate their assumptions more effectively to delivery teams, how to engage delivery teams to make better strategic decisions, and how to manage their project portfolio more effectively.- Delivery teams that are already working under the umbrella of agile or lean delivery methods, and more recently lean startup ideas, will learn how to better focus deliverables and engage business sponsors and users.- Delivery teams moving to agile or lean delivery methods will get ideas on how to address some common issues with scaling these practices, such as creating a big picture view, splitting work into small chunks that still have business value and reporting progress more meaningfully.About the authorGojko Adzic is a strategic software delivery consultant who works with ambitious teams to improve the quality of their software products and processes. Gojko won the 2012 Jolt Award for the best book, was voted by peers as the most influential agile testing professional in 2011, and his blog won the UK Agile Award for the best online publication in 2010. To get in touch, write to gojko@neuri.co.uk or visit http://gojko.net.
User Story Mapping: Discover the Whole Story, Build the Right Product
Jeff Patton - 2012
With this practical book, you'll explore the often-misunderstood practice of user story mapping, and learn how it can help keep your team stay focused on users and their experience throughout the development process.You and your team will learn that user stories aren't a way to write better specifications, but a way to organize and have better conversations. This book will help you understand what kinds of conversations you should be having, when to have them, and what to keep track of when you do. Learn the key concepts used to create a great story map. Understand how user stories really work, and how to make good use of them in agile and lean projects. Examine the nuts and bolts of managing stories through the development cycle. Use strategies that help you continue to learn before and after the product's release to customers and usersUser Story Mapping is ideal for agile and lean software development team members, product managers and UX practitioners in commercial product companies, and business analysts and project managers in IT organizations—whether you're new to this approach or want to understand more about it.
The Passionate Programmer
Chad Fowler - 2009
In this book, you'll learn how to become an entrepreneur, driving your career in the direction of your choosing. You'll learn how to build your software development career step by step, following the same path that you would follow if you were building, marketing, and selling a product. After all, your skills themselves are a product. The choices you make about which technologies to focus on and which business domains to master have at least as much impact on your success as your technical knowledge itself--don't let those choices be accidental. We'll walk through all aspects of the decision-making process, so you can ensure that you're investing your time and energy in the right areas. You'll develop a structured plan for keeping your mind engaged and your skills fresh. You'll learn how to assess your skills in terms of where they fit on the value chain, driving you away from commodity skills and toward those that are in high demand. Through a mix of high-level, thought-provoking essays and tactical "Act on It" sections, you will come away with concrete plans you can put into action immediately. You'll also get a chance to read the perspectives of several highly successful members of our industry from a variety of career paths. As with any product or service, if nobody knows what you're selling, nobody will buy. We'll walk through the often-neglected world of marketing, and you'll create a plan to market yourself both inside your company and to the industry in general. Above all, you'll see how you can set the direction of your career, leading to a more fulfilling and remarkable professional life.