Book picks similar to
Improving Web Application Security: Threats and Countermeasures: Threats and Countermeasures by Microsoft Corporation
computerbooks
information-security
infosec
programming
Manly Crafts
Instructables.com - 2011
Learn how to make a 5-cent wedding band, leather iPod case, and paracord bullwhip!
Stealing the Network: How to Own a Shadow
Johnny Long - 2007
Stealing the Network: How to Own a Shadow is the final book in Syngress ground breaking, best-selling, Stealing the Network series. As with previous title, How to Own a Shadow is a fictional story that demonstrates accurate, highly detailed scenarios of computer intrusions and counter-strikes. In How to Own a Thief, Knuth, the master-mind, shadowy figure from previous books, is tracked across the world and the Web by cyber adversaries with skill to match his own. Readers will be amazed at how Knuth, Law Enforcement, and Organized crime twist and torque everything from game stations, printers and fax machines to service provider class switches and routers steal, deceive, and obfuscate. From physical security to open source information gathering, Stealing the Network: How to Own a Shadow will entertain and educate the reader on every page. The book s companion Web site will also provide special, behind-the-scenes details and hacks for the reader to join in the chase for Knuth. . The final book in the Stealing the Network series will be a must read for the 50,000 readers worldwide of the first three titles . The companion Web site to the book will provide challenging scenarios from the book to allow the reader to track down Knuth . Law enforcement and security professionals will gain practical, technical knowledge for apprehending the most supplicated cyber-adversaries
Visual C++ Programming
Yashavant P. Kanetkar - 2004
Core Java: An Integrated Approach
R. Nageswara Rao - 2008
Considering just how java is dominating the software industry these days, it is vital for all software and it professionals to be knowledgeable in it. This book is ideal even for new learners as it provides detailed descriptions even of the basic concepts of java, in a very simple and easily understandable way. The best part about using this book is that once you have gone through it, you are sure to be able to write basic java programs on your own. Another highlight of this book is that instead of being vague, it provides you with a detailed explanation of all the concepts that concern this topic. Core java: an integrated approach includes many examples that are helpful as they help students get rid of the fears that they have, concerning programming. Students are also provided with an exhaustive list of questions concerning the topic, which are frequently asked in interviews. This is beneficial for students as they appear for interviews in the future. The first edition of the core java: an integrated approach has been published by dreamtech press in the year 2008 and is available in paperback.key features: this book includes 32 chapters that focus on various java-related topics. Students are provided with an exhaustive list of questions that often feature in interviews for programming jobs.
Stealing the Network: How to Own an Identity
Raven Alder - 2005
Now, the criminal hackers readers have grown to both love and hate try to cover their tracks and vanish into thin air... Stealing the Network: How to Own an Identity is the 3rd book in the Stealing series, and continues in the tradition created by its predecessors by delivering real-world network attack methodologies and hacking techniques within a context of unique and original fictional accounts created by some of the world's leading security professionals and computer technologists. The seminal works in TechnoFiction, this STN collection yet again breaks new ground by casting light upon the mechanics and methods used by those lurking on the darker side of the Internet, engaging in the fastest growing crime in the world: Identity theft.Cast upon a backdrop of Evasion, surviving characters from How to Own a Continent find themselves on the run, fleeing from both authority and adversary, now using their technical prowess in a way they never expected--to survive.
Principles of Information Security
Michael E. Whitman - 2002
Principles of Information Security, Third Edition builds on internationally recognized standards and bodies of knowledge to provide the knowledge and skills that information systems students need for their future roles as business decision-makers. Coverage includes key knowledge areas of the CISSP (Certified Information Systems Security Professional), as well as risk management, cryptography, physical security, and more. The third edition has retained the real-world examples and scenarios that made previous editions so successful, but has updated the content to reflect technology's latest capabilities and trends. With this emphasis on currency and comprehensive coverage, readers can feel confident that they are using a standards-based, content-driven resource to prepare them for their work in the field.
CEH Certified Ethical Hacker Study Guide
Kimberly Graves - 2010
That's the philosophy behind ethical hacking, and it's a growing field. Prepare for certification in this important area with this advanced study guide that covers all exam objectives for the challenging CEH Certified Ethical Hackers exam. The book provides full coverage of exam topics, real-world examples, and a CD with additional materials for extra review and practice. Covers ethics and legal issues, footprinting, scanning, enumeration, system hacking, trojans and backdoors, sniffers, denial of service, social engineering, session hijacking, hacking Web servers, Web application vulnerabilities, and more Walks you through exam topics and includes plenty of real-world scenarios to help reinforce concepts Includes a CD with review questions, bonus exams, and more study tools This is the ideal guide to prepare you for the new CEH certification exam. Reviews
Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
Kevin D. Mitnick - 2011
While other nerds were fumbling with password possibilities, this adept break-artist was penetrating the digital secrets of Sun Microsystems, Digital Equipment Corporation, Nokia, Motorola, Pacific Bell, and other mammoth enterprises. His Ghost in the Wires memoir paints an action portrait of a plucky loner motivated by a passion for trickery, not material game. (P.S. Mitnick's capers have already been the subject of two books and a movie. This first-person account is the most comprehensive to date.)
Kali Linux Revealed: Mastering the Penetration Testing Distribution
Raphaël Hertzog - 2017
They provided a secure and reliable foundation, allowing us to concentrate on securing our digital world.An amazing community has built up around Kali Linux. Every month, more than 300,000 of us download a version of Kali. We come together in online and real-world training rooms and grind through the sprawling Offensive Security Penetration Testing Labs, pursuing the near-legendary Offensive Security certifications. We come together on the Kali forums, some 40,000 strong, and hundreds of us at a time can be found on the Kali IRC channel. We gather at conferences and attend Kali Dojos to learn from the developers themselves how to best leverage Kali.However, the Kali team has never released an official Kali Linux manual, until now.In this book, we'll focus on the Kali Linux platform itself, and help you understand and maximize Kali from the ground up. The developers will walk you through Kali Linux features and fundamentals, provide a crash course in basic Linux commands and concepts, and then walk you through the most common Kali Linux installation scenarios. You'll learn how to configure, troubleshoot and secure Kali Linux and then dive into the powerful Debian package manager. Throughout this expansive section, you'll learn how to install and configure packages, how to update and upgrade your Kali installation, and how to create your own custom packages. Then you'll learn how to deploy your custom installation across massive enterprise networks. Finally, you'll be guided through advanced topics such as kernel compilation, custom ISO creation, industrial-strength encryption, and even how to install crypto kill switches to safeguard your sensitive information.Whether you're a veteran or an absolute n00b, this is the best place to start with Kali Linux, the security professional's platform of choice.
The Definitive Guide to Drupal 7
Benjamin MelanconRoy Scholten - 2010
Written by a panel of expert authors, the book covers every aspect of Drupal, from planning a successful project all the way up to making a living from designing Drupal sites and to contributing to the Drupal community yourself. With this book you will:Follow practical approaches to solving many online communication needs with Drupal with real examples. Learn how to keep learning about Drupal: administration, development, theming, design, and architecture. Go beyond the code to engage with the Drupal community as a contributing member and to do Drupal sustainably as a business.The Definitive Guide to Drupal 7 was written by the following team of expert Drupal authors:Benjamin Melançon, Jacine Luisi, Károly Négyesi, Greg Anderson, Bojhan Somers, Stéphane Corlosquet, Stefan Freudenberg, Michelle Lauer, Ed Carlevale, Florian Lorétan, Dani Nordin, Ryan Szrama, Susan Stewart, Jake Strawn, Brian Travis, Dan Hakimzadeh, Amye Scavarda, Albert Albala, Allie Micka, Robert Douglass, Robin Monks, Roy Scholten, Peter Wolanin, Kay VanValkenburgh, Greg Stout, Kasey Qynn Dolin, Mike Gifford, Claudina Sarahe, Sam Boyer, and Forest Mars, with contributions from George Cassie, Mike Ryan, Nathaniel Catchpole, and Dmitri Gaskin.For more information, check out the Drupaleasy podcast #63, in which author Benjamin Melançon discusses The Definitive Guide to Drupal 7 in great detail:http: //drupaleasy.com/podcast/2011/08/drupal...
CISSP for Dummies [With CDROM]
Lawrence C. Miller - 2002
The topics covered in the exam include: network security, security management, systems development, cryptography, disaster recovery, law, and physical security. CISSP For Dummies, 3rd Edition is the bestselling guide that covers the CISSP exam and helps prepare those wanting to take this security exam. The 3rd Edition features 200 additional pages of new content to provide thorough coverage and reflect changes to the exam. Written by security experts and well-known Dummies authors, Peter Gregory and Larry Miller, this book is the perfect, no-nonsense guide to the CISSP certification, offering test-taking tips, resources, and self-assessment tools.Fully updated with 200 pages of new content for more thorough coverage and to reflect all exam changesSecurity experts Peter Gregory and Larry Miller bring practical real-world security expertiseCD-ROM includes hundreds of randomly generated test questions for readers to practice taking the test with both timed and untimed versions"CISSP For Dummies, 3rd Edition" can lead you down the rough road to certification successNote: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
Kim Zetter - 2014
The cause of their failure was a complete mystery.Five months later, a seemingly unrelated event occurred. A computer security firm in Belarus was called in to troubleshoot some computers in Iran that were caught in a reboot loop—crashing and rebooting repeatedly. At first, technicians with the firm believed the malicious code they found on the machines was a simple, routine piece of malware. But as they and other experts around the world investigated, they discovered a virus of unparalleled complexity and mysterious provenance and intent. They had, they soon learned, stumbled upon the world’s first digital weapon.Stuxnet, as it came to be known, was unlike any other virus or worm built before: It was the first attack that reached beyond the computers it targeted to physically destroy the equipment those computers controlled. It was an ingenious attack, jointly engineered by the United States and Israel, that worked exactly as planned, until the rebooting machines gave it all away. And the discovery of Stuxnet was just the beginning: Once the digital weapon was uncovered and deciphered, it provided clues to other tools lurking in the wild. Soon, security experts found and exposed not one but three highly sophisticated digital spy tools that came from the same labs that created Stuxnet. The discoveries gave the world its first look at the scope and sophistication of nation-state surveillance and warfare in the digital age.Kim Zetter, a senior reporter at Wired, has covered hackers and computer security since 1999 and is one of the top journalists in the world on this beat. She was among the first reporters to cover Stuxnet after its discovery and has authored many of the most comprehensive articles about it. In COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World’s First Digital Weapon, Zetter expands on this work to show how the code was designed and unleashed and how its use opened a Pandora’s Box, ushering in an age of digital warfare in which any country’s infrastructure—power grids, nuclear plants, oil pipelines, dams—is vulnerable to the same kind of attack with potentially devastating results. A sophisticated digital strike on portions of the power grid, for example, could plunge half the U.S. into darkness for weeks or longer, having a domino effect on all other critical infrastructures dependent on electricity.
Managing Risk and Information Security: Protect to Enable
Malcolm Harkins - 2012
Because almost every aspect of an enterprise is now dependent on technology, the focus of IT security must shift from locking down assets to enabling the business while managing and surviving risk. This compact book discusses business risk from a broader perspective, including privacy and regulatory considerations. It describes the increasing number of threats and vulnerabilities, but also offers strategies for developing solutions. These include discussions of how enterprises can take advantage of new and emerging technologiessuch as social media and the huge proliferation of Internet-enabled deviceswhile minimizing risk. With ApressOpen, content is freely available through multiple online distribution channels and electronic formats with the goal of disseminating professionally edited and technically reviewed content to the worldwide community. Here are some of the responses from reviewers of this exceptional work: Managing Risk and Information Security is a perceptive, balanced, and often thought-provoking exploration of evolving information risk and security challenges within a business context. Harkins clearly connects the needed, but often-overlooked linkage and dialog between the business and technical worlds and offers actionable strategies. The book contains eye-opening security insights that are easily understood, even by the curious layman. Fred Wettling, Bechtel Fellow, IS&T Ethics & Compliance Officer, Bechtel As disruptive technology innovations and escalating cyber threats continue to create enormous information security challenges, Managing Risk and Information Security: Protect to Enable provides a much-needed perspective. This book compels information security professionals to think differently about concepts of risk management in order to be more effective. The specific and practical guidance offers a fast-track formula for developing information security strategies which are lock-step with business priorities. Laura Robinson, Principal, Robinson Insight Chair, Security for Business Innovation Council (SBIC) Program Director, Executive Security Action Forum (ESAF) The mandate of the information security function is being completely rewritten. Unfortunately most heads of security havent picked up on the change, impeding their companies agility and ability to innovate. This book makes the case for why security needs to change, and shows how to get started. It will be regarded as marking the turning point in information security for years to come. Dr. Jeremy Bergsman, Practice Manager, CEB The world we are responsible to protect is changing dramatically and at an accelerating pace. Technology is pervasive in virtually every aspect of our lives. Clouds, virtualization and mobile are redefining computing and they are just the beginning of what is to come. Your security perimeter is defined by wherever your information and people happen to be.
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground
Kevin Poulsen - 2011
Max 'Vision' Butler was a white-hat hacker and a celebrity throughout the programming world, even serving as a consultant to the FBI. But there was another side to Max. As the black-hat 'Iceman', he'd seen the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, and in their dysfunction was the ultimate challenge: he would stage a coup and steal their ill-gotten gains from right under their noses.Through the story of Max Butler's remarkable rise, KINGPIN lays bare the workings of a silent crime wave affecting millions worldwide. It exposes vast online-fraud supermarkets stocked with credit card numbers, counterfeit cheques, hacked bank accounts and fake passports. Thanks to Kevin Poulsen's remarkable access to both cops and criminals, we step inside the quiet,desperate battle that law enforcement fights against these scammers. And learn that the boy next door may not be all he seems.
Sun Certified Programmer & Developer for Java 2 Study Guide (Exam 310-035 & 310-027)
Kathy Sierra - 2002
More than 250 challenging practice questions have been completely revised to closely model the format, tone, topics, and difficulty of the real exam. An integrated study system based on proven pedagogy, exam coverage includes step-by-step exercises, special Exam Watch notes, On-the-Job elements, and Self Tests with in-depth answer explanations to help reinforce and teach practical skills.Praise for the author:"Finally A Java certification book that explains everything clearly. All you need to pass the exam is in this book."--Solveig Haugland, Technical Trainer and Former Sun Course Developer"Who better to write a Java study guide than Kathy Sierra, the reigning queen of Java instruction? Kathy Sierra has done it again--here is a study guide that almost guarantees you a certification "--James Cubeta, Systems Engineer, SGI"The thing I appreciate most about Kathy is her quest to make us all remember that we are teaching people and not just lecturing about Java. Her passion and desire for the highest quality education that meets the needs of the individual student is positively unparalleled at SunEd. Undoubtedly there are hundreds of students who have benefited from taking Kathy's classes."--Victor Peters, founder Next Step Education & Software Sun Certified Java Instructor"I want to thank Kathy for the EXCELLENT Study Guide. The book is well written, every concept is clearly explained using a real life example, and the book states what you specifically need to know for the exam. The way it's written, you feel that you're in a classroom and someone is actually teaching you the difficult concepts, but not in a dry, formal manner. The questions at the end of the chapters are also REALLY good, and I am sure they will help candidates pass the test. Watch out for this Wickedly Smart book."-Alfred Raouf, Web Solution Developer, Kemety.Net"The Sun Certification exam was certainly no walk in the park but Kathy's material allowed me to not only pass the exam, but Ace it "--Mary Whetsel, Sr. Technology Specialist, Application Strategy and Integration, The St. Paul Companies