The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger," Dafydd developed the popular Burp Suite of web application hack tools.

    Understanding Computation explains theoretical computer science in a context you’ll recognize, helping you appreciate why these ideas matter and how they can inform your day-to-day programming.Rather than use mathematical notation or an unfamiliar academic programming language like Haskell or Lisp, this book uses Ruby in a reductionist manner to present formal semantics, automata theory, and functional programming with the lambda calculus. It’s ideal for programmers versed in modern languages, with little or no formal training in computer science.* Understand fundamental computing concepts, such as Turing completeness in languages* Discover how programs use dynamic semantics to communicate ideas to machines* Explore what a computer can do when reduced to its bare essentials* Learn how universal Turing machines led to today’s general-purpose computers* Perform complex calculations, using simple languages and cellular automata* Determine which programming language features are essential for computation* Examine how halting and self-referencing make some computing problems unsolvable* Analyze programs by using abstract interpretation and type systems

    Today's increasingly fast pace of software development--as programmers make small changes to software one day only to undo them the next--has only heightened the problem; consecutive work on code or single-programmer software is a rare sight these days. Without careful attention to version control, concurrent and collaborative work can create more headaches than it solves. This is where Subversion comes into play.Written by members of the Subversion open source development team, Version Control with Subversion introduces the powerful new versioning tool designed to be the successor to the Concurrent Version System or CVS. CVS users will find the "look and feel" Subversion comfortably familiar, but under the surface it's far more flexible, robust, and usable, and more importantly, it improves on CVS's more notable flaws.The book begins with a general introduction to Subversion, the basic concepts behind version control, and a guided tour of Subversion's capabilities and structure. With thorough attention to detail, the authors cover every aspect of installing and configuring Subversion for managing a programming project, documentation, or any other team-based endeavor. Later chapters cover the more complex topics of branching, repository administration, and other advanced features such as properties, externals, and access control. The book ends with reference material and appendices covering a number of useful topics such as a Subversion complete reference and troubleshooting guide.Version Control with Subversion aims to be useful to readers of widely different backgrounds, from those with no previous experience in version control to experienced sysadmins. If you've never used version control, you'll find everything you need to get started in this book. And if you're a seasoned CVS pro, this book will help you make a painless leap into Subversion.

    Now, for the first time, there s a comprehensive, authoritative guide to building production-quality software with Rails. Pioneering Rails developer Obie Fernandez and a team of experts illuminate the entire Rails API, along with the Ruby idioms, design approaches, libraries, and plug-ins that make Rails so valuable. Drawing on their unsurpassed experience, they address the real challenges development teams face, showing how to use Rails tools and best practices to maximize productivity and build polished applications users will enjoy. Using detailed code examples, Obie systematically covers Rails key capabilities and subsystems. He presents advanced programming techniques, introduces open source libraries that facilitate easy Rails adoption, and offers important insights into testing and production deployment. Dive deep into the Rails codebase together, discovering why Rails behaves as it does and how to make it behave the way you want it to. This book will help you Increase your productivity as a web developer Realize the overall joy of programming with Ruby on Rails Learn what s new in Rails 2.0 Drive design and protect long-term maintainability with TestUnit and RSpec Understand and manage complex program flow in Rails controllers Leverage Rails support for designing REST-compliant APIs Master sophisticated Rails routing concepts and techniques Examine and troubleshoot Rails routing Make the most of ActiveRecord object-relational mapping Utilize Ajax within your Rails applications Incorporate logins and authentication into your application Extend Rails with the best third-party plug-ins and write your own Integrate email services into your applications with ActionMailer Choose the right Rails production configurations Streamline deployment with Capistrano "

    It's Tuesday morning and on his drive into the office, Bill gets a call from the CEO. The company's new IT initiative, code named Phoenix Project, is critical to the future of Parts Unlimited, but the project is massively over budget and very late. The CEO wants Bill to report directly to him and fix the mess in ninety days or else Bill's entire department will be outsourced. With the help of a prospective board member and his mysterious philosophy of The Three Ways, Bill starts to see that IT work has more in common with manufacturing plant work than he ever imagined. With the clock ticking, Bill must organize work flow streamline interdepartmental communications, and effectively serve the other business functions at Parts Unlimited. In a fast-paced and entertaining style, three luminaries of the DevOps movement deliver a story that anyone who works in IT will recognize. Readers will not only learn how to improve their own IT organizations, they'll never view IT the same way again.

    Written by an expert who's taught this mobile platform to hundreds of developers in large organizations, this gentle introduction shows experienced object-oriented programmers how to use Android’s basic building blocks to create user interfaces, store data, connect to the network, and more.You'll build a Twitter-like application throughout the course of this book, adding new features with each chapter. Along the way, you'll also create your own toolbox of code patterns to help you program any type of Android application with ease.Get an overview of the Android platform and discover how it fits into the mobile ecosystemLearn about the Android stack, including its application framework, and the structure and distribution of application packages (APK)Set up your Android development environment and get started with simple programsUse Android’s building blocks—Activities, Intents, Services, Content Providers, and Broadcast ReceiversLearn how to build basic Android user interfaces and organize UI elements in Views and LayoutsBuild a service that uses a background process to update data in your applicationGet an introduction to Android Interface Definition Language (AIDL) and the Native Development Kit (NDK)

    This concise book guides you into and through JavaScript, written by a veteran programmer who once found himself in the same position. Speaking JavaScript helps you approach the language with four standalone sections. First, a quick-start guide teaches you just enough of the language to help you be productive right away. More experienced JavaScript programmers will find a complete and easy-to-read reference that covers each language feature in depth. Complete contents include: JavaScript quick start: Familiar with object-oriented programming? This part helps you learn JavaScript quickly and properly. JavaScript in depth: Learn details of ECMAScript 5, from syntax, variables, functions, and object-oriented programming to regular expressions and JSON with lots of examples. Pick a topic and jump in. Background: Understand JavaScript’s history and its relationship with other programming languages. Tips, tools, and libraries: Survey existing style guides, best practices, advanced techniques, module systems, package managers, build tools, and learning resources.

    This hands-on guide provides invaluable insight for creating successful test-driven development processes. With source code and examples featured in both C# and .NET, the book walks you through the TDD methodology and shows how it is applied to a real-world application. You'll witness the application built from scratch and details each step that is involved in the development, as well as any problems that were encountered and the solutions that were applied.Clarifies the motivation behind test-driven development (TDD), what it is, and how it works Reviews the various steps involved in developing an application and the testing that is involved prior to implementing the functionality Discusses unit testing and refactoring Professional Test-Driven Development with C# shows you how to create great TDD processes right away.

    But this high-level language is relatively difficult to master, even if you already know the C programming language.The 2nd edition of Practical C++ Programming is a complete introduction to the C++ language for programmers who are learning C++. Reflecting the latest changes to the C++ standard, this 2nd edition takes a useful down-to-earth approach, placing a strong emphasis on how to design clean, elegant code.In short, to-the-point chapters, all aspects of programming are covered including style, software engineering, programming design, object-oriented design, and debugging. It also covers common mistakes and how to find (and avoid) them. End of chapter exercises help you ensure you've mastered the material.Practical C++ Programming thoroughly covers: C++ Syntax Coding standards and style Creation and use of object classes Templates Debugging and optimization Use of the C++ preprocessor File input/output Steve Oualline's clear, easy-going writing style and hands-on approach to learning make Practical C++ Programming a nearly painless way to master this complex but powerful programming language.

    It provides all of JavaScript's functionality wrapped in a cleaner, more succinct syntax. In the first book on this exciting new language, CoffeeScript guru Trevor Burnham shows you how to hold onto all the power and flexibility of JavaScript while writing clearer, cleaner, and safer code.CoffeeScript: Accelerated JavaScript Development offers a thorough introduction to this new language, starting from the basics. You'll learn to use time-saving features like list comprehensions and splats, organize your code into modules with extensible classes, and deploy your work to multiple environments. Each chapter is example-driven and includes challenging exercises to push your CoffeeScript know-how further. Through the course of the book, you'll build a fast-paced multiplayer word game-writing both the client (with jQuery) and server (with Node.js) in CoffeeScript. And because the two languages are so deeply intertwined, you'll deepen your understanding of JavaScript along the way. CoffeeScript makes it easier than ever to write powerful, standards-compliant JavaScript code. CoffeeScript: Accelerated JavaScript Development lets you start doing it today.

    And this may sound weirdly obvious, but every single one of those pieces of software was written by a programmer. Programmers are thus among the most quietly influential people on the planet. As we live in a world made of software, they're the architects. The decisions they make guide our behavior. When they make something newly easy to do, we do a lot more of it. If they make it hard or impossible to do something, we do less of it.If we want to understand how today's world works, we ought to understand something about coders. Who exactly are the people that are building today's world? What makes them tick? What type of personality is drawn to writing software? And perhaps most interestingly -- what does it do to them?One of the first pieces of coding a newbie learns is the program to make the computer say "Hello, world!" Like that piece of code, Clive Thompson's book is a delightful place to begin to understand this vocation, which is both a profession and a way of life, and which essentially didn't exist little more than a generation ago, but now is considered just about the only safe bet we can make about what the future holds. Thompson takes us close to some of the great coders of our time, and unpacks the surprising history of the field, beginning with the first great coders, who were women. Ironically, if we're going to traffic in stereotypes, women are arguably "naturally" better at coding than men, but they were written out of the history, and shoved out of the seats, for reasons that are illuminating. Now programming is indeed, if not a pure brotopia, at least an awfully homogenous community, which attracts people from a very narrow band of backgrounds and personality types. As Thompson learns, the consequences of that are significant - not least being a fetish for disruption at scale that doesn't leave much time for pondering larger moral issues of collateral damage. At the same time, coding is a marvelous new art form that has improved the world in innumerable ways, and Thompson reckons deeply, as no one before him has, with what great coding in fact looks like, who creates it, and where they come from. To get as close to his subject has he can, he picks up the thread of his own long-abandoned coding practice, and tries his mightiest to up his game, with some surprising results.More and more, any serious engagement with the world demands an engagement with code and its consequences, and to understand code, we must understand coders. In that regard, Clive Thompson's Hello, World! is a marvelous and delightful master class.

    Packed with practical recipes written and tested with Python 3.3, this unique cookbook is for experienced Python programmers who want to focus on modern tools and idioms.Inside, you’ll find complete recipes for more than a dozen topics, covering the core Python language as well as tasks common to a wide variety of application domains. Each recipe contains code samples you can use in your projects right away, along with a discussion about how and why the solution works.Topics include:Data Structures and AlgorithmsStrings and TextNumbers, Dates, and TimesIterators and GeneratorsFiles and I/OData Encoding and ProcessingFunctionsClasses and ObjectsMetaprogrammingModules and PackagesNetwork and Web ProgrammingConcurrencyUtility Scripting and System AdministrationTesting, Debugging, and ExceptionsC Extensions

    It is also a practical, modern introduction to scientific computing in Python, tailored for data-intensive applications. This is a book about the parts of the Python language and libraries you'll need to effectively solve a broad set of data analysis problems. This book is not an exposition on analytical methods using Python as the implementation language.Written by Wes McKinney, the main author of the pandas library, this hands-on book is packed with practical cases studies. It's ideal for analysts new to Python and for Python programmers new to scientific computing.Use the IPython interactive shell as your primary development environmentLearn basic and advanced NumPy (Numerical Python) featuresGet started with data analysis tools in the pandas libraryUse high-performance tools to load, clean, transform, merge, and reshape dataCreate scatter plots and static or interactive visualizations with matplotlibApply the pandas groupby facility to slice, dice, and summarize datasetsMeasure data by points in time, whether it's specific instances, fixed periods, or intervalsLearn how to solve problems in web analytics, social sciences, finance, and economics, through detailed examples

    You might think the problem is your brain. It seems to have a mind of its own, a mind that doesn't always want to take in the dry, technical stuff you're forced to study. The fact is your brain craves novelty. It's constantly searching, scanning, waiting for something unusual to happen. After all, that's the way it was built to help you stay alive. It takes all the routine, ordinary, dull stuff and filters it to the background so it won't interfere with your brain's real work--recording things that matter. How does your brain know what matters? It's like the creators of the Head First approach say, suppose you're out for a hike and a tiger jumps in front of you, what happens in your brain? Neurons fire. Emotions crank up. Chemicals surge. That's how your brain knows.And that's how your brain will learn Java. Head First Java combines puzzles, strong visuals, mysteries, and soul-searching interviews with famous Java objects to engage you in many different ways. It's fast, it's fun, and it's effective. And, despite its playful appearance, Head First Java is serious stuff: a complete introduction to object-oriented programming and Java. You'll learn everything from the fundamentals to advanced topics, including threads, network sockets, and distributed programming with RMI. And the new. second edition focuses on Java 5.0, the latest version of the Java language and development platform. Because Java 5.0 is a major update to the platform, with deep, code-level changes, even more careful study and implementation is required. So learning the Head First way is more important than ever. If you've read a Head First book, you know what to expect--a visually rich format designed for the way your brain works. If you haven't, you're in for a treat. You'll see why people say it's unlike any other Java book you've ever read.By exploiting how your brain works, Head First Java compresses the time it takes to learn and retain--complex information. Its unique approach not only shows you what you need to know about Java syntax, it teaches you to think like a Java programmer. If you want to be bored, buy some other book. But if you want to understand Java, this book's for you.

    With this book, you'll discover why Scala is ideal for highly scalable, component-based applications that support concurrency and distribution.Programming Scala clearly explains the advantages of Scala as a JVM language. You'll learn how to leverage the wealth of Java class libraries to meet the practical needs of enterprise and Internet projects more easily. Packed with code examples, this book provides useful information on Scala's command-line tools, third-party tools, libraries, and available language-aware plugins for editors and IDEs.Learn how Scala's succinct and flexible code helps you program fasterDiscover the notable improvements Scala offers over Java's object modelGet a concise overview of functional programming, and learn how Scala's support for it offers a better approach to concurrencyKnow how to use mixin composition with traits, pattern matching, concurrency with Actors, and other essential featuresTake advantage of Scala's built-in support for XMLLearn how to develop domain-specific languagesUnderstand the basics for designing test-driven Scala applications