Last Uploaded Books

CoverTitleYear
KEY FEATURES * Familiarize yourself with the most common web vulnerabilities a web application faces, and understand how attackers take advantage of them * Set up a penetration testing lab to conduct a preliminary assessment of attack surfaces and run exploits * Learn how to prevent vulnerabilities more » in web applications before an attacker can make the most of it BOOK DESCRIPTION Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform and operating system that provides a huge array of testing tools, many of which can be used specifically to execute web penetration testing. This book will teach you, in the form step-by-step recipes, how to detect a wide array of vulnerabilities, exploit them to analyze their consequences, and ultimately buffer attackable surfaces so applications are more secure, for you and your users. Starting from the setup of a testing laboratory, this book will give you the skills you need to cover every stage of a penetration test: from gathering information about the system and the application to identifying vulnerabilities through manual testing and the use of vulnerability scanners to both basic and advanced exploitation techniques that may lead to a full system compromise. Finally, we will put this into the context of OWASP and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of the book, you will have the required skills to identify, exploit, and prevent web application vulnerabilities. WHAT YOU WILL LEARN * Set up a penetration testing laboratory in a secure way * Find out what information is useful to gather when performing penetration tests and where to look for it * Use crawlers and spiders to investigate an entire website in minutes * Discover security vulnerabilities in web applications in the web browser and using command-line tools * Improve your testing efficiency with the use of automated vulnerability scanners * Exploit vulnerabilities that require a complex setup, run custom-made exploits, and prepare for extraordinary scenarios * Set up Man in the Middle attacks and use them to identify and exploit security flaws within the communication between users and the web server * Create a malicious site that will find and exploit vulnerabilities in the user's web browser * Repair the most common web vulnerabilities and understand how to prevent them becoming a threat to a site's security ABOUT THE AUTHOR Gilberto Najera-Gutierrez leads the Security Testing Team (STT) at Sm4rt Security Services, one of the top security firms in Mexico. He is also an Offensive Security Certified Professional (OSCP), an EC-Council Certified Security Administrator (ECSA), and holds a master's degree in computer science with specialization in artificial intelligence. He has been working as a Penetration Tester since 2013 and has been a security enthusiast since high school; he has successfully conducted penetration tests on networks and applications of some of the biggest corporations in Mexico, such as government agencies and financial institutions. TABLE OF CONTENTS 1. Setting Up Kali Linux 2. Reconnaissance 3. Crawlers and Spiders 4. Finding Vulnerabilities 5. Automated Scanners 6. Exploitation – Low Hanging Fruits 7. Advanced Exploitation 8. Man in the Middle Attacks 9. Client-Side Attacks and Social Engineering 10. Mitigation of OWASP Top 10 « less
2016
Explore the possibility of building truly native, cross-platform mobile applications using your JavaScript skill — NativeScript!
ABOUT THIS BOOK * Save your marketing time by building for iOS, Android, and Windows Mobile platforms simultaneously * Be an ace at utilizing the features of NativeScript and its ability to communicate with each of the host device libraries natively * Proficiently, build your fully cross-platform more » communication application exhibiting the fundamentals of NativeScript WHO THIS BOOK IS FOR If you are a JavaScript developer and want to build cross-platform applications, then this book is just the right one for you! WHAT YOU WILL LEARN * Install and compile your application in NativeScript * Get important know-how on the NativeScript project structure * Develop and style your screens for multiple platforms * Create a full-featured cross-platform communication application * Import and use several third-party components * Simplify and deal with device resolution and cross-platform issues * Test and deploy your application IN DETAIL NativeScript allows you to build a fast cross-platform application that has a native UI. NativeScript is a true cross-platform framework that generates native speed applications using the native components of the host platform, all using JavaScript. Although NativeScript allows you to build your application in JavaScript, you have full access to the host OS from your code, allowing you to easily tweak or use new platform features instantly at native code speeds. Whether you have already developed multiple applications or zero applications, this book will help you to develop your next application in a cross-platform framework quickly, saving you a massive amount of time and money. This book concisely shows you NativeScript's built-in framework that allows you to rapidly develop a fully-working compiled cross-platform application in just a few chapters. It starts by laying the foundation of NativeScript and working through the fundamentals to create a basic shell of the application. Moving on, you'll see how to build a full-fledged application step by step. We'll show you how to use plugins, and how to communicate with the native OS libraries easily so that you can customize your application as if your app was created in Java or Objective C. We then deal with the issues that arise from being cross platform and compensate for the different screen sizes, screen resolutions, and device abilities. Finally, we progress to testing and deploying your app. STYLE AND APPROACH A stepwise guide for building cross-platform mobile applications with the help of easy-to-understand examples. « less
2016
Learn NativeScript to build native mobile applications with Angular, TypeScript, JavaScript
ABOUT THIS BOOK * Power packed hands-on guide to help you become pro-efficient with NativeScript * Harness the power of your web development skills with JavaScript and Angular to build cross-platform mobile apps * Create highly maintainable and feature-rich apps with TypeScript and NativeScript APIs WHO more » THIS BOOK IS FOR This book assumes you have a general understanding of TypeScript, have heard of NativeScript and know what it's about, and are familiar with Angular (2.0). You don't need to be an expert in any of these technologies, but having some sense of them before reading is recommended this book, which is ideal for intermediate to advanced users. WHAT YOU WILL LEARN * Bootstrap a NativeScript for Angular app * Best practices for project organization * Style your app with CSS/SASS * Use Angular together with NativeScript to create cross-platform mobile apps * Take advantage of powerful Angular features, such as Dependency Injection, Components, Directives, Pipes, and NgModules right within your NativeScript apps * Gain insight into great project organization and best practices * Use Objective C/Swift and Java APIs directly from TypeScript * Use rich framework features and third-party plugins * Style your app with CSS/SASS * Integrate @ngrx/store + @ngrx/effects to help with state management * Test your app with Karma and Appium IN DETAIL NativeScript is an open source framework that is built by Progress in order to build truly native mobile apps with TypeScript, JavaScript or just Angular which is an open source framework built by Google that offers declarative templates, dependency injection, and fully featured modules to build rich applications. Angular's versatile view handling architecture allows your views to be rendered as highly performant UI components native to iOS and Android mobile platforms. This decoupling of the view rendering layer in Angular combined with the power of native APIs with NativeScript have together created the powerful and exciting technology stack of NativeScript for Angular. This book focuses on the key concepts that you will need to know to build a NativeScript for Angular mobile app for iOS and Android. We'll build a fun multitrack recording studio app, touching on powerful key concepts from both technologies that you may need to know when you start building an app of your own. The structure of the book takes the reader from a void to a deployed app on both the App Store and Google Play, serving as a reference guide and valuable tips/tricks handbook. By the end of this book, you'll know majority of key concepts needed to build a successful NativeScript for Angular app. « less
2017
KEY FEATURES * Focus on coding with the new, improved, and powerful tools of VS 2017 * Master improved debugging and unit testing support capabilities * Accelerate cloud development with the built-in Azure tools BOOK DESCRIPTION Visual Studio 2017 is the all-new IDE released by Microsoft for developers, more » targeting Microsoft and other platforms to build stunning Windows and web apps. Learning how to effectively use this technology can enhance your productivity while simplifying your most common tasks, allowing you more time to focus on your project. With this book, you will learn not only what VS2017 offers, but also what it takes to put it to work for your projects. Visual Studio 2017 is packed with improvements that increase productivity, and this book will get you started with the new features introduced in Visual Studio 2017 IDE and C# 7.0. Next, you will learn to use XAML tools to build classic WPF apps, and UWP tools to build apps targeting Windows 10. Later, you will learn about .NET Core and then explore NuGet, the package manager for the Microsoft development platform. Then, you will familiarize yourself with the debugging and live unit testing techniques that comes with the IDE. Finally, you'll adapt Microsoft's implementation of cloud computing with Azure, and the Visual Studio integration with Source Control repositories. WHAT YOU WILL LEARN * Learn what's new in the Visual Studio 2017 IDE, C# 7.0, and how it will help developers to improve their productivity * Learn the workloads and components of the new installation wizard and how to use the online and offline installer * Build stunning Windows apps using Windows Presentation Foundation (WPF) and Universal Windows Platform (UWP) tools * Get familiar with .NET Core and learn how to build apps targeting this new framework * Explore everything about NuGet packages * Debug and test your applications using Visual Studio 2017 * Accelerate cloud development with Microsoft Azure * Integrate Visual Studio with most popular source control repositories, such as TFS and GitHub ABOUT THE AUTHOR Kunal Chowdhury has been a Microsoft MVP (Most Valuable Professional) since 2010, starting with Silverlight to Windows app development. He is also a renowned public speaker, active blogger (by passion), and a software engineer (senior/technical lead) by profession. Over the years, he has acquired profound knowledge on various Microsoft products and helped developers throughout the world with his deep knowledge and experience. As a technical buff, Kunal has in-depth knowledge of OOPs, C#, XAML, .NET, WPF, UWP, Visual Studio, Windows 10 and Microsoft Azure. He is also proficient in entire Software Development Life Cycle (SDLC) and Scrum methodology. He has written many articles, tips & tricks on his technical blog (kunal-chowdhury) for developers and consumers. You can contact Kunal via email at books@kunal-chowdhury.com. You can also follow him on Twitter at @kunal2383 and become a part of his major fans on social media channels for the updates that he shares over there. TABLE OF CONTENTS 1. What’s new in Visual Studio 2017 IDE? 2. What's new in C# 7.0? 3. Building applications for Windows using XAML Tools 4. Building applications for Windows 10 using UWP Tools 5. Building application with .NET Core 6. Managing NuGet packages 7. Debugging applications with Visual Studio 2017 8. Testing applications with Visual Studio 2017 9. Accelerate cloud development with Windows Azure 10. Working with source controls « less
2017
Volume I: Power User's View
Android Internals::A Confectioner's Cookbook is the first time the inner workings of the world's most popular operating system have been documented! Without going into the lengthy code, it presents the logic and flow of Android's various components using detailed illustrations, verbose annotations and more » hands-on experiments! Volume I takes the power user's point of view - the utilities and functionality accessible through adb shell. In particular, we explore: Partitions and Filesystems The Boot Process Init and its configuration files The native daemons in /system/bin The framework service architecture and servicemanager, Monitoring through Linux interfaces, and of course Security. All versions of Android - up to and including the upcoming Nougat - are covered, with examples taken from the wide gamut of Android Devices - Nexi, Samsung Galaxy S series, NVidia Shield, Amazon Kindle, HTC One M9, and the Android Emulator. This is the first in a multi-volume series, aiming to explore Android down to its last class. Stay tuned for Volume II - The Programmer's View - which picks up where the Power User's View ends, and dives deeper still into the frameworks, input, audio, video and network architecture... wading through the inevitable quagmire of code. « less
2015
Application Development Strategies for Performance Optimization, Concurrency, Testability, and Code Brevity
Bring the power of functional programming to your PHP applications. From performance optimizations to concurrency, improved testability to code brevity, functional programming has a host of benefits when compared to traditional imperative programming. Part one of Pro Functional PHP Programming takes more » you through the basics of functional programming, outlining the key concepts and how they translate into standard PHP functions and code. Part two takes this theory and shows you the strategies for implementing it to solve real problems in your new or existing PHP applications. Functional programming is popular in languages such as Lisp, Scheme and Clojure, but PHP also contains all you need to write functional code. This book will show you how to take advantage of functional programming in your own projects, utilizing the PHP programming language that you already know. What You'll Learn * Discover functional programming in PHP * Work with functional programming functions * Design strategies for high-performance applications * Manage business logic with functions * Use functional programming in object-oriented and procedural applications * Employ helper libraries in your application * Process big data with functional PHP Who This Book Is For Programmers and web developers with experience of PHP who are looking to get more out of their PHP coding and be able to do more with PHP. « less
2017
Successfully Distribute Apps
Cover every aspect of the app industry, from app idea generation through to marketing and performance monitoring. With this book you'll receive complete, reliable, up-to-date, and professional information and guidance. Learn iOS App Distributionis every developers thorough and accessible guide to more » successfully distributing apps. For readers who already know how to code and create apps, this book explains how the app industry works, how it is evolving, and what the key trends are. Rather than focus on the well-covered aspects of working with Swift and Xcode,you'll instead discover what it takes from a commercial standpoint to bring an app together and get it successfully out to customers. All the key technical aspects are simplified for you with non-technical backgrounds, and vast amounts of information are condensed into easy-to-understand visuals. What You'll Learn * Review how the app industry nuances and how it works * Analyze app statistics and key market trends * Position an app appropriately within the industry * Improve app performance and related products and services Who This Book Is For App designers, UI/UX design professionals, coders, app marketers, game designers, asset designers and app publishing companies.The book is also suitable for inventors and non-tech readers unfamiliar with the industry but interested in investing in apps « less
2017
Sustainable Software Development Patterns and Best Practices with C++ 17
Write maintainable, extensible, and durable software with modern C++. This book is a must for every developer, software architect, or team leader who is interested in good C++ code, and thus also wants to save development costs. If you want to teach yourself about writing clean C++, Clean C++ is exactly more » what you need. It is written to help C++ developers of all skill levels and shows by example how to write understandable, flexible, maintainable, and efficient C++ code. Even if you are a seasoned C++ developer, there are nuggets and data points in this book that you will find useful in your work. If you don't take care with your code, you can produce a large, messy, and unmaintainable beast in any programming language. However, C++ projects in particular are prone to be messy and tend to slip into bad habits. Lots of C++ code that is written today looks as if it was written in the 1980s. It seems that C++ developers have been forgotten by those who preach Software Craftsmanship and Clean Code principles. The Web is full of bad, but apparently very fast and highly optimized C++ code examples, with cruel syntax that completely ignores elementary principles of good design and well-written code. This book will explain how to avoid this scenario and how to get the most out of your C++ code. You'll find your coding becomes more efficient and, importantly, more fun. What You'll Learn * Gain sound principles and rules for clean coding in C++ * Carry out test driven development (TDD) * Discover C++ design patterns and idioms * Apply these design patterns Who This Book Is For Any C++ developer and software engineer with an interest in producing better code. « less
2017
IBM® has a strong commitment to Linux as an operating system and Linux-based solutions. This IBM Redbook gives a broad understanding of IBM products and how they relate to the Linux operating system. It tries to encapsulate the IBM Software Solutions that are available for Linux-based servers. It also more » describes the Linux enablement throughout the IBM product line. This IBM Redbook offers enough information to give you a high-level understanding of Linux. Therefore, it is not meant to be a highly technical document. It also provides pointers to further sources of information. This redbook is intended for IBM representatives, Business Partners, and Customers who are involved in considering and planning Linux-based software solutions. You will find this redbook particularly helpful if you are planning to test or implement Linux in an enterprise. « less
2005
Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments
ABOUT THIS BOOK * Learn how to build your own pentesting lab environment to practice advanced techniques * Customize your own scripts, and learn methods to exploit 32-bit and 64-bit programs * Explore a vast variety of stealth techniques to bypass a number of protections when penetration testing WHO more » THIS BOOK IS FOR This book is for anyone who wants to improve their skills in penetration testing. As it follows a step-by-step approach, anyone from a novice to an experienced security tester can learn effective techniques to deal with highly secured environments. Whether you are brand new or a seasoned expert, this book will provide you with the skills you need to successfully create, customize, and plan an advanced penetration test. WHAT YOU WILL LEARN * A step-by-step methodology to identify and penetrate secured environments * Get to know the process to test network services across enterprise architecture when defences are in place * Grasp different web application testing methods and how to identify web application protections that are deployed * Understand a variety of concepts to exploit software * Gain proven post-exploitation techniques to exfiltrate data from the target * Get to grips with various stealth techniques to remain undetected and defeat the latest defences * Be the first to find out the latest methods to bypass firewalls * Follow proven approaches to record and save the data from tests for analysis IN DETAIL The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes. The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration testing methodologies, and following this you will learn a step-by-step methodology of professional security testing, including stealth, methods of evasion, and obfuscation to perform your tests and not be detected! The final challenge will allow you to create your own complex layered architecture with defences and protections in place, and provide the ultimate testing range for you to practice the methods shown throughout the book. The challenge is as close to an actual penetration test assignment as you can get! STYLE AND APPROACH The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and foot printing « less
2016