Coding for Penetration Testers: Building Better Tools

Rating: 
Amazon Price: N/A (as of September 25, 2018 14:36 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Coding for Penetration Testers: Building Better Tools, Second Edition provides readers with an understanding of the scripting languages that are commonly used when developing tools for penetration testing, also guiding users through specific examples of custom tool development and the situations where such tools might be used.

While developing a better understanding of each language, the book presents real-world scenarios and tool development that can be incorporated into a tester's toolkit. This completely updated edition focuses on an expanded discussion on the use of Powershell, and includes practical updates to all tools and coverage.Discusses the use of various scripting languages in penetration testingPresents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languagesProvides a primer on scripting, including, but not limited to, web scripting, scanner scripting, and exploitation scriptingIncludes all-new coverage of Powershell

Privacy in Context (Stanford Law Books)

Rating: 
Amazon Price: N/A (as of September 25, 2018 22:46 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

Privacy is one of the most urgent issues associated with information technology and digital media. This book claims that what people really care about when they complain and protest that privacy has been violated is not the act of sharing information itself—most people understand that this is crucial to social life —but the inappropriate, improper sharing of information.
Arguing that privacy concerns should not be limited solely to concern about control over personal information, Helen Nissenbaum counters that information ought to be distributed and protected according to norms governing distinct social contexts—whether it be workplace, health care, schools, or among family and friends. She warns that basic distinctions between public and private, informing many current privacy policies, in fact obscure more than they clarify. In truth, contemporary information systems should alarm us only when they function without regard for social norms and values, and thereby weaken the fabric of social life.

XSS Attacks: Cross Site Scripting Exploits and Defense

Rating: 
Amazon Price: N/A (as of September 25, 2018 18:48 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.

Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.
Continue reading “XSS Attacks: Cross Site Scripting Exploits and Defense”

DNS Security: Hacking and Defending the Domain Name System

Rating: 
Amazon Price: $49.95 $45.89 You save: $4.06 (8%). (as of September 25, 2018 21:31 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.

DNS Security: Hacking and Defending the Domain Name System provides tactics on how to secure a Domain Name System (DNS) framework by exploring common DNS vulnerabilities using real-world examples of DNS exploits and providing step-by-step guidelines for securing the infrastructure.

The book is a timely reference as DNS is an integral part of the Internet that translates IP addresses into easily remembered domain names. The book focuses entirely on the security aspects of DNS, combining internal and external data to analyze and effectively prioritize network threats. It shows how to build a security infrastructure based around intelligence, demonstrating how theory can work in real-life situations. Presents a multi-platform approach, covering Linux, BSD, and Windows DNS security tipsDemonstrates how to implement DNS Security tools, including numerous screen shots and configuration examplesProvides a timely reference on DNS, an integral part of the Internet that translates IP addresses into easily remembered domain namesIncludes information of interest to those working in 4DNS, authoritative services, BIND files, buffer overflows, DDoS Attacks, firewalls, transaction signatures, and version control, amongst other topics

Information Security and Cybersecurity at the Federal Aviation Administration: Challenges and Control Efforts

Amazon Price: $120.00 $105.23 You save: $14.77 (12%). (as of September 25, 2018 19:05 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.