Attacking and Exploiting Modern Web Applications: Discover the Mindset, Techniques, and Tools to Perform Modern Web Attacks and Exploitation
فهرست مطالب:
Part 1: Attack Preparation
Mindset and Methodologies
Toolset for Web Attacks and Exploitation
Part 2: Evergreen Attacks
Attacking the Authentication Layer – a SAML Use Case
Attacking Internet-Facing Web Applications – SQL Injection and Cross-Site Scripting (XSS) on WordPress
Attacking IoT Devices – Command Injection and Path Traversal
Part 3: Novel Attacks
Attacking Electron JavaScript Applications – from CrossSite Scripting (XSS) to Remote Command Execution (RCE)
Attacking Ethereum Smart Contracts – Reentrancy, Weak Sources of Randomness, and Business Logic
Continuing the Journey of Vulnerability Discovery
Index
Beginning Ethical Hacking with Kali Linux: Computational Techniques for Resolving Security Issues
فهرست مطالب:
About the Author
About the Technical Reviewer
Acknowledgments
Introduction
Chapter 1: Security Trends
Chapter 2: Setting Up a Penetration Testing and Network Security Lab
Chapter 3: Elementary Linux Commands
Chapter 4: Know Your Network
Chapter 5: How to Build a Kali Web Server
Chapter 6: Kali Linux from the Inside Out
Chapter 7: Kali Linux and Python
Chapter 8: Information Gathering
Chapter 9: SQL Mapping
Chapter 10: Vulnerability Analysis
Chapter 11: Information Assurance Model
Chapter 12: Introducing Metasploit in Kali Linux
Chapter 13: Hashes and Passwords
Chapter 14: Classic and Modern Encryption
Chapter 15: Exploiting Targets
Index
Black Hat Bash: Bash Scripting for Hackers and Pentesters
فهرست مطالب:
Chapter 1: Bash Basics
Chapter 2: Advanced Bash Concepts
Chapter 3: Setting Up a Hacking Lab
Chapter 4: Reconnaissance
Chapter 5: Vulnerability Scanning and Fuzzing
Chapter 6: Gaining a Web Shell
Chapter 7: Reverse Shells
Chapter 8: Local Information Gathering
Chapter 9: Privilege Escalation
Chapter 10: Persistence
Chapter 11: Network Probing and Lateral Movement
Chapter 12: Defense Evasion
Chapter 13: Exfiltration and Counter-Forensics
Bug Bounty Hunting Essentials
فهرست مطالب:
Preface
Chapter 1: Basics of Bug Bounty Hunting
Chapter 2: How to Write a Bug Bounty Report
Chapter 3: SQL Injection Vulnerabilities
Chapter 4: Cross-Site Request Forgery
Chapter 5: Application Logic Vulnerabilities
Chapter 6: Cross-Site Scripting Attacks
Chapter 7: SQL Injection
Chapter 8: Open Redirect Vulnerabilities
Chapter 9: Sub-Domain Takeovers
Chapter 10: XML External Entity Vulnerability
Chapter 11: Template Injection
Chapter 12: Top Bug Bounty Hunting Tools
Chapter 13: Top Learning Resources
Other Books You May Enjoy
Index
Burp Suite Cookbook: Web Application Security Made Easy with Burp Suite – Second Edition
فهرست مطالب:
Preface
Getting Started with Burp Suite
Getting to Know the Burp Suite of Tools
Configuring, Crawling, Auditing, and Reporting with Burp
Assessing Authentication Schemes
Assessing Authorization Checks
Assessing Session Management Mechanisms
Assessing Business Logic
Evaluating Input Validation Checks
Attacking the Client
Working with Burp Suite Macros and Extensions
Implementing Advanced Topic Attacks
Index
CC Certified in Cybersecurity Cert Guide
فهرست مطالب:
Introduction
1 Cybersecurity Principles
2 Risk Management
3 Threats to Security
4 Physical Access Controls
5 Logical Access Controls
6 Computer Networking Fundamentals
7 Network Security Infrastructure
8 Data and the System
9 Security in the Life
10 Security in Emergencies
11 Tying It All Together
12 After the Certification
13 Final Preparation
Glossary of Key Terms
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A
Appendix B CC Certified in Cybersecurity Cert Guide Exam Updates
Appendix C Study Planner
CC Certified in Cybersecurity Study Guide
فهرست مطالب:
Introduction
PART I DOMAIN 1: SECURITY PRINCIPLES
CHAPTER 1 Confidentiality, Integrity, Availability, and Non-repudiation
CHAPTER 2 Authentication and Authorization
CHAPTER 3 Privacy
CHAPTER 4 Risk Management
CHAPTER 5 Security Controls
CHAPTER 6 Ethics
CHAPTER 7 Security Governance Processes
PART II DOMAIN 2: BUSINESS CONTINUITY (BC), DISASTER RECOVERY (DR) & INCIDENT RESPONSE (IR) CONCEPTS
CHAPTER 8 Business Continuity
CHAPTER 9 Disaster Recovery
CHAPTER 10 Incident Response
PART III DOMAIN 3: ACCESS CONTROLS CONCEPTS
CHAPTER 11 Physical Access Controls
CHAPTER 12 Logical Access Controls
PART IV DOMAIN 4: NETWORK SECURITY
CHAPTER 13 Computer Networking
CHAPTER 14 Network Threats and Attacks
CHAPTER 15 Threat Identification and Prevention
CHAPTER 16 Network Security Infrastructure
CHAPTER 17 Cloud Computing
PART V DOMAIN 5: SECURITY OPERATIONS
CHAPTER 18 Encryption
CHAPTER 19 Data Handling
CHAPTER 20 Logging and Monitoring
CHAPTER 21 Configuration Management
CHAPTER 22 Best Practice Security Policies
CHAPTER 23 Security Awareness Training
Index
CCNA Cyber Ops SECFND 210-250 Official Cert Guide
فهرست مطالب:
Introduction
Part I Network Concepts
Part II Security Concepts
Part III Cryptography
Part IV Host-Based Analysis
Part V Security Monitoring and Attack Methods
Part VI Final Preparation
Part VII Appendixes
Elements Available on the Book Website
CCNA Cybersecurity Operations Companion Guide
فهرست مطالب:
Introduction
Chapter 1 Cybersecurity and the Security Operations Center
Chapter 2 Windows Operating System
Chapter 3 Linux Operating System
Chapter 4 Network Protocols and Services
Chapter 5 Network Infrastructure
Chapter 6 Principles of Network Security
Chapter 7 Network Attacks: A Deeper Look
Chapter 8 Protecting the Network
Chapter 9 Cryptography and the Public Key Infrastructure
Chapter 10 Endpoint Security and Analysis
Chapter 11 Security Monitoring
Chapter 12 Intrusion Data Analysis
Chapter 13 Incident Response and Handling
Appendix A Answers to the “Check Your Understanding” Questions
Glossary
Index
CEH v10 Certified Ethical Hacker Study Guide
فهرست مطالب:
Introduction
Assessment Test
Chapter 1: Ethical Hacking
Chapter 2: Networking Foundations
Chapter 3: Security Foundations
Chapter 4: Footprinting and Reconnaissance
Chapter 5: Scanning Networks
Chapter 6: Enumeration
Chapter 7: System Hacking
Chapter 8: Malware
Chapter 9: Sniffing
Chapter 10: Social Engineering
Chapter 11: Wireless Security
Chapter 12: Attack and Defense
Chapter 13: Cryptography
Chapter 14: Security Architecture and Design
Appendix: Answers to Review Questions
Index
CEH v11 Certified Ethical Hacker Study Guide
فهرست مطالب:
Introduction
Assessment Test
Chapter 1: Ethical Hacking
Chapter 2: Networking Foundations
Chapter 3: Security Foundations
Chapter 4: Footprinting and Reconnaissance
Chapter 5: Scanning Networks
Chapter 6: Enumeration
Chapter 7: System Hacking
Chapter 8: Malware
Chapter 9: Sniffing
Chapter 10: Social Engineering
Chapter 11: Wireless Security
Chapter 12: Attack and Defense
Chapter 13: Cryptography
Chapter 14: Security Architecture and Design
Chapter 15: Cloud Computing and the Internet of Things
Appendix: Answers to Review Questions
Index
Certified Ethical Hacker (CEH) Preparation Guide
فهرست مطالب:
About the Author
About the Technical Reviewer
Introduction
Chapter 1: Introduction to Ethical Hacking
Chapter 2: Footprinting and Reconnaissance/Scanning Networks
Chapter 3: Enumeration
Chapter 4: System Hacking
Chapter 5: Trojans, Backdoors, Viruses, and Worms
Chapter 6: Sniffers and Social Engineering
Chapter 7: Denial of Service
Chapter 8: Session Hijacking
Chapter 9: Hacking Webservers
Chapter 10: Hacking Web Applications
Chapter 11: SQL Injections
CHAPTER 12: Hacking Wireless Networks
CHAPTER 13: Evading Intrusion Detection Systems, Firewalls, and Honeypots
CHAPTER 14: Buffer Overflow
CHAPTER 15: Cryptography
CHAPTER 16: Penetration Testing
Index