Take a look at our Networking books. Shulph carries a great selection of Networking books, and we are always adding more.
Implement defensive techniques in your ecosystem successfully with Python Key Features Identify and expose vulnerabilities in your infrastructure with Python Learn custom exploit development . Make robust and powerful cybersecurity tools with Python Book Description With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers. Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you'll explore the advanced uses of Python in the domain of penetration testing and optimization. You'll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you'll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python. By the end of this book, you'll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits. What you will learn Get to grips with Custom vulnerability scanner development Familiarize yourself with web application scanning automation and exploit development Walk through day-to-day cybersecurity scenarios that can be automated with Python Discover enterprise-or organization-specific use cases and threat-hunting automation Understand reverse engineering, fuzzing, buffer overflows , key-logger development, and exploit development for buffer overflows. Understand web scraping in Python and use it for processing web responses Explore Security Operations Centre (SOC) use cases Get to understand Data Science, Python, and cybersecurity all under one hood Who this book is for If you are a security consultant , developer or a cyber security enthusiast with little or no knowledge of Python and want in-depth insight into how the pen-testing ecosystem and python combine to create offensive tools , exploits , automate cyber security use-cases and much more then this book is for you. Hands-On Penetration Testing with Python guides you through the advanced uses of Python for cybersecurity and pen-testing, helping you to better understand security loopholes within your infrastructure .
Your one-stop guide to learning and implementing Red Team tactics effectively Key Features Target a complex enterprise environment in a Red Team activity Detect threats and respond to them with a real-world cyber-attack simulation Explore advanced penetration testing tools and techniques Book Description Red Teaming is used to enhance security by performing simulated attacks on an organization in order to detect network and system vulnerabilities. Hands-On Red Team Tactics starts with an overview of pentesting and Red Teaming, before giving you an introduction to few of the latest pentesting tools. We will then move on to exploring Metasploit and getting to grips with Armitage. Once you have studied the fundamentals, you will learn how to use Cobalt Strike and how to set up its team server. The book introduces some common lesser known techniques for pivoting and how to pivot over SSH, before using Cobalt Strike to pivot. This comprehensive guide demonstrates advanced methods of post-exploitation using Cobalt Strike and introduces you to Command and Control (C2) servers and redirectors. All this will help you achieve persistence using beacons and data exfiltration, and will also give you the chance to run through the methodology to use Red Team activity tools such as Empire during a Red Team activity on Active Directory and Domain Controller. In addition to this, you will explore maintaining persistent access, staying untraceable, and getting reverse connections over different C2 covert channels. By the end of this book, you will have learned about advanced penetration testing tools, techniques to get reverse shells over encrypted channels, and processes for post-exploitation. What you will learn Get started with red team engagements using lesser-known methods Explore intermediate and advanced levels of post-exploitation techniques Get acquainted with all the tools and frameworks included in the Metasploit framework Discover the art of getting stealthy access to systems via Red Teaming Understand the concept of redirectors to add further anonymity to your C2 Get to grips with different uncommon techniques for data exfiltration Who this book is for Hands-On Red Team Tactics is for you if you are an IT professional, pentester, security consultant, or ethical hacker interested in the IT security domain and wants to go beyond Penetration Testing. Prior knowledge of penetration testing is beneficial.
Explore the world of modern human-operated ransomware attacks, along with covering steps to properly investigate them and collecting and analyzing cyber threat intelligence using cutting-edge methods and toolsKey FeaturesUnderstand modern human-operated cyber attacks, focusing on threat actor tactics, techniques, and proceduresCollect and analyze ransomware-related cyber threat intelligence from various sourcesUse forensic methods and tools to reconstruct ransomware attacks and prevent them in the early stagesBook DescriptionRansomware attacks have become the strongest and most persistent threat for many companies around the globe. Building an effective incident response plan to prevent a ransomware attack is crucial and may help you avoid heavy losses. Incident Response Techniques for Ransomware Attacks is designed to help you do just that.This book starts by discussing the history of ransomware, showing you how the threat landscape has changed over the years, while also covering the process of incident response in detail. You'll then learn how to collect and produce ransomware-related cyber threat intelligence and look at threat actor tactics, techniques, and procedures. Next, the book focuses on various forensic artifacts in order to reconstruct each stage of a human-operated ransomware attack life cycle. In the concluding chapters, you'll get to grips with various kill chains and discover a new one: the Unified Ransomware Kill Chain.By the end of this ransomware book, you'll be equipped with the skills you need to build an incident response strategy for all ransomware attacks.What you will learnUnderstand the modern ransomware threat landscapeExplore the incident response process in the context of ransomwareDiscover how to collect and produce ransomware-related cyber threat intelligenceUse forensic methods to collect relevant artifacts during incident responseInterpret collected data to understand threat actor tactics, techniques, and proceduresUnderstand how to reconstruct the ransomware attack kill chainWho this book is forThis book is for security researchers, security analysts, or anyone in the incident response landscape who is responsible for building an incident response model for ransomware attacks. A basic understanding of cyber threats will be helpful to get the most out of this book.
Advance your career as an information security professional by turning theory into robust solutions to secure your organizationKey FeaturesConvert the theory of your security certifications into actionable changes to secure your organizationDiscover how to structure policies and procedures in order to operationalize your organization's information security strategyLearn how to achieve security goals in your organization and reduce software riskBook DescriptionInformation security and risk management best practices enable professionals to plan, implement, measure, and test their organization's systems and ensure that they're adequately protected against threats. The book starts by helping you to understand the core principles of information security, why risk management is important, and how you can drive information security governance. You'll then explore methods for implementing security controls to achieve the organization's information security goals. As you make progress, you'll get to grips with design principles that can be utilized along with methods to assess and mitigate architectural vulnerabilities. The book will also help you to discover best practices for designing secure network architectures and controlling and managing third-party identity services. Finally, you will learn about designing and managing security testing processes, along with ways in which you can improve software security. By the end of this infosec book, you'll have learned how to make your organization less vulnerable to threats and reduce the likelihood and impact of exploitation. As a result, you will be able to make an impactful change in your organization toward a higher level of information security.What you will learnUnderstand and operationalize risk management concepts and important security operations activitiesDiscover how to identify, classify, and maintain information and assetsAssess and mitigate vulnerabilities in information systemsDetermine how security control testing will be undertakenIncorporate security into the SDLC (software development life cycle)Improve the security of developed software and mitigate the risks of using unsafe softwareWho this book is forIf you are looking to begin your career in an information security role, then this book is for you. Anyone who is studying to achieve industry-standard certification such as the CISSP or CISM, but looking for a way to convert concepts (and the seemingly endless number of acronyms) from theory into practice and start making a difference in your day-to-day work will find this book useful.
Become familiar with Kubernetes and explore techniques to manage your containerized workloads and services Key Features Learn everything from creating a cluster to monitoring applications in Kubernetes Understand and develop DevOps primitives using Kubernetes Use Kubernetes to solve challenging real-life DevOps problems Book Description Kubernetes and DevOps are the two pillars that can keep your business at the top by ensuring high performance of your IT infrastructure. Introduction to DevOps with Kubernetes will help you develop the skills you need to improve your DevOps with the power of Kubernetes. The book begins with an overview of Kubernetes primitives and DevOps concepts. You'll understand how Kubernetes can assist you with overcoming a wide range of real-world operation challenges. You will get to grips with creating and upgrading a cluster, and then learn how to deploy, update, and scale an application on Kubernetes. As you advance through the chapters, you'll be able to monitor an application by setting up a pod failure alert on Prometheus. The book will also guide you in configuring Alertmanager to send alerts to the Slack channel and trace down a problem on the application using kubectl commands. By the end of this book, you'll be able to manage the lifecycle of simple to complex applications on Kubernetes with confidence. What you will learn Create and manage Kubernetes clusters in on-premise systems and cloud Exercise various DevOps practices using Kubernetes Explore configuration, secret, and storage management, and exercise these on Kubernetes Perform different update techniques and apply them on Kubernetes Use the built-in scaling feature in Kubernetes to scale your applications up and down Use various troubleshooting techniques and have a monitoring system installed on Kubernetes Who this book is for If you are a developer who wants to learn how to apply DevOps patterns using Kubernetes, then this book is for you. Familiarity with Kubernetes will be useful, but not essential.
Extract crucial data and lead successful criminal investigations by infiltrating every level of iOS devicesKey FeaturesExplore free and commercial tools for carrying out data extractions and analysis for digital forensicsLearn to look for key artifacts, recover deleted mobile data, and investigate processed dataGet up and running with extracting full filesystem images and jailbreak devices to gather the most data possibleBook DescriptionProfessionals working in the mobile forensics industry will be able to put their knowledge to work with this practical guide to learning how to extract and analyze all available data from an iOS device. This book is a comprehensive, how-to guide that leads investigators through the process of collecting mobile devices and preserving, extracting, and analyzing data, as well as building a report. Complete with step-by-step explanations of essential concepts, practical examples, and self-assessment questions, this book starts by covering the fundamentals of mobile forensics and how to overcome challenges in extracting data from iOS devices. Once you've walked through the basics of iOS, you'll learn how to use commercial tools to extract and process data and manually search for artifacts stored in database files. Next, you'll find out the correct workflows for handling iOS devices and understand how to extract valuable information to track device usage. You'll also get to grips with analyzing key artifacts, such as browser history, the pattern of life data, location data, and social network forensics. By the end of this book, you'll be able to establish a proper workflow for handling iOS devices, extracting all available data, and analyzing it to gather precious insights that can be reported as prosecutable evidence.What you will learnBecome familiar with the mobile forensics workflowUnderstand how to legally seize iOS devices and preserve their dataExtract evidence through logical and filesystem acquisitionsPerform a deep-dive analysis of user data and system dataGain insights by analyzing third-party applicationsGet to grips with gathering evidence stored on iCloudWho this book is forForensic analysts and investigators interested in extending their skills to extract data from iOS devices, including system logs, device usage, and third-party application data, will find this book useful. Anyone familiar with the principles of digital forensics and looking to expand their knowledge base in deep iOS examinations will also benefit from this book.Knowledge of mobile forensic principles, data extraction, Unix/Linux terminal, and some hands-on understanding of databases and SQL query language is assumed.
Discover the most common web vulnerabilities and prevent them from becoming a threat to your site's security Key Features Familiarize yourself with the most common web vulnerabilities Conduct a preliminary assessment of attack surfaces and run exploits in your lab Explore new tools in the Kali Linux ecosystem for web penetration testing Book Description Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test – from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security ?aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities. What you will learn Set up a secure penetration testing laboratory Use proxies, crawlers, and spiders to investigate an entire website Identify cross-site scripting and client-side vulnerabilities Exploit vulnerabilities that allow the insertion of code into web applications Exploit vulnerabilities that require complex setups Improve testing efficiency using automated vulnerability scanners Learn how to circumvent security controls put in place to prevent attacks Who this book is for Kali Linux Web Penetration Testing Cookbook is for IT professionals, web developers, security enthusiasts, and security professionals who want an accessible reference on how to find, exploit, and prevent security vulnerabilities in web applications. The basics of operating a Linux environment and prior exposure to security technologies and tools are necessary.
Learn how to hack systems like black hat hackers and secure them like security experts Key Features Understand how computer systems work and their vulnerabilities Exploit weaknesses and hack into machines to test their security Learn how to secure systems from hackers Book Description This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You'll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices. Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections. The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks. What you will learn Understand ethical hacking and the different fields and types of hackers Set up a penetration testing lab to practice safe and legal hacking Explore Linux basics, commands, and how to interact with the terminal Access password-protected networks and spy on connected clients Use server and client-side attacks to hack and control remote computers Control a hacked system remotely and use it to hack other systems Discover, exploit, and prevent a number of web application vulnerabilities such as XSS and SQL injections Who this book is for Learning Ethical Hacking from Scratch is for anyone interested in learning how to hack and test the security of systems like professional hackers and security experts.
Install, Configure and Setup different connections with pfSense Key Features Build firewall and routing solutions with PfSense. Learn how to create captive portals, how to connect Pfsense to your https environment and so on. Practical approach towards building firewall solutions for your organization Book Description As computer networks become ubiquitous, it has become increasingly important to both secure and optimize our networks. pfSense, an open-source router/firewall, provides an easy, cost-effective way of achieving this – and this book explains how to install and configure pfSense in such a way that even a networking beginner can successfully deploy and use pfSense. This book begins by covering networking fundamentals, deployment scenarios, and hardware sizing guidelines, as well as how to install pfSense. The book then covers configuration of basic services such as DHCP, DNS, and captive portal and VLAN configuration. Careful consideration is given to the core firewall functionality of pfSense, and how to set up firewall rules and traffic shaping. Finally, the book covers the basics of VPNs, multi-WAN setups, routing and bridging, and how to perform diagnostics and troubleshooting on a network. What you will learn Install pfSense Configure additional interfaces, and enable and configure DHCP Understand Captive portal Understand firewalls and NAT, and traffic shaping Learn in detail about VPNs Understand Multi-WAN Learn about routing and bridging in detail Understand the basics of diagnostics and troubleshooting networks Who this book is for This book is towards any network security professionals who want to get introduced to the world of firewalls and network configurations using Pfsense. No knowledge of PfSense is required
Grasp the basics of packet capture and analyze common protocols Key Features Troubleshoot basic to advanced network problems using packet analysis Analyze common protocols and identify latency issues with Wireshark Explore ways to examine captures to recognize unusual traffic and possible network attacks Book Description Wireshark is a popular and powerful packet analysis tool that helps network administrators investigate latency issues and identify potential attacks. Learn Wireshark provides a solid overview of basic protocol analysis and helps you to navigate the Wireshark interface, so you can confidently examine common protocols such as TCP, IP, and ICMP. The book starts by outlining the benefits of traffic analysis, takes you through the evolution of Wireshark, and then covers the phases of packet analysis. We'll review some of the command line tools and outline how to download and install Wireshark on either a PC or MAC. You'll gain a better understanding of what happens when you tap into the data stream, and learn how to personalize the Wireshark interface. This Wireshark book compares the display and capture filters and summarizes the OSI model and data encapsulation. You'll gain insights into the protocols that move data in the TCP/IP suite, and dissect the TCP handshake and teardown process. As you advance, you'll explore ways to troubleshoot network latency issues, and discover how to save and export files. Finally, you'll see how you can share captures with your colleagues using Cloudshark. By the end of this book, you'll have a solid understanding of how to monitor and secure your network with the most updated version of Wireshark. What you will learn Become familiar with the Wireshark interface Navigate commonly accessed menu options such as edit, view, and file Use display and capture filters to examine traffic Understand the Open Systems Interconnection (OSI) model Carry out deep packet analysis of the Internet suite: IP, TCP, UDP, ARP, and ICMP Explore ways to troubleshoot network latency issues Subset traffic, insert comments, save, export, and share packet captures Who this book is for This book is for network administrators, security analysts, students, teachers, and anyone interested in learning about packet analysis using Wireshark. Basic knowledge of network fundamentals, devices, and protocols along with an understanding of different topologies will be beneficial.