Practical Social Engineering
Even the most advanced security teams can do little to defend against an employee clicking a malicious link, opening an email attachment, or revealing sensitive information in a phone call. Practical Social Engineering will help you better understand the techniques behind these social engineering attacks and how to thwart cyber criminals and malicious actors who use them to take advantage of human nature.
Joe Gray, an award-winning expert on social engineering, shares case studies, best practices, open source intelligence (OSINT) tools, and templates for orchestrating and reporting attacks so companies can better protect themselves. He outlines creative techniques to trick users out of their credentials, such as leveraging Python scripts and editing HTML files to clone a legitimate website. Once you've succeeded in harvesting information about your targets with advanced OSINT methods, you'll discover how to defend your own organization from similar threats.
Fast-paced, hands-on, ...
The Art of Mac Malware
Defenders must fully understand how malicious software works if they hope to stay ahead of the increasingly sophisticated threats facing Apple products today. The Art of Mac Malware: The Guide to Analyzing Malicious Software is a comprehensive handbook to cracking open these malicious programs and seeing what's inside.
Discover the secrets of nation state backdoors, destructive ransomware, and subversive cryptocurrency miners as you uncover their infection methods, persistence strategies, and insidious capabilities. Then work with and extend foundational reverse-engineering tools to extract and decrypt embedded strings, unpack protected Mach-O malware, and even reconstruct binary code. Next, using a debugger, you'll execute the malware, instruction by instruction, to discover exactly how it operates. In the book's final section, you'll put these lessons into practice by analyzing a complex Mac malware specimen on your own.
A former NSA hacker and current leader in the field of ma ...
An Application Programming Interface (API) is a software connection that allows applications to communicate and share services. Hacking APIs will teach you how to test web APIs for security vulnerabilities. You'll learn how the common API types, REST, SOAP, and GraphQL, work in the wild. Then you'll set up a streamlined API testing lab and perform common attacks, like those targeting an API's authentication mechanisms, and the injection vulnerabilities commonly found in web applications. In the book's guided labs, which target intentionally vulnerable APIs.
By the end of the book, you'll be prepared to uncover those high-payout API bugs that other hackers aren't finding, and improve the security of applications on the web. ...
An Artist's Guide to Programming
An Artist's Guide to Programming teaches computer programming with the aid of 100 example programs, each of which integrates graphical or sound output. The Processing-language-based examples range from drawing a circle and animating bouncing balls to 3D graphics, audio visualization, and interactive games.
Readers learn core programming concepts like conditions, loops, arrays, strings and functions, as well as how to use Processing to draw lines, shapes, and 3D objects. They'll learn key computer graphics concepts like manipulating images, animating text, mapping textures onto objects, and working with video. Advanced examples include sound effects and audio visualization, network communication, 3D geometry and animation, simulations of snow and smoke, predator-prey populations, and interactive games. ...
The Recursive Book of Recursion
Recursion has an intimidating reputation: it's considered to be an advanced computer science topic frequently brought up in coding interviews. But there's nothing magical about recursion.
Al Sweigart has built a career explaining programming concepts in a fun, approachable manner. If you've shied away from learning recursion but want to add this technique to your programming toolkit, or if you're racing to prepare for your next job interview, this book is for y ...
The Art of Clean Code
Most software developers waste thousands of hours working with overly complex code. The eight core principles in The Art of Clean Code will teach you how to write clear, maintainable code without compromising functionality. The book's guiding principle is simplicity: reduce and simplify, then reinvest energy in the important parts to save you countless hours and ease the often onerous task of code maintenance.
Bestselling author Christian Mayer leverages his experience helping thousands perfect their coding skills in this new book.
This Python-based guide is suitable for programmers at any level, with ideas presented in a language-agnostic manner. ...
Bare Metal C
Bare Metal C will teach you how to program embedded devices with the C programming language. For embedded system programmers who want precise and complete control over the system they are using, this book pulls back the curtain on what the compiler is doing for you so that you can see all the details of what's happening with your program.
The first part of the book teaches C basics with the aid of a low-cost, widely available bare metal system (the Nucleo Arm evaluation system), which gives you all the tools needed to perform basic embedded programming. As you progress through the book you'll learn how to integrate serial input/output (I/O) and interrupts into your programs. You'll also learn what the C compiler and linker do behind the scenes, so that you'll be better able to write more efficient programs that maximize limited memory. Finally, you'll learn how to use more complex, memory hungry C features like dynamic memory, file I/O, and floating-point numbers. ...
Python for Data Science
Python is an ideal choice for accessing, manipulating, and gaining insights from data of all kinds. Python for Data Science introduces you to the Pythonic world of data analysis with a learn-by-doing approach rooted in practical examples and hands-on activities. You'll learn how to write Python code to obtain, transform, and analyze data, practicing state-of-the-art data processing techniques for use cases in business management, marketing, and decision support.
You will discover Python's rich set of built-in data structures for basic operations, as well as its robust ecosystem of open-source libraries for data science, including NumPy, pandas, scikit-learn, matplotlib, and more. Examples show how to load data in various formats, how to streamline, group, and aggregate data sets, and how to create charts, maps, and other visualizations. Later chapters go in-depth with demonstrations of real-world data applications, including using location data to power a taxi service, market basket ...
DevOps for the Desperate
If you're a software engineer, developer, or sys admin who needs to get up to speed with DevOps quickly, this book covers the basics you need to thrive in a modern application stack.
This book's fast-paced, hands-on examples will provide the foundation you need to start performing common DevOps tasks. You'll explore how to implement Infrastructure as Code (IaC) and configuration management (CM) - essential practices for designing secure and stable systems. You'll take a tour of containerization and set up an automated continuous delivery (CI/CD) pipeline that builds, tests, and deploys code. You'll dig into how to detect a system's state and alert on it when things go sideways.
DevOps for the Desperate is a practical, no-nonsense guide to get you up and running quickly in today's full-stack infrastructure. ...
The Book of Kubernetes
Containers ensure that software runs reliably no matter where it's deployed, and Kubernetes is the open-source platform that lets you manage all of your containers from a single control plane. In this comprehensive tour of Kubernetes, each chapter includes a set of examples with just enough automation to start your container exploration with ease.
The book begins with an overview of modern application architecture and the benefits of and requirements for containers and orchestration. It describes Linux control groups, process isolation, and network namespaces, and how to build container images. You'll then create containers, deploy and administer a Kubernetes cluster, and learn how to debug Kubernetes all the way down to the operating system and the network. You'll gain a deep understanding of containerization and Kubernetes, as well as how container networking works at the packet level across multiple nodes in a cluster. ...
The Art of Cyberwarfare
Cyber attacks are no longer the domain of petty criminals. Today, companies find themselves targeted by sophisticated nation state attackers armed with the resources to craft scarily effective campaigns. This book is a detailed guide to understanding the major players in these cyber wars, the techniques they use, and the process of analyzing their advanced attacks. Whether you're an individual researcher or part of a team within a Security Operations Center (SoC), you'll learn to approach, track, and attribute attacks to these advanced actors.
The first part of the book is an overview of actual cyber attacks conducted by nation-state actors and other advanced organizations. It explores the geopolitical context in which the attacks took place, the patterns found in the attackers' techniques, and the supporting evidence analysts used to attribute such attacks.
Dive into the mechanisms of: North Korea's series of cyber attacks against financial institutions, which resulted in billio ...