Real-World Bug Hunting
Learn how people break websites and how you can, too. Real-World Bug Hunting is the premier field guide to finding software bugs. Whether you're a cyber-security beginner who wants to make the internet safer or a seasoned developer who wants to write secure code, ethical hacker Peter Yaworski will show you how it's done. You'll learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery. Using real-life case studies of rewarded vulnerabilities from applications like Twitter, Facebook, Google, and Uber, you'll see how hackers manage to invoke race conditions while transferring money, use URL parameter to cause users to like unintended tweets, and more. Each chapter introduces a vulnerability type accompanied by a series of actual reported bug bounties. The book's collection of tales from the field will teach you how attackers trick users into giving away their sensitive information and how sites may reveal ...
Learn how people break websites and how you can, too. Real-World Bug Hunting is the premier field guide to finding software bugs. Whether you're a cyber-security beginner who wants to make the internet safer or a seasoned developer who wants to write secure code, ethical hacker Peter Yaworski will show you how it's done. You'll learn about the most common types of bugs like cross-site scripting, insecure direct object references, and server-side request forgery. Using real-life case studies of rewarded vulnerabilities from applications like Twitter, Facebook, Google, and Uber, you'll see how hackers manage to invoke race conditions while transferring money, use URL parameter to cause users to like unintended tweets, and more. Each chapter introduces a vulnerability type accompanied by a series of actual reported bug bounties. The book's collection of tales from the field will teach you how attackers trick users into giving away their sensitive information and how sites may reveal ...
Python for Teenagers
Discover everything you need to know about Python to turn your passion of programming into a job you'll love. Fueled by fun and practical examples, this book gives high schoolers who want learn an easy programming language ideas for how to leverage them in the workforce. Start with the basics and before you know it, you'll be building your own web sites, doing white-hat hacking, finding code bugs and errors, and creating games, including using Python to roll characters for RPGs. Every chapter is relaxed and informal, like learning with a cool teacher all the time. Computers, phones and the web are your playground, and you'll be ready to join the party with your own content. Going beyond posts and uploads means learning to program, and Python is a great choice to get started. It's quick to learn, it's flexible, and if you want, it may get you a Python job that pays more than minimum wage when you're out of school. Python for Teenagers is the most fun you'll have while learning. ...
Discover everything you need to know about Python to turn your passion of programming into a job you'll love. Fueled by fun and practical examples, this book gives high schoolers who want learn an easy programming language ideas for how to leverage them in the workforce. Start with the basics and before you know it, you'll be building your own web sites, doing white-hat hacking, finding code bugs and errors, and creating games, including using Python to roll characters for RPGs. Every chapter is relaxed and informal, like learning with a cool teacher all the time. Computers, phones and the web are your playground, and you'll be ready to join the party with your own content. Going beyond posts and uploads means learning to program, and Python is a great choice to get started. It's quick to learn, it's flexible, and if you want, it may get you a Python job that pays more than minimum wage when you're out of school. Python for Teenagers is the most fun you'll have while learning. ...
Secure by Design
Secure by Design teaches developers how to use design to drive security in software development. This book is full of patterns, best practices, and mindsets that you can directly apply to your real world development. You'll also learn to spot weaknesses in legacy code and how to address them. Security should be the natural outcome of your development process. As applications increase in complexity, it becomes more important to bake security-mindedness into every step. The secure-by-design approach teaches best practices to implement essential software features using design as the primary driver for security. Secure by Design teaches you principles and best practices for writing highly secure software. At the code level, you'll discover security-promoting constructs like safe error handling, secure validation, and domain primitives. You'll also master security-centric techniques you can apply throughout your build-test-deploy pipeline, including the unique concerns of modern micro ...
Secure by Design teaches developers how to use design to drive security in software development. This book is full of patterns, best practices, and mindsets that you can directly apply to your real world development. You'll also learn to spot weaknesses in legacy code and how to address them. Security should be the natural outcome of your development process. As applications increase in complexity, it becomes more important to bake security-mindedness into every step. The secure-by-design approach teaches best practices to implement essential software features using design as the primary driver for security. Secure by Design teaches you principles and best practices for writing highly secure software. At the code level, you'll discover security-promoting constructs like safe error handling, secure validation, and domain primitives. You'll also master security-centric techniques you can apply throughout your build-test-deploy pipeline, including the unique concerns of modern micro ...
Integrating Serverless Architecture
Design, develop, build, and deliver an end-to-end serverless architecture by leveraging Azure services, frameworks, and tools. This book offers a holistic approach, guiding you through the design and development of a Twitter Bot application, while leveraging Azure Functions. Integrating Serverless Architecture begins with an overview of serverless computing and getting started with Azure Functions. Here, you will create a Twitter bot function which scans Twitter for the latest tweets and makes use of dependency injection. Further, you will learn about Azure Cosmos DB where you will cover its change feed mechanism and the repository pattern. You will create a Cosmos DB trigger-based tweet notifier function, which will broadcast the latest tweets to connected clients. You will explore the basics of Azure Service Bus and create a tweet scheduler function, which will prioritize different keywords for the Twitter bot function. Along the way, you will debug, deliver, and test the function ...
Design, develop, build, and deliver an end-to-end serverless architecture by leveraging Azure services, frameworks, and tools. This book offers a holistic approach, guiding you through the design and development of a Twitter Bot application, while leveraging Azure Functions. Integrating Serverless Architecture begins with an overview of serverless computing and getting started with Azure Functions. Here, you will create a Twitter bot function which scans Twitter for the latest tweets and makes use of dependency injection. Further, you will learn about Azure Cosmos DB where you will cover its change feed mechanism and the repository pattern. You will create a Cosmos DB trigger-based tweet notifier function, which will broadcast the latest tweets to connected clients. You will explore the basics of Azure Service Bus and create a tweet scheduler function, which will prioritize different keywords for the Twitter bot function. Along the way, you will debug, deliver, and test the function ...
Progressive Web Apps with Angular
Harness the power of Angular to build fast, high performance progressive web apps that work offline. Learn exactly how to create an Angular Progressive Web App (PWA) from scratch, how you can use different tools to audit and improve it, and leverage Angular CLI or Workbox to turn your app into a PWA. Using browser APIs - including the Credential Management, Payment Request, Geolocation, Web Bluetooth, WebUSB and Generic Sensors APIs - you can unleash the potential of PWAs and build applications that enhance user experience. Angular's game-changing built-in features, including the Angular service worker module, can be leveraged to construct responsive and reliable PWAs that can look and feel just like native mobile apps. You'll learn how to boost your app speed, how to increase user engagement using push notifications, and how to implement offline storage and different caching APIs in Angular. You'll even see how to convert an existing Angular app into a PWA. Whether you're ne ...
Harness the power of Angular to build fast, high performance progressive web apps that work offline. Learn exactly how to create an Angular Progressive Web App (PWA) from scratch, how you can use different tools to audit and improve it, and leverage Angular CLI or Workbox to turn your app into a PWA. Using browser APIs - including the Credential Management, Payment Request, Geolocation, Web Bluetooth, WebUSB and Generic Sensors APIs - you can unleash the potential of PWAs and build applications that enhance user experience. Angular's game-changing built-in features, including the Angular service worker module, can be leveraged to construct responsive and reliable PWAs that can look and feel just like native mobile apps. You'll learn how to boost your app speed, how to increase user engagement using push notifications, and how to implement offline storage and different caching APIs in Angular. You'll even see how to convert an existing Angular app into a PWA. Whether you're ne ...
Black Hat Go
Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go. You'll begin your journey with a basic overview of Go's syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You'll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You'll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography. You'll Learn how to: Make performant tools that can be used for your own securit ...
Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go. You'll begin your journey with a basic overview of Go's syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You'll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You'll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography. You'll Learn how to: Make performant tools that can be used for your own securit ...
Building Web Applications with .NET Core 2.1 and JavaScript, 2nd edition
Roll up your sleeves and jump into building web applications using .NET Core 2.1 and the most popular JavaScript frameworks. You will start by building a data access layer using Entity Framework Core, a RESTful service using ASP.NET Core, and then you will build a web application following the MVC pattern, also using ASP.NET Core. The resulting application is an example e-commerce site using the most appropriate capabilities in .NET Core for building a line of business applications. The second half of Building Web Applications with .NET Core 2.1 and JavaScript is dedicated to teaching you how to develop applications on the client with JavaScript, BootStrap, and related tooling such as TypeScript, WebPack, NPM, and more. Each JavaScript framework will build the same UI as the ASP.NET Core web application from the first half of the book, leveraging the same ASP.NET Core RESTful service and Entity Framework Core data access layer. Building the same UI in the different JavaScript fra ...
Roll up your sleeves and jump into building web applications using .NET Core 2.1 and the most popular JavaScript frameworks. You will start by building a data access layer using Entity Framework Core, a RESTful service using ASP.NET Core, and then you will build a web application following the MVC pattern, also using ASP.NET Core. The resulting application is an example e-commerce site using the most appropriate capabilities in .NET Core for building a line of business applications. The second half of Building Web Applications with .NET Core 2.1 and JavaScript is dedicated to teaching you how to develop applications on the client with JavaScript, BootStrap, and related tooling such as TypeScript, WebPack, NPM, and more. Each JavaScript framework will build the same UI as the ASP.NET Core web application from the first half of the book, leveraging the same ASP.NET Core RESTful service and Entity Framework Core data access layer. Building the same UI in the different JavaScript fra ...
WebAssembly in Action
WebAssembly in Action introduces the WebAssembly stack and walks you through the process of writing and running browser-based applications. Expert developer Gerard Gallant gives you a firm foundation of the structure of a module, HTML basics, JavaScript Promises, and the WebAssembly JavaScript API. Write high-performance browser-based applications without relying only on JavaScript! By compiling to the WebAssembly binary format, your C, C++, or Rust code runs at near-native speed in the browser. WebAssembly delivers greater speed, opportunities to reuse existing code, and access to newer and faster libraries. Plus, you can easily interact with JavaScript when you need to. WebAssembly in Action teaches you how to write and run high-performance browser-based applications using C++ and other languages supported by WebAssembly. In it, you'll learn to create native WebAssembly modules, interact with JavaScript components, and maximize performance with web workers and pthreads. And you ...
WebAssembly in Action introduces the WebAssembly stack and walks you through the process of writing and running browser-based applications. Expert developer Gerard Gallant gives you a firm foundation of the structure of a module, HTML basics, JavaScript Promises, and the WebAssembly JavaScript API. Write high-performance browser-based applications without relying only on JavaScript! By compiling to the WebAssembly binary format, your C, C++, or Rust code runs at near-native speed in the browser. WebAssembly delivers greater speed, opportunities to reuse existing code, and access to newer and faster libraries. Plus, you can easily interact with JavaScript when you need to. WebAssembly in Action teaches you how to write and run high-performance browser-based applications using C++ and other languages supported by WebAssembly. In it, you'll learn to create native WebAssembly modules, interact with JavaScript components, and maximize performance with web workers and pthreads. And you ...
Practical Data Science with R, 2nd Edition
Practical Data Science with R, Second Edition takes a practice-oriented approach to explaining basic principles in the ever expanding field of data science. You'll jump right to real-world use cases as you apply the R programming language and statistical analysis techniques to carefully explained examples based in marketing, business intelligence, and decision support. Evidence-based decisions are crucial to success. Applying the right data analysis techniques to your carefully curated business data helps you make accurate predictions, identify trends, and spot trouble in advance. The R data analysis platform provides the tools you need to tackle day-to-day data analysis and machine learning tasks efficiently and effectively. Practical Data Science with R, 2nd Edition is a task-based tutorial that leads readers through dozens of useful, data analysis practices using the R language. By concentrating on the most important tasks you'll face on the job, this friendly guide is comfort ...
Practical Data Science with R, Second Edition takes a practice-oriented approach to explaining basic principles in the ever expanding field of data science. You'll jump right to real-world use cases as you apply the R programming language and statistical analysis techniques to carefully explained examples based in marketing, business intelligence, and decision support. Evidence-based decisions are crucial to success. Applying the right data analysis techniques to your carefully curated business data helps you make accurate predictions, identify trends, and spot trouble in advance. The R data analysis platform provides the tools you need to tackle day-to-day data analysis and machine learning tasks efficiently and effectively. Practical Data Science with R, 2nd Edition is a task-based tutorial that leads readers through dozens of useful, data analysis practices using the R language. By concentrating on the most important tasks you'll face on the job, this friendly guide is comfort ...
Hello World! 3rd Edition
Hello World! Computer Programming for Kids and Other Beginners, 3rd Edition introduces the world of computer programming in a clear and fun style using Python, a programming language designed to be easy to learn. Learn to talk to your computer in its own language! Whether you want to create a game, start a business, or solve an important problem, the first step is learning to write your own programs. Hello World! Computer Programming for Kids and Other Beginners, 3rd Edition introduces the world of computer programming in a clear and fun style. Using Python, a programming language designed to be easy to learn, each engaging lesson teaches skills that apply to any kind of programming. It brings to life the basic concepts of computing - looping, decisions, input and output, graphics, and more. Written by father-and-son team Warren and Carter Sande, this international bestseller is kid-tested and reviewed by professional educators. Now in its third edition, Hello World! has been ...
Hello World! Computer Programming for Kids and Other Beginners, 3rd Edition introduces the world of computer programming in a clear and fun style using Python, a programming language designed to be easy to learn. Learn to talk to your computer in its own language! Whether you want to create a game, start a business, or solve an important problem, the first step is learning to write your own programs. Hello World! Computer Programming for Kids and Other Beginners, 3rd Edition introduces the world of computer programming in a clear and fun style. Using Python, a programming language designed to be easy to learn, each engaging lesson teaches skills that apply to any kind of programming. It brings to life the basic concepts of computing - looping, decisions, input and output, graphics, and more. Written by father-and-son team Warren and Carter Sande, this international bestseller is kid-tested and reviewed by professional educators. Now in its third edition, Hello World! has been ...