Affichage des articles dont le libellé est E-Books. Afficher tous les articles
Affichage des articles dont le libellé est E-Books. Afficher tous les articles

SQL Injection Attacks and Defense, Second Edition

SQL Injection Attacks and Defense, First Edition: Winner of the Best Book Bejtlich Read Award

"SQL injection is probably the number one problem for any server-side application, and this book unequaled in its coverage." -Richard Bejtlich, Tao Security blog

SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information available for penetration testers, IT security consultants and practitioners, and web/software developers to turn to for help.

SQL Injection Attacks and Defense, Second Edition is the only book devoted exclusively to this long-established but recently growing threat. This is the definitive resource for understanding, finding, exploiting, and defending against this increasingly popular and particularly destructive type of Internet-based attack.

SQL Injection Attacks and Defense, Second Edition includes all the currently known information about these attacks and significant insight from its team of SQL injection experts, who tell you about:

Understanding SQL Injection - Understand what it is and how it works
Find, confirm and automate SQL injection discovery
Tips and tricks for finding SQL injection within code
Create exploits for using SQL injection
Design apps to avoid the dangers these attacks
SQL injection on different databases
SQL injection on different technologies
SQL injection testing techniques
Case Studies

Securing SQL Server, Second Edition is the only book to provide a complete understanding of SQL injection, from the basics of vulnerability to discovery, exploitation, prevention, and mitigation measures.
Covers unique, publicly unavailable information, by technical experts in such areas as Oracle, Microsoft SQL Server, and MySQL---including new developments for Microsoft SQL Server 2012 (Denali).
Written by an established expert, author, and speaker in the field, with contributions from a team of equally renowned creators of SQL injection tools, applications, and educational materials.

DOWNLOAD LINK:
http://adf.ly/ZewH2
Read more

by Malik korrich ~ dimanche 15 février 2015 0 commentaires

Linux Shell Scripting Cookbook, 2nd Edition

The shell remains one of the most powerful tools on a computer system - yet a large number of users are unaware of how much one can accomplish with it. Using a combination of simple commands, we will see how to solve complex problems in day to day computer usage.

Linux Shell Scripting Cookbook, 2nd Edition will take you through useful real-world recipes designed to make your daily life easy when working with the shell. The book shows the reader how to effectively use the shell to accomplish complex tasks with ease.

The book discusses basics of using the shell, general commands and proceeds to show the reader how to use them to perform complex tasks with ease.

Publisher: Packt Publishing
By: Shantanu Tushar, Sarath Lakshman
ISBN: 978-1-78216-274-2
Year: 2013
Pages: 384
Language: English
File size: 4 MB
File format: PDF

DOWNLOAD LINK:
http://adf.ly/pz5Gk
Read more

by Malik korrich ~ 0 commentaires

Network Security Hacks, 2nd Edition

 
 
 
In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well. This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending and incident response. In fact, this “roll up your sleeves and get busy” security book features updated tips, tricks & techniques across the board to ensure that it provides the most current information for all of the major server software packages. These hacks are quick, clever, and devilishly effective.

DOWNLOAD LINK:
http://adf.ly/abY9P
 
Read more

by Malik korrich ~ 0 commentaires

HTML in 10 Simple steps

Type: E-Book

Welcome to HTML in 10 Simple Steps or Less. Our mission in writing this book is to provide a quick and accessible way for you to learn Hypertext Markup Language — the lingua franca of the World Wide Web. We hope this book provides a resource that beginning and intermediate HTML coders can use to improve their Web development skills. It is also our hope that it fills multiple roles as both a teaching tool and a reference once you expand your skills.

What This Book Is
Each part in this book pertains to a different aspect of HTML and Web production, and we devote each task within the parts to building a specific piece of Web page content. We’ve laid out these tasks in 10 steps or less so they’re easy to internalize and become part of your personal skill set.

How to Use This Book
We think of this book as a multipurpose tool — perhaps the Swiss Army knife of HTML coding. Not
only can you employ it as a guide to creating individual pieces of Web page content, but you can also use this book as a valuable teaching tool. By working through the book’s tasks in sequence, you will learn the basics of Web page development — from constructing tags (the core components of Hypertext Markup Language) to publishing complete sites to a Web server.





 Like it ? Share it.
Read more

by Malik korrich ~ vendredi 16 janvier 2015 0 commentaires

Hackers Beginners Guide

Type: E-Book

"Computer hacker," is someone who lives and breathes computers, who knows all about computers, who can get a computer to do anything. Equally important, though, is the hacker's attitude. Computer programming must be a hobby, something done for fun, not out of a sense of duty or for the money. (It's okay to make money, but that can't be the reason for hacking.) In one sense it's silly to argue about the "true" meaning of a word. A word means whatever people use it to mean.
The concept of hacking entered the computer culture at the Mas-sachusetts Institute of Technology in the 1960s. Popular opinion at IT posited that there are two kinds of students, tools and hackers. A "tool" is someone who attends class regularly, is always to be found in the library when no class is meeting, and gets straight As. A "hacker" is the opposite: someone who never goes to class, who in fact sleeps all day, and who spends the night pursuing recreational activities rather than studying. There was thought to be no middle ground. What does this have to do with computers? Originally, nothing but there are standards for success as a hacker, just as grades form a standard for success as a tool. The true hacker can't just sit around all night; he must pursue some hobby with dedication and flair. It can be telephones, or railroads (model, real, or both), or science fiction fandom, or ham radio, or broadcast radio. It can be more than one of these. Or it can be computers, the word "hacker" is generally used among IT students to refer not to computer hackers but to building hackers, people who explore roofs and tunnels where they're not supposed to be.
There are specialties within computer hacking. An algorithm hacker knows all about the best algorithm for any problem. A system hacker knows about designing and maintaining operating systems. And a "password hacker" knows how to find out someone else's password. Someone who sets out to crack the security of a system for financial gain is not a hacker at all. It's not that a hacker can't be a thief, but a hacker can't be a professional thief. A hacker must be fundamentally an amateur, even though hackers can get paid for their expertise. A password hacker whose primary interest is in learning how the system works doesn't therefore necessarily refrain from stealing information or services, but someone whose primary interest is in stealing isn't a hacker.






Like it ? Share it.
Read more

by Malik korrich ~ mercredi 7 janvier 2015 1 commentaires

[BUY] "Website Defacing Cookbook ~ A Step by Step Guide to Website Defacing"

Do you want to learn how website hackers manage to deface website and change it's index pages with their own fancy coded pages. If your answer is 'YES' then surly you are at a right place. We are selling an e-book titled "Website Defacing  Cookbook ~ A Step by Step Guide to Website Defacing"

with the help of you will be able to deface 60%-70% of the websites present of the WORLD WIDE WEB (WWW) i.e. on The Internet.
For Hacking Sec readers we are selling this book for only 12$ with 24*7 email assistance if you are struck somewhere while performing the methods described in the book.
"Website Defacing Cookbook" is a step by step guide to defacing, revealing the secrets, methods and techniques used by around 60% - 70% of web defacers to deface website. All the methods described in the book includes screenshots and POC (proof-of-concept) to help you understand and learn better.

We are giving 24*7 email support if you are having any problem in understanding any of the methods described in the book. Just e-mail us with your query and we will e-mail you back within 24 hours of your request with the solution to your query. If you need any other information regarding this book. Just hit me with an e-mail at codesmasher007@gmail.com

We are giving 10 days money back guarantee too, so HURRY UP

Just spend 12$ and learn methods which will help you to deface almost 60%-70% Websites and Servers present on the Internet.
We will help you too, in defacing your targets, when you buy our book with 24x7 email assistance and support.


Want to Buy?

You can buy this book through Paypal, Just visit 
HERE

And order your book.

Having any query regarding this book, feel free to contact us at codesmasher007@gmail.com
Read more

by Malik korrich ~ mardi 23 septembre 2014 0 commentaires

Backtrack 5 Wireless Penetration Ebook [Direct Link]

Backtrack 5 Wireless Penetration Ebook
Chapter 1: 
Wireless Lab Setup
Hardware requirements
Software requirements
Installing BackTrack
Time for action – installing BackTrack
Setting up the access point
Time for action – configuring the access point
Setting up the wireless card
Time for action – configuring your wireless card
Connecting to the access point
Time for action – configuring your wireless card

Chapter 2: 

WLAN and Its Inherent
Insecurities
Revisiting WLAN frames
Time for action – creating a monitor mode interface
Time for action – sniffing wireless packets
Time for action – viewing Management,
Control, and Data frames
Time for action – sniffing data packets for our network
Time for action – packet injection
Important note on WLAN sniffing and injection
Time for action – experimenting with your Alfa card
Role of regulatory domains in wireless
Time for action – experimenting with your Alfa card

Chapter 3: 
Bypassing WLAN
Authentication
Hidden SSIDs
Time for action – uncovering hidden
SSIDs
MAC filters
Time for action – beating MAC filters
Open Authentication
Time for action – bypassing Open
Authentication
Shared Key Authentication
Time for action – bypassing Shared
Authentication

Chapter 4: 
WLAN Encryption
Flaws
WLAN encryption
WEP encryption
Time for action – cracking WEP
WPA/WPA2
Time for action – cracking WPA-PSK weak passphrase
Speeding up WPA/WPA2 PSK cracking
Time for action – speeding up the cracking process
Decrypting WEP and WPA packets
Time for action – decrypting WEP and
WPA packets
Connecting to WEP and WPA networks
Time for action – connecting to a WEP network
Time for action – connecting to a WPA network

Chapter 5: 
Attacks on the WLAN
Infrastructure
Default accounts and credentials on the access point
Time for action – cracking default accounts on the access points
Denial of service attacks
Time for action – De-Authentication DoS attack
Evil twin and access point MAC spoofing
Time for action – evil twin with MAC spoofing
Rogue access point
Time for action – Rogue access point

Chapter 6: 
Attacking the Client
Honeypot and Mis-Association attacks
Time for action – orchestrating a Mis-
Association attack
Caffe Latte attack
Time for action – conducting the Caffe
Latte attack
De-Authentication and Dis-Association attacks
Time for action – De-Authenticating the client
Hirte attack
Time for action – cracking WEP with the
Hirte attack
AP-less WPA-Personal cracking
Time for action – AP-less WPA cracking
Summary

Chapter 7: 

Advanced WLAN
Attacks
Man-in-the-Middle attack
Time for action – Man-in-the-Middle attack
Wireless Eavesdropping using MITM
Time for action – wireless eavesdropping
Session Hijacking over wireless
Time for action – session hijacking over wireless
Finding security configurations on the client
Time for action – enumerating wireless security profiles
Summary

Chapter 8: 
Attacking WPA-Enterprise and RADIUS
Setting up FreeRadius-WPE
Time for action – setting up the AP with
FreeRadius-WPE
Attacking PEAP
Time for action – cracking PEAP
Attacking EAP-TTLS
Time for action – cracking EAP-TTLS
Security best practices for Enterprises
Summary

Chapter 9: 
WLAN Penetration
Testing Methodology
Wireless penetration testing
Planning
Discovery
Time for action – discovering wireless devices
Attack
Finding rogue access points
Finding unauthorized clients
Cracking the encryption
Compromising clients
Reporting
Summary
DOWNLOAD LINK:
Read more

by Malik korrich ~ mercredi 17 septembre 2014 0 commentaires

PostgreSQL up and Running


PostgreSQL up and Running

If you’re thinking about migrating to the PostgreSQL open source database system, this guide provides a concise overview to help you quickly understand and use PostgreSQL’s unique features. Not only will you learn about the enterprise class features in the 9.2 release, you’ll also discover that PostgeSQL is more than just a database system—it’s also an impressive application platform.

With numerous examples throughout this book, you’ll learn how to achieve tasks that are difficult or impossible in other databases. If you’re an existing PostgreSQL user, you’ll pick up gems you may have missed along the way.

Learn basic administration tasks, such as role management, database creation, backup, and restore
Apply the psql command-line utility and the pgAdmin graphical administration tool
Explore PostgreSQL tables, constraints, and indexes
Learn powerful SQL constructs not generally found in other databases
Use several different languages to write database functions
Tune your queries to run as fast as your hardware will allow
Query external and variegated data sources with Foreign Data Wrappers
Learn how to replicate data, using built-in replication features.
DOWNLOAD LINK: 
Read more

by Malik korrich ~ 0 commentaires

Android Security: Attacks and Defenses

Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.

Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.

The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.

The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.

The book’s site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.
Read more

by Malik korrich ~ 0 commentaires

Hacking Firefox: More Than 150 Hacks, Mods, and Customizations (Extreme Tech)

They dreamed of a better browser . . . and before you could say "explore no more," Firefox was born. But already you want more. Tighter security, greater functionality. A custom installation for Linux. Maybe even that unique extension you've always dreamed of creating. Well, if you want to tweak the Fox, here are over 400 pages of ways to do it. From hacking profile settings to cracking links and cleaning out the cookie jar, this is the stuff that puts you in control.

Step-by-step instructions for these hacks and dozens more

Settings, content, and extension hacks
Hacking the interface and themes
Performance boosters
Anti-phishing and security hacks
Toolbar and status bar tweaks
Navigation, download, and search hacks
Hacks for common plugins
Extension and theme creation
DOWNLOAD LINK:
Read more

by Malik korrich ~ 0 commentaires

The Shell-coder's Handbook: Discovering and Exploiting Security Holes second Edition

This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application
New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista
Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored
The companion Web site features downloadable code files
Read more

by Malik korrich ~ 0 commentaires

Hacker Techniques, Tools, and Incident Handling (Jones & Bartlett Learning Information Systems Security & Assurance Series)

Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It goes on to review the technical overview of hacking: how attacks target networks and the methodology they follow. The final section studies those methods that are most effective when dealing with hacking attacks, especially in an age of increased reliance on the Web. Written by a subject matter expert with numerous real-world examples, Hacker Techniques, Tools, and Incident Handling provides readers with a clear, comprehensive introduction to the many threats on our Internet environment and security and what can be done to combat them.

DOWNLOAD LINK:
https://mega.co.nz/#!9s8EGR6C!IpfBiEiDpSUI0cIftBSv805nuIsqqxDrEcR5_ZWvv44
Newer Pos
Read more

by Malik korrich ~ 0 commentaires

Steal This Computer Book 4.0 (What They Won't Tell You about the Internet)

If you thought hacking was just about mischief-makers hunched over computers in the basement, think again. As seasoned author Wallace Wang explains, hacking can also mean questioning the status quo, looking for your own truths, and never accepting at face value anything authorities say or do.

The completely revised fourth edition of this offbeat, non-technical book examines what hackers do, how they do it, and how you can protect yourself. Written in the same informative, irreverent, and entertaining style that made the first three editions hugely successful, Steal This Computer Book 4.0 will expand your mind and raise your eyebrows. New chapters discuss the hacker mentality, social engineering and lock picking, exploiting P2P file-sharing networks, and how people manipulate search engines and pop-up ads to obtain and use personal information. Wang also takes issue with the media for "hacking" the news and presenting the public with self-serving stories of questionable accuracy. Inside, you'll discover:

How to manage and fight spam and spyware How Trojan horse programs and rootkits work, and how to defend against them How hackers steal software and defeat copy-protection mechanisms How to tell if your machine is being attacked and what you can do to protect it Where the hackers are, how they probe a target and sneak into a computer, and what they do once they get inside How corporations use hacker techniques to infect your computer and invade your privacy How you can lock down your computer to protect your data and your personal information using free programs.
Read more

by Malik korrich ~ 0 commentaires

Secrets of a Super Hacker

Once more, Loompanics publishes something other houses wouldn't: a guide to violating computer security. Covering hacking scenarios ranging from the merely mischievous to the criminal, the super hacker known as the Knightmare gives step-by-step instructions in meaningful hacking from a personal computer. Fortunately, he also includes a section on state and federal computer laws, allowing potential hackers to be cognizant of the sanctions they risk with any particular project. Appendixes offer an array of technical explanations and tips for understanding database and system structures; tips cover password divination and searching strategies; and a glossary, besides explaining terms likely to be encountered in any particular documentation being hacked, enhances the hacker's ability to share experiences and tips. As science outstrips society's control of information, systems of secretkeeping proliferate maddeningly. Yet with this book, the keyboard jockey can enter all sorts of "secure" systems, databases, and records; and a hacker-security chapter explains both why hacking is a valuable and useful activity and--equally important because entering and altering systems without clearance is generally illegal--how to avoid getting caught. Mike Tribby
Read more

by Malik korrich ~ 0 commentaires

The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition

The highly successful security book returns with a new edition, completely updatedWeb applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.

Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition
Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more
Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks

Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws..

DOWNLOAD LINK:
http://www.sendspace.com/file/vq1x8h
Read more

by Malik korrich ~ 0 commentaires

Java in 60 Minutes A Day book

Java in 60 Minutes A Day book

Java is a programming language and computing platform first released by Sun Micro systems in 1995. There are lots of applications and websites that will not work unless you have Java installed, and more are created every day. Java is fast, secure, and reliable. From laptops to data centers, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere!
Author: Rich Raposa
Features: A revolutionary virtual classroom
Book Name: Java in 60 minutes a day
Introduction:

Chapter 1: Getting Started with Java.

Chapter 2: Java Fundamentals.

Chapter 3: Control Structures.

Chapter 4: Classes and Objects.

Chapter 5: Methods.

Chapter 6: Understanding Inheritance.

Chapter 7: Advanced Java Language Concepts.

Chapter 8: Polymorphism and Abstraction.

Chapter 9: Collections.

Chapter 10: Interfaces.

Chapter 11: Exception Handling.

Chapter 12: An Introduction to GUI Programming.

Chapter 13: GUI Components and Event Handling.

Chapter 14: Applets.

Chapter 15: Threads.

Chapter 16: Input and Output.

Chapter 17: Network Programming.

Chapter 18: Database Programming.

Chapter 19: JavaBeans.

Appendix: 
About the 60 Minutes Web Site.

Index.

DOWNLOAD LINK:

Read more

by Malik korrich ~ 0 commentaires

Hacking and Securing iOS Applications

If you’re an app developer with a solid foundation in Objective-C, this book is an absolute must—chances are very high that your company’s iOS applications are vulnerable to attack. That’s because malicious attackers now use an arsenal of tools to reverse-engineer, trace, and manipulate applications in ways that most programmers aren’t aware of.

This guide illustrates several types of iOS attacks, as well as the tools and techniques that hackers use. You’ll learn best practices to help protect your applications, and discover how important it is to understand and strategize like your adversary.

Examine subtle vulnerabilities in real-world applications—and avoid the same problems in your apps
Learn how attackers infect apps with malware through code injection
Discover how attackers defeat iOS keychain and data-protection encryption
Use a debugger and custom code injection to manipulate the runtime Objective-C environment
Prevent attackers from hijacking SSL sessions and stealing traffic
Securely delete files and design your apps to prevent forensic data leakage
Avoid debugging abuse, validate the integrity of run-time classes, and make your code harder to trace
Read more

by Malik korrich ~ 0 commentaires

Mission-Critical Network Planning

Whether a terrorist attack, fibre cut, security breach, natural disaster or traffic overload, today's networks must be designed to withstand adverse conditions and provide continuous service. This comprehensive, leading-edge book reveals the techniques and strategies to help you keep enterprise data and voice networks in service under critical circumstances. You learn numerous ways to minimize single points of failure through redundancy and backups, and discover how to select the right networking technologies to improve survivability and performance.
Read more

by Malik korrich ~ 0 commentaires

C++ For Hackers

This tutorial is designed for everyone: 
Even if you've never programmed before or if you have extensive experience programming in other languages and want to expand into C++! It is for everyone who wants the feeling of accomplishment from a working program.

I hope you will find it useful!
DOWNLOAD LINK:
https://mega.co.nz/#!BllkyBiZ!Q0MXaE4OBOLTCd2F7mBPmwukFIt9qv6ogX-gbbnN1Es
Read more

by Malik korrich ~ 0 commentaires

OWASP TOP 10 2013

The OWASP Top Ten provides a powerful awareness document for web application security. The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.
Read more

by Malik korrich ~ 0 commentaires

« Articles plus anciens