Books

The book covers every topic in the latest CISSP exam syllabus, organized in a format that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the exam without wasting time or money.

This book covers every topic in the latest CISM exam syllabus, approaching topics from the ISACA perspective. It's 325+ pages organized in a format that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the CISM exam without wasting time or money.

This book covers every topic in the latest CISA exam syllabus, approaching topics from the ISACA perspective. It's 400+ pages, organized in a format following the syllabus that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the CISA exam without wasting time or money.

Learn how to find interesting behaviour and flaws in JavaScript. Reading this book you will find the latest and greatest techniques for hacking JavaScript and generating XSS payloads. Includes ways to construct JavaScript using only +[]()! characters. Never heard of DOM Clobbering? This book has all the details.

In unethical software, not every line of code is written with good intentions. Unethical Software Engineering: Dark Patterns exposes how to manipulate users, drive profits, and evade accountability. From covert surveillance, monetization at all costs, digital fraud, ranking manipulation, all the way to unethical artificial intelligence practices, this scary book unveils how these "dark patterns" exploit human beings, erode trust, and disrupt digital ethics.Whether you're a developer, an architect, a tech enthusiast, or simply a concerned user, this book will change how you think about your daily apps — and inspire you to demand better. By helping you to draw the line between what is acceptable and what is questionable, Unethical Software Engineering: Dark Patterns shines a light on the digital dark side of software engineering where profits are prioritized over people.

Now we have made it to the kernel. Let's assume you have a chip, any chip, from the suppliers we've just discussed. You might choose to manually load a kernel onto that chip, using a GRand Unified Bootloader (GRUB) to load (or strap) the kernel, and pass all permissions over to it. It is the animus in the machine. There are many different kernels, but they share one interesting characteristic to security: they run with the highest level of access, mediating interactions between user applications and the physical chips. A good kernel will handle low-level tasks like CPU scheduling, memory allocation, device input/output, and system calls. It is the bridge between software and hardware: if the kernel fails to load or crashes, the entire system will halt. To make this level of access a bit safer, the kernel is designed to be always resident in memory, and execute in a protected mode that is isolated from applications. This prevents damage to core system data...

The premise of this book is to provide students a hands-on, go-to resource for building a secure, customizable lab environment in order to enable their own specific pursuits.

Дізнайтеся, як знаходити цікаві поведінки та вади в JavaScript. Читаючи цю книгу, ви знайдете найновіші та найкращі техніки для зламу JavaScript і створення XSS-пейлоадів. Включає способи конструювання JavaScript, використовуючи лише символи +[]()!. Ніколи не чули про DOM Clobbering? У цій книзі є всі деталі.

Programming Linux Anti-Reversing Techniques teaches the reader how to code and analyze well known anti-reversing techniques for Linux. The book shows how a reverse engineer analyzes a binary using tools like IDA, Radare2, GDB, readelf, and more. The code is presented to the reader ready to compile and analyze on their own.

Official companion guide to the OWASP Juice Shop. Being a web application with a vast number of intended security vulnerabilities, the OWASP Juice Shop is supposed to be the opposite of a  best practice  or  template application  for web developers: It is an awareness, training, demonstration and exercise tool for security risks in modern web apps.

El libro cubre todos los temas del programa de estudios más reciente del examen CISSP, organizado en un formato que facilita profundizar en dominios y conceptos específicos del examen de un vistazo, lo que lo convierte en un recurso esencial para cualquiera que aspire a prepararse para el examen sin desperdiciar tiempo ni dinero.

Complete with detailed explanations, practical examples, and real-world scenarios, PayloadsAllTheThings provides everything you need to test, exploit, and secure vulnerable systems.

Hello! I'm Tony Robinson, a senior security analyst and rule writer on the Proofpoint Emerging Threats team. I write rules for the ETOPEN and ETPRO rulesets. My book will teach you about the ins and outs of Suricata, rules and rule writing in general, why the IDS software behaves a certain way, and how to get the most out of your Suricata deployments.

Hello! I'm Tony Robinson, a senior security analyst and rule writer on the Proofpoint Emerging Threats team. I write rules for the ETOPEN and ETPRO rulesets. My book will teach you about the ins and outs of Suricata, rules and rule writing in general, why the IDS software behaves a certain way, and how to get the most out of your Suricata deployments.

Uncover the fascinating world of Linux with this all-inclusive guide designed to transform beginners into confident and knowledgeable users of this powerful operating system.