Books

Linux is one of the best decisions you can make for your computer — but knowing where to start is the hard part. This guide walks you through everything: choosing a distribution, installing it, and using it confidently every day. It was written by Jay LaCroix of Learn Linux TV, for complete beginners. No prior experience required.

The book covers every topic in the latest CISSP exam syllabus, organized in a format that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the exam without wasting time or money.

This book covers every topic in the latest CISM exam syllabus, approaching topics from the ISACA perspective. It's 325+ pages organized in a format that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the CISM exam without wasting time or money.

This book covers every topic in the latest CISA exam syllabus, approaching topics from the ISACA perspective. It's 400+ pages, organized in a format following the syllabus that makes it easy to drill down on specific exam domains and concepts at-a-glance, making it an essential exam resource for anyone who aims to prepare for the CISA exam without wasting time or money.

Learn how to analyze x64 and ARM64 Linux process and kernel crashes and hangs, navigate through core memory dump space and diagnose corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and more than 50 memory analysis patterns. The training consists of more than 70 step-by-step exercises using GDB and WinDbg debuggers.

A practical guide to AI agent security for enterprise teams. Learn how to secure AI agents in production with bounded autonomy, AgentSecOps, MCP security, RAG governance, identity controls, audit evidence, and regulatory readiness.

Master the art of identifying and reporting critical vulnerabilities in password reset flows with this specialist guide. It provides a complete, step-by-step methodology for discovering complex logic flaws that lead to full account takeover. Whether you are a beginner or a professional researcher, this resource gives you the precise strategies needed to turn architectural weaknesses into high-impact security reports.

Now we have made it to the kernel. Let's assume you have a chip, any chip, from the suppliers we've just discussed. You might choose to manually load a kernel onto that chip, using a GRand Unified Bootloader (GRUB) to load (or strap) the kernel, and pass all permissions over to it. It is the animus in the machine. There are many different kernels, but they share one interesting characteristic to security: they run with the highest level of access, mediating interactions between user applications and the physical chips. A good kernel will handle low-level tasks like CPU scheduling, memory allocation, device input/output, and system calls. It is the bridge between software and hardware: if the kernel fails to load or crashes, the entire system will halt. To make this level of access a bit safer, the kernel is designed to be always resident in memory, and execute in a protected mode that is isolated from applications. This prevents damage to core system data...

The comprehensive, current PGP and GnuPG reference: from air-gapped key generation to YubiKey provisioning, Git signing, email encryption, and emergency recovery. Can't afford it? I got you -- scroll to end of description

Get exposure to penetration testing techniques and ethical hacking skills including how to manipulate web traffic, automate scans, and execute controlled exploits.

Software and infrastructure only create value when they pull in the same direction as the business. This book shows IT leaders how to get there: from shaping IT strategy and the architecture roadmap to the daily discipline of IT and architecture governance, all built on a pattern-based approach that adapts to your organization rather than forcing it into a template.Grounded in established frameworks such as TOGAF, COBIT, and ITIL, it pairs solid fundamentals with numerous real-world examples — and gives growing weight to compliance and IT security, now central concerns of any IT management agenda.This English edition is based on the German standard work on the subject, fully revised in its 4th edition (late 2024). It is current with TOGAF 10 and reflects recent developments in business-oriented enterprise architecture — including the open-source tool EDGY and patterns for digital strategy — alongside the latest trends in IT risk management and cybersecurity architecture.

Apprenez comment trouver des comportements intéressants et des failles dans JavaScript. En lisant ce livre, vous découvrirez les techniques les plus récentes et les plus efficaces pour pirater JavaScript et générer des payloads XSS. Comprend des méthodes pour construire du JavaScript en utilisant uniquement les caractères +[]()! Vous n'avez jamais entendu parler de DOM Clobbering ? Ce livre contient tous les détails.

Learn how to find interesting behaviour and flaws in JavaScript. Reading this book you will find the latest and greatest techniques for hacking JavaScript and generating XSS payloads. Includes ways to construct JavaScript using only +[]()! characters. Never heard of DOM Clobbering? This book has all the details.

Prepare yourself for the HashiCorp Certified: Vault Associate exam with this guide! HashiCorp Ambassador, Ned Bellavance reviews the certification objectives, provides insight from real-world experience, and gives key takeaways for to help you focus on what matters most.

This book is designed for individuals who have already learned the basics of web security. It provides a systematic guide to acquiring the "practical bug hunting skills" necessary to achieve your first valid report (First Blood), earn your first bounty, and consistently deliver results in real-world bug bounty programs.