The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals. The WSTG is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides Read more…
Red Teaming was seen as a useful tool for generals to evaluate their security posture, Red Team therefore took on the role of the aggressors or “bad guys”. The bad guys do not follow the rules but utilized in a controlled way simulating and emulating what the bad guys can Read more…
Creating GUI Applications with wxPython is a book that will teach you how to use wxPython to create applications by actually creating several mini-programs. I have found that while learning how the various widgets work in wxPython is valuable, it is even better to learn by creating a simple application Read more…
Smartphone usage has created a new means for detection, analysis, diagnosis and monitoring through the use of new apps and attachments. These breakthrough analytical methods offer ways to overcome the drawbacks of more conventional methods, such as the expensive instrumentation that is often needed, complex sample pre-treatment steps, or time-consuming Read more…
A crash course in modern hacking techniques, Ethical Hacking is already being used to prepare the next generation of offensive security experts. In its many hands-on labs, you’ll explore crucial skills for any aspiring penetration tester, security researcher, or malware analyst. You’ll begin with the basics: capturing a victim’s network traffic with Read more…
In Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud Platforms Against Cyberattacks, celebrated cybersecurity professionals and authors Chris Peiris, Binil Pillai, and Abbas Kudrati leverage their decades of experience building large scale cyber fusion centers to deliver the ideal threat hunting resource for both business and technical audiences. Read more…
Drawing from the real-life exploits of five highly regarded IoT security researchers, Practical IoT Hacking teaches you how to test IoT systems, devices, and protocols to mitigate risk. The book begins by walking you through common threats and a threat modeling framework. You’ll develop a security testing methodology, discover the art of Read more…
Social engineering is the art of capitalizing on human psychology rather than technical vulnerabilities to compromise systems. It’s an effective method of attack because even the most advanced security detection teams can do little to defend against an employee clicking a malicious link or opening a file in an email Read more…
Antivirus software is built to detect, prevent, and remove malware from systems, but this does not guarantee the security of your antivirus solution as certain changes can trick the antivirus and pose a risk for users. This book will help you to gain a basic understanding of antivirus software and Read more…
A comprehensive entity security program deploys information asset protection through stratified technological and non-technological controls. Controls are necessary for counteracting threats, opportunities, and vulnerabilities risks in a manner that reduces potential adverse effects to defined, acceptable levels. This book presents a methodological approach in the context of normative decision theory Read more…