No Starch Press, 2014. — 192 p. — ISBN10: 1593275900. — ISBN13: 9781593275907. Python is the language of choice for hackers and security analysts for creating powerful and effective tools. Ever wonder how they do it? A follow-up to the perennial best-seller Gray Hat Python, Justin Seitz's Black Hat Python explores the darker side of Python's capabilities—writing network...
Монография. — Старый Оскол: ООО «ТНТ», 2005. — 448 с. ISBN 5-94178-070-2 Понятие информационной безопасности предприятия Необходимость защиты информации на предприятии Классификация угроз безопасности информации Каналы утечки информации Аудит системы информационной безопасности предприятия Организация системы информационной безопасности предприятия Стандарты информационной...
No Starch Press, 2011., - 328 p., - ISBN: 978-1593272883 The free and open source Metasploit Framework is the most popular suite of penetration testing tools in the world, with more than one million downloads yearly. Metasploit: The Penetration Tester's Guide teaches readers how to identify vulnerabilities in networks by using Metasploit to launch simulated attacks. The book's...
Apress, 2018. - 371p. - ISBN: 1484232127 Apply Open Source Intelligence (OSINT) techniques, methods, and tools to acquire information from publicly available online sources to support your intelligence analysis. Use the harvested data in different scenarios such as financial, crime, and terrorism investigations as well as performing business competition analysis and acquiring...
NoStarch press, 2015. — 237 c. Когда дело доходит до создания мощных и эффективных инструментов взлома, Python является языком выбора для большинства аналитиков безопасности. Но как же происходит это волшебство? В Black Hat Python, от Юстина Зейтца (автора популярного Gray Hat Python), вы будете исследовать более темную сторону возможностей Python - писать сетевые снифферы,...
2nd edition. — No Starch Press, Inc, 2021. — 217 p. — ISBN 978-1718501126. Fully-updated for Python 3, the second edition of this worldwide bestseller (over 100,000 copies sold) explores the stealthier side of programming and brings you all new strategies for your hacking projects. When it comes to creating powerful and effective hacking tools, Python is the language of choice...
6th Edition. — CreateSpace Independent Publishing Platform, 2018. — 476 p. — ISBN10: 1984201573. — ISBN13: 978-1984201577. Completely Rewritten Sixth Edition Sheds New Light on Open Source Intelligence Collection and AnalysisAuthor Michael Bazzell has been well known in government circles for his ability to locate personal information about any target through Open Source...
2-е изд. — Пер. с англ. А. Павлов. — СПб.: Питер, 2022. — 256 с.: ил. — (Библиотека программиста). — ISBN: 978-5-4461-3935-4. Когда речь идет о создании мощных и эффективных хакерских инструментов, большинство аналитиков по безопасности выбирают Python. Во втором издании бестселлера Black Hat Python вы исследуете темную сторону возможностей Python — все от написания сетевых...
Название: Security Information and Event Management (SIEM) Implementation
Издательство: McGraw-Hill
Автор: David Miller, Shon Harris, Allen Harper, and Stephen VanDyke
Год: 2010
Количество страниц: 464
Язык: English
Effectively manage the security information and events produced by your network with help from this authoritative guide. Written by IT security experts,...
CRC Press, 2016. — 586 p. — ISBN10: 1498723187. — ISBN13: 978-1498723183 The Internet of Things (IoT) has attracted strong interest from both academia and industry. Unfortunately, it has also attracted the attention of hackers. Security and Privacy in Internet of Things (IoTs): Models, Algorithms, and Implementations brings together some of the top IoT security experts from...
The Pragmatic Bookshelf, 2016. — 244 p. — ISBN: 9781680501834
This book is for everyone: As a tester, you'll automate your tests. As a developer, you'll build more robust solutions. And as a team, you'll gain a vocabulary and a means to talk about and coordinate how to write automated tests. Follow the testing pyramid and level up your skills in user interface testing,...
Монография. — СПб.: Наукоемкие технологии, 2018. — 122 с. В монографии представлен авторский подход к систематизации основных сведений об этапах, теоретических и практических подходах к аудиту информационной безопасности критической информационной инфраструктуры. На основе этой систематизации сформирован оригинальный подход к тестированию информационных систем, как одного из...
Под ред. доц. А. С. Маркова. — М.: Радио и связь, Эшелон-Эспадон, 2012. — 192 с. — ISBN: 5-89776-015-2. Книга подготовлена экспертами испытательной лаборатории «Эшелон» как обобщение опыта исследований в области безопасности информационно-программных ресурсов. Содержит метрики, модели и формальные методики испытаний средств защиты информации и тестирования безопасности...
John Wiley & Sons, Inc., 2010, - 696 pages. 2nd Edition.
When it comes to computer security, the role of auditors today has never been more crucial. Auditors must ensure that all computers, in particular those dealing with e-business, are secure. The only source for information on the combined areas of computer audit, control, and security, the IT Audit, Control, and Security...
Syngress, Elsevier, 2012. — 320 p. ISBN: 1597497290 Tools used for penetration testing are often purchased or downloaded from the Internet. Each tool is based on a programming language such as Perl, Python, or Ruby. If a penetration tester wants to extend, augment, or change the functionality of a tool to perform a test differently than the default configuration, the tester...
8th edition. — Independently published, 2021. — 667 p. — ISBN 979-8578577086. Completely rewritten 8th edition (2021) contains over 650 pages throughout 31 chapters! It is time to look at OSINT in a different way. For many years, and within the previous editions of this book, we have relied on external resources to supply our search tools, virtual environments, and...
СПб.: Питер, 2018. — 272 с. — (Библиотека программиста). — ISBN: 978-5-4461-0662-2. В этой книге рассматриваются методы обхода систем безопасности сетевых сервисов и проникновения в открытые информационные системы. Информационная безопасность, как и многое в нашем мире, представляет собой медаль с двумя сторонами. С одной стороны, мы проводим аудит, ищем способы проникновения и...
Second Edition. — McGraw-Hill Professional, 2011. — 480 p. — ISBN: 978-0-07-174239-9. Protect Your Systems with Proven IT Auditing Strategies. Secure Your Systems Using the Latest IT Auditing Techniques.Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Second Edition, explains, step by step, how to implement a...
Second Edition. — Packt Publishing, 2016. — 524 p. — ISBN: 978-1785883491. True PDF Key Features Learn a systematic process for professional security and penetration testing Explore and build intricate architectures that allow you to emulate an enterprise network Examine and perform research to identify the latest vulnerabilities and, build a lab and test them! Learn methods to...
Packt Publishing, 2014 - 150; ISBN13: 978-1-84969-510-7; на англ. языке. Book Description This book teaches you to take your problem solving capabilities to the next level with the Bash shell, to assess network and application level security by leveraging the power of the command-line tools available with Kali Linux. The book begins by introducing some of the fundamental bash...
Addison-Wesley Professional, 2006. — 1244 p. — ISBN: 9780321444424. Introduction to Software Security Assessment Software Vulnerability Fundamentals Design Review Operational Review Application Review Process Software Vulnerabilities Memory Corruption C Language Issues Program Building Blocks Strings and Metacharacters Unix I: Privileges and Files Unix II: Processes Windows I:...
Packt Publishing, 2014. — 154 p. — ISBN13: 978-1-78328-898-4. Android is the most popular mobile smartphone operating system at present, with over a million applications. Every day hundreds of applications are published to the PlayStore, which users from all over the world download and use. Often, these applications have serious security weaknesses in them, which could lead an...
CRC Press, 2017. — 339 p. — (Internal Audit and IT Audit). — ISBN: 978-1-4987-4639-7. Internal auditors are expected to perform risk-based audits, but do so partially because they focus on financial and compliance risks at the expense of operational, strategic and technological ones. This limits their ability to evaluate critical risks and processes. This book merges...
Packt Publishing, — 2014. 430 p. — ISBN: 978-1-78328-477-1. This book will provide you with a systematic process to follow when building a virtual environment to practice penetration testing. Throughout the book, network architectures will be created that allow for the testing of virtually any production environment. Introducing Penetration Testing. Security testing....
Auerbach Publications, 2017. - 440p. - ISBN: 978-1498737142 There are many webinars and training courses on Data Analytics for Internal Auditors, but no handbook written from the practitioner’s viewpoint covering not only the need and the theory, but a practical hands-on approach to conducting Data Analytics. The spread of IT systems makes it necessary that auditors as well as...
Syngress, 2016. — 458 p. — ISBN: 978-0-12-802149-1. Continuing a tradition of excellent training on open source tools, Penetration Tester's Open Source Toolkit, Fourth Edition is a great reference to the open source tools available today and teaches you how to use them by demonstrating them in real-world examples. This book expands upon existing documentation so that a...
USA: No Starch Press, 2025. — 347 p. — (Final). — ISBN-13 978-1-7185-0375-5. Креативные сценарии для хакеров и пентестеров Master the art of offensive bash scripting. This highly practical hands-on guide covers chaining commands together, automating tasks, crafting living-off-the-land attacks, and more! In the hands of the penetration tester, bash scripting becomes a powerful...
Руководство. — Минск: Интернет-издание http://itsec.by, 2012. — 87 с.
Книга имеет второе название: "Аудит СМИБ ISO 27001"
Данное руководство содержит рекомендации для ИТ аудиторов, по проведению аудита СМИБ на соответствие серии стандартов ISO 2700x. Также после реализации СМИБ руководство может использоваться при проведении анализа СМИБ со стороны руководства. Руководство...
Course Technology/Cengage Learning, 2010. - 237 p. ISBN: 1435483677 The Security Analyst Series from EC-Council | Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this series is designed to expose the reader to groundbreaking methodologies in conducting thorough information...
Syngress, 2011. - 441 p.
Great commercial penetration testing tools can be very expensive and sometimes hard to use or of questionable accuracy. This book helps solve both of these problems. The open source, no-cost penetration testing tools presented do a great job and can be modified by the user for each situation. Many tools, even ones that cost thousands of dollars, do not...
Second Edition. — Syngress, 2017. —323 p. — ISBN: 978-0-12-805472-7. This book, Second Edition provides readers with an understanding of the scripting languages that are commonly used when developing tools for penetration testing, also guiding users through specific examples of custom tool development and the situations where such tools might be used. While developing a better...
Apress Media LLC., 2020. — 252 p. — ISBN13: 978-1-4842-6433-1. Use Red Hat’s security tools to establish a set of security strategies that work together to help protect your digital data. You will begin with the basic concepts of IT security and DevOps with topics such as CIA triage, security standards, network and system security controls and configuration, hybrid cloud...
Boca Raton: CRC Press, 2022. — 194 p. The text is written to provide readers with a comprehensive study of information security and management system, audit planning and preparation, audit techniques and collecting evidence, international information security (ISO) standard 27001, and asset management. It further discusses important topics such as security mechanisms, security...
Third Edition. — McGraw-Hill, 2019. — 817 p. — ISBN: 9781260453232 ecure Your Systems Using the Latest IT Auditing Techniques Fully updated to cover leading-edge tools and technologies, IT Auditing: Using Controls to Protect Information Assets, Third Edition explains, step by step, how to implement a successful, enterprise-wide IT audit program. New chapters on auditing...
Pearson IT Certification, 2018. — 510 р. — ISBN: 0789759373. The perfect introduction to pen testing for all IT professionals and students Clearly explains key concepts, terminology, challenges, tools, and skills Covers the latest penetration testing standards from NSA, PCI, and NIST Welcome to today’s most useful and practical introduction to penetration testing. Chuck Easttom...
Packt Publishing, 2015. - 178p.
Employ the power of Python to get the best out of pentesting.
This book is a practical guide that shows you the advantages of using Python for pentesting with the help of detailed code examples.
We start by exploring the basics of networking with Python and then proceed to network hacking. Next, we delve into hacking the application layer...
2nd Edition, Early Access edition, 12/3/20. — Independently published, 2021. — 200 p.— ISBN 978-1-7185-0112-6, 978-1-7185-0113-3. Fully-updated, second edition of this worldwide bestseller with over 100,000 copies sold. When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In Black Hat Python, you’ll explore...
No Starch Press, 2023. — 132 p. — ISBN 13 978-1-7185-0375-5. Delve into the world of offensive cybersecurity as you master Bash, a fundamental language for expert penetration testers. Unleash its potential as a portable toolset applicable across various operating systems like Linux and MacOS. Bash is a shell scripting language used to interact with components of the Linux...
Packt Publishing, 2015. — 220 p.
Penetration testing is a tool for testing computer systems, networks, or web applications to find vulnerabilities that an attacker could exploit. By performing a penetration test, you can proactively identify which vulnerabilities are most critical. This allows your organization to more intelligently prioritize remediation and apply necessary...
Second Edition. — CRC Press, 2022. — 379 p. — (Internal Audit and IT Audit). Internal auditors are expected to perform risk-based audits, but do so partially because they focus on financial and compliance risks at the expense of operational, strategic and technological ones. This limits their ability to evaluate critical risks and processes. This book merges traditional...
Wiley, 2013. — 434 p. ISBN10: 1118072618 ISBN13: 978-1118072615 Essential guidance for the financial auditor in need of a working knowledge of IT If you're a financial auditor needing working knowledge of IT and application controls, Automated Auditing Financial Applications for Small and Mid-Sized Businesses provides you with the guidance you need. Conceptual overviews of key...
Учебное пособие. — Владимир: Изд-во ВлГУ, 2022. — 368 с. В учебном пособии представлен систематизированный материал по основам проведения экспертизы, анализу и обработке экспертных данных в задачах оценки основных показателей в сфере информационной безопасности и принятия решений в условиях противостояния угрозам информационной безопасности.
СИ, 2019. - 144 с. Эта книга познакомит вас с основами трех таких инструментов: NMAP, OpenVAS и Metasploit. Просто используя эти три инструмента, вы приобретете широкие возможности тестирования на проникновение. К концу этой книги вы получите полное представление о NMAP, OpenVAS и Metasploit и сможете применить свои навыки в реальных сценариях пентестинга.
М.: ДМК Пресс, 2010. — 336 с.: ил. — ISBN: 978-5-94074-517-4. Эта книга является первым исследованием, написанным отечественным автором, которое посвящено проблеме безопасности СУБД Oracle. Материал книги основан на практическом опыте автора, полученном им в результате проведения тестов на проникновение и обширной исследовательской деятельности в области безопасности СУБД....
Packt Publishing, 2015. — 132 p. — ISBN: 9781784395049. A penetration test is one of the most important methods to secure a network or any individual machine. Having knowledge of these methods can enable a user to protect himself/herself from any kinds of attacks. Penetration tests can also be used to discover flaws or loop holes in one's security system, which if not fixed,...
Учебное пособие. — Тамбов: Тамбовский государственный технический университет (ТГТУ), 2019. — 84 с. — ISBN 978-5-8265-2090-1. Рассмотрены вопросы пассивного и активного аудита безопасности элементов критической информационной инфраструктуры, отдельное внимание уделяется работе с комплексными разведывательными средствами. Приведены подходы, используемые для тестирования типовых...
Учебное пособие. — СПб.: Наукоемкие технологии, 2023. — 122 с. — ISBN 978-5-907618-78-7. В учебном пособии представлен материал по систематизации основных сведений об этапах, теоретических и практических подходах к аудиту информационной безопасности критической информационной инфраструктуры. На основе этой систематизации сформирован оригинальный подход к тестированию...
Packt Publishing, 2024. — 298 p. Key Features: Leverage PowerShell's unique capabilities at every stage of the Cyber Kill Chain, maximizing your effectiveness Perform network enumeration techniques and exploit weaknesses with PowerShell's built-in and custom tools Learn how to conduct penetration testing on Microsoft Azure and AWS environments Book Description: PowerShell for...
Packt Publishing, 2024. — 290 p. Key Features: Gain detailed insights into vulnerabilities and attack vectors for RESTful and GraphQL APIs Follow practical advice and best practices for securing APIs against potential threats Explore essential security topics, potential vulnerabilities, common attack vectors, and the overall API security landscape Book Description:...
Packt Publishing, 2023. — 450 p. Key Features: Set up and optimize Burp Suite to maximize its effectiveness in web application security testing Explore how Burp Suite can be used to execute various OWASP test cases Get to grips with the essential features and functionalities of Burp Suite Book Description: With its many features, easy-to-use interface, and flexibility, Burp...
Birmingham: Packt, 2024. — 403 p. — ISBN 978-1-83588-082-1. Level up your pentesting skills by learning how to perform advanced system reconnaissance, and streamline offensive operations with command-line scripting Bash shell scripting is essential for penetration testing because it’s versatile and efficient and integrates thoroughly with the Unix-based systems commonly used in...
FeelzON, 2022. — 47 p. — ASIN, B09TL8MB97. Стратегический хакер Even a hacker must have a strategy! So, did Director RM of BTS Company really adapt well to the company? About 20 years ago, when I majored in system and network security, there weren’t many universities that offered security-related education, and there weren’t many colleges that had departments majoring in...
CRC Press, Taylor & Francis Group, LLC., 2021. — 129 p. — (Internet of Everything (IoE)). — ISBN 978-0-367-26043-9. This book focuses on RFID (Radio Frequency Identification), IoT (Internet of Things), and WSN (Wireless Sensor Network). It includes contributions that discuss the security and privacy issues as well as the opportunities and applications that are tightly linked to...
Packt Publishing, 2021. — 382 p. — ISBN 978-1-78961-913-3. Code Files Only! Explore embedded systems pentesting by applying the most common attack techniques and patterns Key Features Learn various pentesting tools and techniques to attack and secure your hardware infrastructure Find the glitches in your hardware that can be a possible entry point for attacks Discover best...
IOS Press, 2020. — 204 p. — (Ambient Intelligence and Smart Environments, 27). — ISBN 978-1-64368-052-1. The Internet of Things (IoT) can be defined as any network of things capable of generating, storing and exchanging data, and in some cases acting on it. This new form of seamless connectivity has many applications: smart cities, smart grids for energy management, intelligent...
Packt Publishing, 2021. — 382 p. — ISBN 978-1-78961-913-3. Explore embedded systems pentesting by applying the most common attack techniques and patterns Key Features Learn various pentesting tools and techniques to attack and secure your hardware infrastructure Find the glitches in your hardware that can be a possible entry point for attacks Discover best practices for...
IGI Global, 2021. — 275 p. – (Advances in Digital Crime, Forensics, and Cyber Terrorism (ADCFCT) Book Series). — ISBN 9781799841623. With the continued progression of technologies such as mobile computing and the internet of things (IoT), cybersecurity has swiftly risen to a prominent field of global interest. This has led to cyberattacks and cybercrime becoming much more...
Springer, 2018. — 144 p. — (Information Security and Cryptography). — ISBN10: 3319671065, ISBN13: 978-3319671062. In this book the author introduces a novel approach to securing exam systems. He provides an in-depth understanding, useful for studying the security of exams and similar systems, such as public tenders, personnel selections, project reviews, and conference...
М.: Русайнс, 2021. — 226 c. — ISBN 798-5-4365-5672-7. Словарь является учебным пособием по информационной безопасности и защите информации. Содержит 1423 терминов и понятий. Предназначен для студентов высших учебных заведений и среднего профессионального образования, обучающихся по специальности 10.02.01 «Организация и технология защиты информации», а также преподавателей и...
Комментарии