The Browser Hacker’s Handbook by Wade Alcorn, Christian Frichot, Michele Orrù, 2014
The book gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.
The book thoroughly covers complex security issues and explores relevant topics such as:
+ Bypassing the Same Origin Policy
ARP spoofing, social engineering, and phishing to access browsers
+ DNS tunneling, attacking web applications, and proxying—all from the browser
+ Exploiting the browser and its ecosystem (plugins and extensions)
+ Cross-origin attacks, including Inter-protocol Communication and Exploitation
The book gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.
The book thoroughly covers complex security issues and explores relevant topics such as:
+ Bypassing the Same Origin Policy
ARP spoofing, social engineering, and phishing to access browsers
+ DNS tunneling, attacking web applications, and proxying—all from the browser
+ Exploiting the browser and its ecosystem (plugins and extensions)
+ Cross-origin attacks, including Inter-protocol Communication and Exploitation
👍4
The Browser Hacker's Handbook.pdf
12.5 MB
The Browser Hacker’s Handbook by Wade Alcorn, Christian Frichot, Michele Orrù, 2014
👍2
По делу почти ничего не сказано, но школьникам тру хэка читать норм и их родителям что бы говорить мы идем "ВаАти"
https://habr.com/ru/post/651167/
#newbie
https://habr.com/ru/post/651167/
#newbie
Хабр
Пентестер: суть профессии, востребованность, зарплата и другие нюансы
Интриговать людей заявлением «Я работаю хакером», защищать данные, деньги и репутацию компаний в сети — звучит как интересная профессия нового времени. Но о ней мало говорят открыто. Если труд...
😱4❤3🤩3😢2
Небольшой гайд о том как грамотно оформлять свое резюме для подачи потенциальному работодателю
https://habr.com/ru/company/parallels/blog/651017/
#softskill
https://habr.com/ru/company/parallels/blog/651017/
#softskill
Хабр
Грамотное составление и продвижение вашего резюме
Для многих процесс составления резюме муторный и затягивается. Казалось бы, состряпать 1 – 2 листа своей карьеры (если есть что туда вписать) – лёгкое дело. Но это, зачастую, заблуждение. Данная...
👍7
Master librarian is a simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities
GitHub
https://github.com/CoolerVoid/master_librarian
#linux #hacktools
GitHub
https://github.com/CoolerVoid/master_librarian
#linux #hacktools
👍4
AppSec Ezine
The AppSec Ezine was born out of the need to curate contents concerning information security that otherwise one may find scattered across the web. Each edition covers a wide range of topics.
The AppSec Ezine is focused on providing information about problems you should be aware of (old or new issues) and giving you an overview of the latest hot topics - curiosities that get you through your daily work or ignite your passion on the topic
Official page
https://pathonproject.com/appsecezine/
GitHub
https://github.com/Simpsonpt/AppSecEzine
Twitter
https://twitter.com/simps0n
#useful
The AppSec Ezine was born out of the need to curate contents concerning information security that otherwise one may find scattered across the web. Each edition covers a wide range of topics.
The AppSec Ezine is focused on providing information about problems you should be aware of (old or new issues) and giving you an overview of the latest hot topics - curiosities that get you through your daily work or ignite your passion on the topic
Official page
https://pathonproject.com/appsecezine/
GitHub
https://github.com/Simpsonpt/AppSecEzine
https://twitter.com/simps0n
#useful
❤3
Inception E-Zine by russian hackers
Inception — электронный хакерский журнал, проект некоммерческий, он пишется увлеченными энтузиастами для таких же энтузиастов. Журнал публикуется как на русском языке так и английском и полностью посвящен различным аспектам VX: кодинг, реверс, сети, криптография, обзоры, арт и так далее.
Sources
(1) https://xakep.ru/2016/01/14/inception/
(2) http://ru.und3rgr0und.org/wiki/Inception
(3) https://www.securitylab.ru/blog/personal/VxLab/240021.php
(4) https://forum.antichat.ru/threads/397292/
Archive
https://vxlab.info/inception/
Text to team
ezine31337@gmail.com
#useful
Inception — электронный хакерский журнал, проект некоммерческий, он пишется увлеченными энтузиастами для таких же энтузиастов. Журнал публикуется как на русском языке так и английском и полностью посвящен различным аспектам VX: кодинг, реверс, сети, криптография, обзоры, арт и так далее.
Sources
(1) https://xakep.ru/2016/01/14/inception/
(2) http://ru.und3rgr0und.org/wiki/Inception
(3) https://www.securitylab.ru/blog/personal/VxLab/240021.php
(4) https://forum.antichat.ru/threads/397292/
Archive
https://vxlab.info/inception/
Text to team
ezine31337@gmail.com
#useful
❤5
Network Protocols for Security Professionals, by Yoram Orzach, early access production, published by Packt Publishing Ltd, 2022
Network security plays an important role in securing IT infrastructures against attacks. The increased demand for computer systems, and the ever-evolving internet, has allowed people to find vulnerabilities and infiltrate into organizations through their network. Network Protocol Security will help you safeguard your organization's network and networking devices.
This book is a comprehensive guide that begins with the basics, gradually increases in complexity, and later takes you through advanced concepts. You will start by understanding the structure of data network protocols and devices as well as breaches. In addition to this, you’ll become familiar with attacking tools and noscripts that take advantage of these breaches.
Original
https://www.amazon.com/Network-Protocols-Security-Professionals-vulnerabilities-ebook/dp/B09FKK2JPW
#books
Network security plays an important role in securing IT infrastructures against attacks. The increased demand for computer systems, and the ever-evolving internet, has allowed people to find vulnerabilities and infiltrate into organizations through their network. Network Protocol Security will help you safeguard your organization's network and networking devices.
This book is a comprehensive guide that begins with the basics, gradually increases in complexity, and later takes you through advanced concepts. You will start by understanding the structure of data network protocols and devices as well as breaches. In addition to this, you’ll become familiar with attacking tools and noscripts that take advantage of these breaches.
Original
https://www.amazon.com/Network-Protocols-Security-Professionals-vulnerabilities-ebook/dp/B09FKK2JPW
#books
🔥3👍2
Network-Protocols-for-Security-Professionals.pdf
22.4 MB
Network Protocols for Security Professionals, by Yoram Orzach, early access production, published by Packt Publishing Ltd, 2022
👍1
Hands-on DevOps with Linux: Build and Deploy DevOps Pipelines Using Linux Commands, Terraform, Docker, Vagrant, and Kubernetes by Alisson Machado de Menezes, 2021
This book brings you advanced learnings on how to make the best use of Linux commands in managing the DevOps infrastructure to keep enterprise applications up-to-date.
Throughout the book, you will get accustomed to the most widely used techniques among DevOps Engineers in their routine. You will explore how infrastructure as code works, working with Vagrant, Docker and Terraform through which you can manage the entire cloud deployment of applications along with how to scale them on your own.
Blog
https://alissonmachado.com.br
GitHub
https://github.com/AlissonMMenezes
LinkedIn
https://www.linkedin.com/in/alisson-machado-85490a22/
#linux #book #SecDevOps
This book brings you advanced learnings on how to make the best use of Linux commands in managing the DevOps infrastructure to keep enterprise applications up-to-date.
Throughout the book, you will get accustomed to the most widely used techniques among DevOps Engineers in their routine. You will explore how infrastructure as code works, working with Vagrant, Docker and Terraform through which you can manage the entire cloud deployment of applications along with how to scale them on your own.
Blog
https://alissonmachado.com.br
GitHub
https://github.com/AlissonMMenezes
https://www.linkedin.com/in/alisson-machado-85490a22/
#linux #book #SecDevOps
👍6
Hands_on_DevOps_with_Linux_Build_and_Deploy_DevOps_Pipelines_Using.epub
6.8 MB
Hands-on DevOps with Linux: Build and Deploy DevOps Pipelines Using Linux Commands, Terraform, Docker, Vagrant, and Kubernetes by Alisson Machado de Menezes, 2021
👍6
Один раз и на сразу долго или 2, 3 или 4 года и нужно двигаться дальше? - деньги, проекты, новые люди, карьерный рост или от универа до пенсии на одного
https://habr.com/ru/company/netologyru/blog/651249/
#job
https://habr.com/ru/company/netologyru/blog/651249/
#job
Хабр
Я работаю много лет в одной компании. Мне нормально
Привет, Хабр! Меня зовут Ксения. Год назад я хотела попасть в IT, а попала на галеры. Сейчас я работаю в крупной digital-компании и вижу, с какой скоростью отсюда уходят сотрудники. Некоторые — в...
👍2