Build your defense against web attacks with Kali Linux, including command injection flaws, crypto implementation layers, and web application security holes Key Features Know how to set up your lab with Kali Linux Discover the core concepts of web penetration testing Get the tools and techniques you need with Kali Linux Book DescriptionWeb Penetration Testing with Kali Linux - Third Edition shows you how to set up a lab, helps you understand the nature and mechanics of attacking websites, and explains classical attacks in great depth. This edition is heavily updated for the latest Kali Linux changes and the most recent attacks. Kali Linux shines when it comes to client-side attacks and fuzzing in particular. From the start of the book, you'll be given a thorough grounding in the concepts of hacking and penetration testing, and you'll see the tools used in Kali Linux that relate to web application hacking. You'll gain a deep understanding of classicalSQL, command-injection flaws, and the many ways to exploit these flaws. Web penetration testing also needs a general overview of client-side attacks, which is rounded out by a long discussion of scripting and input validation flaws. There is also an important chapter on cryptographic implementation flaws, where we discuss the most recent problems with cryptographic layers in the networking stack. The importance of these attacks cannot be overstated, and defending against them is relevant to most internet users and, of course, penetration testers. At the end of the book, you'll use an automated technique called fuzzing to identify flaws in a web application. Finally, you'll gain an understanding of web application vulnerabilities and the ways they can be exploited using the tools in Kali Linux. What you will learn Learn how to set up your lab with Kali Linux Understand the core concepts of web penetration testing Get to know the tools and techniques you need to use with Kali Linux Identify the difference between hacking a web application and network hacking Expose vulnerabilities present in web servers and their applications using server-side attacks Understand the different techniques used to identify the flavor of web applications See standard attacks such as exploiting cross-site request forgery and cross-site scripting flaws Get an overview of the art of client-side attacks Explore automated attacks such as fuzzing web applications Who this book is forSince this book sets out to cover a large number of tools and security fields, it can work as an introduction to practical security skills for beginners in security. In addition, web programmers and also system administrators would benefit from this rigorous introduction to web penetration testing. Basic system administration skills are necessary, and the ability to read code is a must.

Get up and running with system programming concepts in Linux Key Features Acquire insight on Linux system architecture and its programming interfaces Get to grips with core concepts such as process management, signalling and pthreads Packed with industry best practices and dozens of code examples Book DescriptionThe Linux OS and its embedded and server applications are critical components of today's software infrastructure in a decentralized, networked universe. The industry's demand for proficient Linux developers is only rising with time. Hands-On System Programming with Linux gives you a solid theoretical base and practical industry-relevant descriptions, and covers the Linux system programming domain. It delves into the art and science of Linux application programming- system architecture, process memory and management, signaling, timers, pthreads, and file IO. This book goes beyond the use API X to do Y approach; it explains the concepts and theories required to understand programming interfaces and design decisions, the tradeoffs made by experienced developers when using them, and the rationale behind them. Troubleshooting tips and techniques are included in the concluding chapter. By the end of this book, you will have gained essential conceptual design knowledge and hands-on experience working with Linux system programming interfaces. What you will learn Explore the theoretical underpinnings of Linux system architecture Understand why modern OSes use virtual memory and dynamic memory APIs Get to grips with dynamic memory issues and effectively debug them Learn key concepts and powerful system APIs related to process management Effectively perform file IO and use signaling and timers Deeply understand multithreading concepts, pthreads APIs, synchronization and scheduling Who this book is forHands-On System Programming with Linux is for Linux system engineers, programmers, or anyone who wants to go beyond using an API set to understanding the theoretical underpinnings and concepts behind powerful Linux system programming APIs. To get the most out of this book, you should be familiar with Linux at the user-level logging in, using shell via the command line interface, the ability to use tools such as find, grep, and sort. Working knowledge of the C programming language is required. No prior experience with Linux systems programming is assumed.

Docker lets you create, deploy, and manage your applications anywhere at anytime - flexibility is key so you can deploy stable, secure, and scalable app containers across a wide variety of platforms and delve into microservices architecture About This Book * This up-to-date edition shows how to leverage Docker's features to deploy your existing applications * Learn how to package your applications with Docker and build, ship, and scale your containers * Explore real-world examples of securing and managing Docker containers Who This Book Is For This book is ideal for developers, operations managers, and IT professionals who would like to learn about Docker and use it to build and deploy container-based apps. No prior knowledge of Docker is expected. What You Will Learn * Develop containerized applications using the Docker version 17.03 * Build Docker images from containers and launch them * Develop Docker images and containers leveraging Dockerfiles * Use Docker volumes to share data * Get to know how data is shared between containers * Understand Docker Jenkins integration * Gain the power of container orchestration * Familiarize yourself with the frequently used commands such as docker exec, docker ps, docker top, and docker stats In Detail Docker is an open source containerization engine that offers a simple and faster way for developing and running software. Docker containers wrap software in a complete filesystem that contains everything it needs to run, enabling any application to be run anywhere - this flexibily and portabily means that you can run apps in the cloud, on virtual machines, or on dedicated servers. This book will give you a tour of the new features of Docker and help you get started with Docker by building and deploying a simple application. It will walk you through the commands required to manage Docker images and containers. You'll be shown how to download new images, run containers, list the containers running on the Docker host, and kill them. You'll learn how to leverage Docker's volumes feature to share data between the Docker host and its containers - this data management feature is also useful for persistent data. This book also covers how to orchestrate containers using Docker compose, debug containers, and secure containers using the AppArmor and SELinux security modules. Style and approach This step-by-step guide will walk you through the features and use of Docker, from Docker software installation to the impenetrable security of containers.

A comprehensive guide to mastering the art of preventing your Linux system from getting compromised. Key Features Leverage this guide to confidently deliver a system that reduces the risk of being hacked Perform a number of advanced Linux security techniques such as network service detection, user authentication, controlling special permissions, encrypting file systems, and much more Master the art of securing a Linux environment with this end-to-end practical guide Book DescriptionThis book has extensive coverage of techniques that will help prevent attackers from breaching your system, by building a much more secure Linux environment. You will learn various security techniques such as SSH hardening, network service detection, setting up firewalls, encrypting file systems, protecting user accounts, authentication processes, and so on. Moving forward, you will also develop hands-on skills with advanced Linux permissions, access control, special modes, and more. Lastly, this book will also cover best practices and troubleshooting techniques to get your work done efficiently. By the end of this book, you will be confident in delivering a system that will be much harder to compromise. What you will learn Use various techniques to prevent intruders from accessing sensitive data Prevent intruders from planting malware, and detect whether malware has been planted Prevent insiders from accessing data that they aren't authorized to access Do quick checks to see whether a computer is running network services that it doesn't need to run Learn security techniques that are common to all Linux distros, and some that are distro-specific Who this book is forIf you are a systems administrator or a network engineer interested in making your Linux environment more secure, then this book is for you. Security consultants wanting to enhance their Linux security skills will also benefit from this book. Prior knowledge of Linux is mandatory.

Optimize and boost your Linux-based system with Yocto Project and increase its reliability and robustness efficiently and cost-effectively. About This Book * Optimize your Yocto Project tools to develop efficient Linux-based projects * Practical approach to learning Linux development using Yocto Project * Demonstrates concepts in a practical and easy-to-understand way Who This Book Is For If you are an embedded Linux developer with a basic knowledge of Yocto Project and want to broaden your knowledge with examples of embedded development, then this book is for you. This book is also for professionals who want to find new insights into working methodologies for Linux development. What You Will Learn * Understand the basic concepts involved in Poky workflows along with configuring and preparing the Poky build environment. * Configure a build server and customize images using Toaster. * Generate images and fit packages into created images using BitBake. * Support the development process by setting up and using Package feeds. * Debug Yocto Project by configuring Poky. * Build an image for the BeagleBone Black, RaspberryPi 3, and Wandboard, and boot it from an SD card. In Detail Yocto Project is turning out to be the best integration framework for creating reliable embedded Linux projects. It has the edge over other frameworks because of its features such as less development time and improved reliability and robustness. Embedded Linux Development using Yocto Project starts with an in-depth explanation of all Yocto Project tools, to help you perform different Linux-based tasks. The book then moves on to in-depth explanations of Poky and BitBake. It also includes some practical use cases for building a Linux subsystem project using Yocto Project tools available for embedded Linux. The book also covers topics such as SDK, recipetool, and others. By the end of the book, you will have learned how to generate and run an image for real hardware boards and will have gained hands-on experience at building efficient Linux systems using Yocto Project. Style and approach A clear, concise, and straightforward book that will enable you to use and implement the latest features of Yocto Project.

Gain hands-on experience of installing OpenShift Origin 3.9 in a production configuration and managing applications using the platform you built Key Features Gain hands-on experience of working with Kubernetes and Docker Learn how to deploy and manage applications in OpenShift Get a practical approach to managing applications on a cloud-based platform Explore multi-site and HA architectures of OpenShift for production Book DescriptionDocker containers transform application delivery technologies to make them faster and more reproducible, and to reduce the amount of time wasted on configuration. Managing Docker containers in the multi-node or multi-datacenter environment is a big challenge, which is why container management platforms are required. OpenShift is a new generation of container management platforms built on top of both Docker and Kubernetes. It brings additional functionality to the table, something that is lacking in Kubernetes. This new functionality significantly helps software development teams to bring software development processes to a whole new level. In this book, we'll start by explaining the container architecture, Docker, and CRI-O overviews. Then, we'll look at container orchestration and Kubernetes. We'll cover OpenShift installation, and its basic and advanced components. Moving on, we'll deep dive into concepts such as deploying application OpenShift. You'll learn how to set up an end-to-end delivery pipeline while working with applications in OpenShift as a developer or DevOps. Finally, you'll discover how to properly design OpenShift in production environments. This book gives you hands-on experience of designing, building, and operating OpenShift Origin 3.9, as well as building new applications or migrating existing applications to OpenShift. What you will learn Understand the core concepts behind containers and container orchestration tools Understand Docker, Kubernetes, and OpenShift, and their relation to CRI-O Install and work with Kubernetes and OpenShift Understand how to work with persistent storage in OpenShift Understand basic and advanced components of OpenShift, including security and networking Manage deployment strategies and application's migration in OpenShift Understand and design OpenShift high availability Who this book is forThe book is for system administrators, DevOps engineers, solutions architects, or any stakeholder who wants to understand the concept and business value of OpenShift.

Deploy functions efficiently using different cloud-based serverless offerings Key Features Understand the concept of Function-as-a-Service Implement Serverless solutions using AWS Lambda, Azure Functions and Google Cloud Functions Practical approach towards choosing the best tool for your serverless environment Book DescriptionServerless applications and architectures are gaining momentum and are increasingly being used by companies of all sizes. Serverless software takes care of many problems that developers face when running systems and servers, such as fault tolerance, centralized logging, horizontal scalability, and deployments. You will learn how to harness serverless technology to rapidly reduce production time and minimize your costs, while still having the freedom to customize your code, without hindering functionality. Upon finishing the book, you will have the knowledge and resources to build your own serverless application hosted in AWS, Microsoft Azure, or Google Cloud Platform, and will have experienced the benefits of event-driven technology for yourself. This hands-on guide dives into the basis of serverless architectures and how to build them using Node.js as a programming language, Visual Studio Code for code editing, and Postman for quickly and securely developing applications without the hassle of configuring and maintaining infrastructure on three public cloud platforms. What you will learn Understand the benefts of serverless computing and know when to use it Develop serverless applications on AWS, Azure, and Google Cloud Get to grips with Function as a Service (FaaS) Apply triggers to serverless functions Build event-driven apps using serverless frameworks Use the Node.js programming language to build serverless apps Use code editors, such as Visual Studio Code, as development environments Master the best development practices for creating scalable and practical solutions Who this book is forThis book is targeted towards developers, system administrators or any stakeholder working in the Serverless environment and want to understand how functions work. Basic idea of serverless architecture can be an added advantage

Develop a solid understanding of the important command-line tools and utilities in Linux Key Features Delve into the fundamentals of Linux Explore and work with virtualization, command lines, and Bash shell scripts Use special file permission flags such as setuid and setgid Book DescriptionLinux is a Unix-like operating system assembled under the model of free and open source software development and distribution. Fundamentals of Linux will help you learn all the essentials of the Linux command line required to get you started. The book will start by teaching you how to work with virtualization software and install CentOS 7 Linux as a VM. Then, you will get to grips with the workings of various command line operations, such as cursor movement, commands, options, and arguments. As you make your way through the chapters, the book will not only focus on the most essential Linux commands but also give an introduction to Bash shell scripting. Finally, you will explore advanced topics, such as networking and troubleshooting your system, and you will get familiar with the advanced file permissions: ACL, setuid, and setgid. Fundamentals of Linux includes real-world tasks, use cases, and problems that, as a system administrator, you might encounter in your day-to-day activities. What you will learn Explore basic and advanced command-line concepts Install Linux, work with VirtualBox, and install CentOS 7 in VirtualBox Work with the command line efficiently and learn how to navigate through the Linux filesystem Create file and user group permissions and edit files Use Sticky bit to secure your Linux filesystem Define and remove ACL from Linux files Who this book is forFundamentals of Linux is for individuals looking to work as a Linux system administrator.