Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
U ovoj temi postavljacu linkove za interesantne i manje tehnicki zahtevne knjige za sve one koji moraju da razmisljaju i o bezbednosti svojih aplikacija i sistema.
Za pocetak:
The Tangled Web: A Guide to Securing Modern Web Applications
XSS Attacks: Cross Site Scripting Exploits and Defense
The Art of Deception: Controlling the Human Element of Security
P.S. Ako nekome treba literatura za neku egzoticnu temu neka napise pitanje.
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 6
Threads: 1
Joined: Jun 2016
Reputation:
3
(03-22-2015, 07:09 PM)1van Wrote: U ovoj temi postavljacu linkove za interesantne i manje tehnicki zahtevne knjige za sve one koji moraju da razmisljaju i o bezbednosti svojih aplikacija i sistema.
Za pocetak:
The Tangled Web: A Guide to Securing Modern Web Applications
XSS Attacks: Cross Site Scripting Exploits and Defense
The Art of Deception: Controlling the Human Element of Security
P.S. Ako nekome treba literatura za neku egzoticnu temu neka napise pitanje.
Ivane mene interesuje odakle poceti, nekim mojim razmisljanjem ovom hijearhijom se krecem "algoritmi,operativni sistemi ,mreze ,baze ,OOP ,mnooogo web-a i mreze".
Jos uvek sam mlad i zelen, ne zelim budem neki "script kiddie" koji koristi tudje alate. Da li bi mogao da me uputis na "put" odakle poceti, sta procitati i neki izvor dobrih tutorijala.
Unapred hvala.
Posts: 700
Threads: 102
Joined: Jul 2016
Reputation:
222
Jeste da je pitanje bilo namenjeno Ivanu, ali moja preporuka je ako hoces da naucis detaljno sta god da te zanima da pogledas tutorijale sa pluralsight sajta. Po meni bolji cak i od Lynda. Ovo preporucujem cak i svojim senior kolegama da pogledaju fundamentals za .net recimo i sl. jer to radimo vecinom na poslu.
Ako hoces nesto manje zahtevno pogledaj tutsplus.
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
@k4rz4 kreni odavde: https://www.owasp.org/index.php/Main_Page, kontam da ti je web najblizi uzeci u obzir da radis u Openkinetixu? A inace je savet citaj sve
Ovo je neko obavezno stivo:
TCP/IP: https://www.amazon.com/Internetworking-T...130183806/
Kriptografija: https://www.amazon.com/Applied-Cryptogra...119096723/
A za online tutorijale: http://www.securitytube.net/, glavni alat je: https://www.kali.org/
Moraces svakako da podignes svoj lab i testiras/isprobavas/programiras redom ...
Svraticu ovih dana do vaseg office pa cemo da se ispricamo
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 6
Threads: 1
Joined: Jun 2016
Reputation:
3
08-16-2016, 01:47 AM
(08-12-2016, 02:40 AM)vsavic Wrote: Jeste da je pitanje bilo namenjeno Ivanu, ali moja preporuka je ako hoces da naucis detaljno sta god da te zanima da pogledas tutorijale sa pluralsight sajta. Po meni bolji cak i od Lynda. Ovo preporucujem cak i svojim senior kolegama da pogledaju fundamentals za .net recimo i sl. jer to radimo vecinom na poslu.
Ako hoces nesto manje zahtevno pogledaj tutsplus.
Hvala na odgovoru, svidja mi se pluralsight
Posts: 6
Threads: 1
Joined: Jun 2016
Reputation:
3
08-16-2016, 01:50 AM
(This post was last modified: 08-16-2016, 01:51 AM by k4rz4.)
(08-13-2016, 01:26 PM)1van Wrote: @k4rz4 kreni odavde: https://www.owasp.org/index.php/Main_Page, kontam da ti je web najblizi uzeci u obzir da radis u Openkinetixu? A inace je savet citaj sve
Ovo je neko obavezno stivo:
TCP/IP: https://www.amazon.com/Internetworking-T...130183806/
Kriptografija: https://www.amazon.com/Applied-Cryptogra...119096723/
A za online tutorijale: http://www.securitytube.net/, glavni alat je: https://www.kali.org/
Moraces svakako da podignes svoj lab i testiras/isprobavas/programiras redom ...
Svraticu ovih dana do vaseg office pa cemo da se ispricamo
Hvala na odgovoru Ivane, koristim kali kao main distro, i snalazim se lepo sa alatima, ali jos nisam uspeo da izadjem iz lokalne mreze.... , bilo bi mi drago da se ispricamo. Pozdrav vidimo se
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
Jos jedna zanimljiva i jako korisna:
Red Team Field Manual
Quote:The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
https://www.amazon.com/Rtfm-Red-Team-Fie...1494295504
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
Zatim ako zelite da bolje razumete Anonimnost:
The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data
Quote:Kevin Mitnick, the world's most famous hacker, teaches you easy cloaking and counter-measures for citizens and consumers in the age of Big Brother and Big Data.
Like it or not, your every move is being watched and analyzed. Consumer's identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.
In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge--and he teaches you ''the art of invisibility.'' Mitnick is the world's most famous--and formerly the Most Wanted--computer hacker. He has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.
In THE ART OF INVISIBILITY Mitnick provides both online and real life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced ''elite'' techniques, which, if used properly, can maximize your privacy. Invisibility isn't just for superheroes--privacy is a power you deserve and need in this modern age.
https://www.amazon.com/Art-Invisibility-...1478945567
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 700
Threads: 102
Joined: Jul 2016
Reputation:
222
09-05-2017, 10:50 PM
(This post was last modified: 09-05-2017, 10:58 PM by vsavic.)
Evo jos jedne zanimljive, Gray Hat C#, nista previse fancy, a opet zanimljiva... Ova druga za Kali manje vise OK, samo malo bespotrebni overkill oko instalacije prvih 40-tak stranica (dostupna besplatno u PDF-u).
Posts: 768
Threads: 25
Joined: Mar 2016
Reputation:
383
Citajuci vase komentare prisetio sam se relativno davnih vremena... sta se sve radilo i kako smo se igrali... zanimljivo je da su se kroz tu "igru" sirili vidici i interesovanja za mnoge stvari... tako sam na kraju i "zalutao" u IT i trenutno zivim od IT-a iako sam zavrsio tehnicki fax - odnosno upravljanje tehnickim sistemima u kome nigde nije bilo price o IT-u Izvinjavam se na off ali to je bilo jace od mene...
Samo napred i tema je odlicna!
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
@pakonja mozda mozes da nam preporucis neku literaturu koja te je inspirisala? Hvala
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 768
Threads: 25
Joined: Mar 2016
Reputation:
383
Ta literatura vise nije aktuelna... Jedino sto je ostalo "isto" je TCP/IP a link za to vec postoji i to bi trebala da svakome bude osnova ako se interesuje za penetration testing ili slicnu tematiku... Inace to je bilo doba kada su takve informacije mogle da se nadju samo na BBS-ovima i malo kasnije na IRC kanalima... da li mislis da sam i dalje cuvam TXT fajlove gde sam sve zapisivao? Tek posle je pocela neka ozbiljnija literatura kako se internet razvijao ali ako to covek ne prati svakodnevno brzo se ispadne iz forme...
U svakom slucaju ako je u pitanju penetration testing trebalo bi da se bazirati na Kali kao alat koji ima "sve"... govori tiho i nosi Kali sa sobom...
Ne stizem da se bavim svim stvarima koje bi voleo ali cini mi se da cu uskoro zbog posla poceti ponovo ali ovaj put na ozbiljnijem nivou... I naravno, kada nadjem neku zanimljivu literaturu podelicu sa vama...
Posts: 768
Threads: 25
Joined: Mar 2016
Reputation:
383
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
To i nije tako staro, vise sam mislio na nesto ovako (inspiracija je u svemu)
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 700
Threads: 102
Joined: Jul 2016
Reputation:
222
Ha, tek sad videh ovaj post, ne znam kako mi je promakao
... prooooolooog : ...nisam video ima sto godina :
Evo mojih two cents opet
(Odlicna knjiga)
In </code> we trust!
Posts: 952
Threads: 111
Joined: Apr 2014
Reputation:
882
12-14-2019, 03:12 PM
(This post was last modified: 12-14-2019, 03:12 PM by 1van.)
Kakva je ova OSINT?
Btw dodao bi i (Gray Hat Python): https://www.amazon.com/Gray-Hat-Python-P...1593271921
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Posts: 700
Threads: 102
Joined: Jul 2016
Reputation:
222
(12-14-2019, 03:12 PM)1van Wrote: Kakva je ova OSINT?
Po meni, sadrzaj je lepo obradjen. Svaka oblast lepo i ukratko opisana. Jedino sto me nervira oko nje je to sto su za*rali puno oko grafike, tj. rezolucija slika koje su stavljali je ocajna i kao da su hteli da ustede na boji, pogotovu kad npr. imaju primere satelitskih snimaka recimo i kad daju objasnjenja sta je razlicito, a ti jedva mozes da razaznas sa slike jer je ocajno odstampana. Ali sve u svemu sto se sadrzaja tice, mislim da vredi.
In </code> we trust!
|