Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Knjige IT SEC
#1
U ovoj temi postavljacu linkove za interesantne i manje tehnicki zahtevne knjige za sve one koji moraju da razmisljaju i o bezbednosti svojih aplikacija i sistema. 

Za pocetak:

The Tangled Web: A Guide to Securing Modern Web Applications
XSS Attacks: Cross Site Scripting Exploits and Defense
The Art of Deception: Controlling the Human Element of Security

P.S. Ako nekome treba literatura za neku egzoticnu temu neka napise pitanje.
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#2
(03-22-2015, 07:09 PM)1van Wrote: U ovoj temi postavljacu linkove za interesantne i manje tehnicki zahtevne knjige za sve one koji moraju da razmisljaju i o bezbednosti svojih aplikacija i sistema. 

Za pocetak:

The Tangled Web: A Guide to Securing Modern Web Applications
XSS Attacks: Cross Site Scripting Exploits and Defense
The Art of Deception: Controlling the Human Element of Security

P.S. Ako nekome treba literatura za neku egzoticnu temu neka napise pitanje.

Ivane mene interesuje odakle poceti, nekim mojim razmisljanjem ovom hijearhijom se krecem "algoritmi,operativni sistemi ,mreze ,baze ,OOP ,mnooogo web-a  i mreze".  

Jos uvek sam mlad i zelen, ne zelim budem neki "script kiddie" koji koristi tudje alate. Da li bi mogao da me uputis na "put" odakle poceti, sta procitati i neki izvor dobrih tutorijala.


Unapred hvala.
Reply
#3
Jeste da je pitanje bilo namenjeno Ivanu, ali moja preporuka je ako hoces da naucis detaljno sta god da te zanima da pogledas tutorijale sa pluralsight sajta. Po meni bolji cak i od Lynda. Ovo preporucujem cak i svojim senior kolegama da pogledaju fundamentals za .net recimo i sl. jer to radimo vecinom na poslu. 
Ako hoces nesto manje zahtevno pogledaj tutsplus.
Reply
#4
@k4rz4 kreni odavde: https://www.owasp.org/index.php/Main_Page, kontam da ti je web najblizi uzeci u obzir da radis u Openkinetixu? A inace je savet citaj sve Smile

Ovo je neko obavezno stivo:

TCP/IP: https://www.amazon.com/Internetworking-T...130183806/
Kriptografija: https://www.amazon.com/Applied-Cryptogra...119096723/

A za online tutorijale: http://www.securitytube.net/, glavni alat je: https://www.kali.org/
Moraces svakako da podignes svoj lab i testiras/isprobavas/programiras redom ...

Svraticu ovih dana do vaseg office pa cemo da se ispricamo Wink
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#5
Wink 
(08-12-2016, 02:40 AM)vsavic Wrote: Jeste da je pitanje bilo namenjeno Ivanu, ali moja preporuka je ako hoces da naucis detaljno sta god da te zanima da pogledas tutorijale sa pluralsight sajta. Po meni bolji cak i od Lynda. Ovo preporucujem cak i svojim senior kolegama da pogledaju fundamentals za .net recimo i sl. jer to radimo vecinom na poslu. 
Ako hoces nesto manje zahtevno pogledaj tutsplus.

Hvala na odgovoru, svidja mi se pluralsight  Big Grin
Reply
#6
(08-13-2016, 01:26 PM)1van Wrote: @k4rz4 kreni odavde: https://www.owasp.org/index.php/Main_Page, kontam da ti je web najblizi uzeci u obzir da radis u Openkinetixu? A inace je savet citaj sve Smile

Ovo je neko obavezno stivo:

TCP/IP: https://www.amazon.com/Internetworking-T...130183806/
Kriptografija: https://www.amazon.com/Applied-Cryptogra...119096723/

A za online tutorijale: http://www.securitytube.net/, glavni alat je: https://www.kali.org/
Moraces svakako da podignes svoj lab i testiras/isprobavas/programiras redom ...

Svraticu ovih dana do vaseg office pa cemo da se ispricamo Wink

Hvala na odgovoru Ivane, koristim kali kao main distro, i snalazim se lepo sa alatima, ali jos nisam uspeo da izadjem iz lokalne mreze.... Big Grin , bilo bi mi drago da se ispricamo. Pozdrav vidimo se
Reply
#7
Jos jedna zanimljiva i jako korisna:

Red Team Field Manual 
Quote:The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.

https://www.amazon.com/Rtfm-Red-Team-Fie...1494295504
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#8
Zatim ako zelite da bolje razumete Anonimnost:

The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data

Quote:Kevin Mitnick, the world's most famous hacker, teaches you easy cloaking and counter-measures for citizens and consumers in the age of Big Brother and Big Data.

Like it or not, your every move is being watched and analyzed. Consumer's identities are being stolen, and a person's every step is being tracked and stored. What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge--and he teaches you ''the art of invisibility.'' Mitnick is the world's most famous--and formerly the Most Wanted--computer hacker. He has hacked into some of the country's most powerful and seemingly impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening. 

In THE ART OF INVISIBILITY Mitnick provides both online and real life tactics and inexpensive methods to protect you and your family, in easy step-by-step instructions. He even talks about more advanced ''elite'' techniques, which, if used properly, can maximize your privacy. Invisibility isn't just for superheroes--privacy is a power you deserve and need in this modern age.

https://www.amazon.com/Art-Invisibility-...1478945567
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#9
Evo jos jedne zanimljive, Gray Hat C#, nista previse fancy, a opet zanimljiva... Ova druga za Kali manje vise OK, samo malo bespotrebni overkill oko instalacije prvih 40-tak stranica (dostupna besplatno u PDF-u).

[Image: Screenshot_at_Sep_05_17_53_34.png]
Reply
#10
Citajuci vase komentare prisetio sam se relativno davnih vremena... sta se sve radilo i kako smo se igrali... zanimljivo je da su se kroz tu "igru" sirili vidici i interesovanja za mnoge stvari... tako sam na kraju i "zalutao" u IT i trenutno zivim od IT-a iako sam zavrsio tehnicki fax - odnosno upravljanje tehnickim sistemima u kome nigde nije bilo price o IT-u Smile Izvinjavam se na off ali to je bilo jace od mene... Smile

Samo napred i tema je odlicna!
Reply
#11
@pakonja mozda mozes da nam preporucis neku literaturu koja te je inspirisala? Hvala Smile
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#12
Ta literatura vise nije aktuelna... Jedino sto je ostalo "isto" je TCP/IP a link za to vec postoji i to bi trebala da svakome bude osnova ako se interesuje za penetration testing ili slicnu tematiku... Inace to je bilo doba kada su takve informacije mogle da se nadju samo na BBS-ovima i malo kasnije na IRC kanalima... da li mislis da sam i dalje cuvam TXT fajlove gde sam sve zapisivao? Smile Tek posle je pocela neka ozbiljnija literatura kako se internet razvijao ali ako to covek ne prati svakodnevno brzo se ispadne iz forme...

U svakom slucaju ako je u pitanju penetration testing trebalo bi da se bazirati na Kali kao alat koji ima "sve"... govori tiho i nosi Kali sa sobom... Smile

Ne stizem da se bavim svim stvarima koje bi voleo ali cini mi se da cu uskoro zbog posla poceti ponovo ali ovaj put na ozbiljnijem nivou... I naravno, kada nadjem neku zanimljivu literaturu podelicu sa vama...
Reply
#13
Sad se setih da sam nedavno zapisao par linkova... nisu ultra sveza izdanja ali mogu da posluze...

https://doc.lagout.org/operating%20syste...esting.pdf

ftp.lab.dnict.vn/1.DNICT/2.Ebooks/books/Web%20Penetration%20Testing%20with%20Kali%20Linux.pdf

http://www.arthur-training.com/Downloads....ir%5D.pdf
Reply
#14
To i nije tako staro, vise sam mislio na nesto ovako (inspiracija je u svemu) Smile

“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#15
Ha, tek sad videh ovaj post, ne znam kako mi je promakao Smile

... prooooolooog :Big Grin ...nisam video ima sto godina :Big Grin

Evo mojih two cents opet Smile

[Image: ipIKJQB.jpg]

(Odlicna knjiga)

[Image: Z0xKNZV.jpg]
In </code> we trust!
Reply
#16
Kakva je ova OSINT?

Btw dodao bi i (Gray Hat Python): https://www.amazon.com/Gray-Hat-Python-P...1593271921
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#17
(12-14-2019, 03:12 PM)1van Wrote: Kakva je ova OSINT?

Po meni, sadrzaj je lepo obradjen. Svaka oblast lepo i ukratko opisana. Jedino sto me nervira oko nje je to sto su za*rali puno oko grafike, tj. rezolucija slika koje su stavljali je ocajna i kao da su hteli da ustede na boji, pogotovu kad npr. imaju primere satelitskih snimaka recimo i kad daju objasnjenja sta je razlicito, a ti jedva mozes da razaznas sa slike jer je ocajno odstampana. Ali sve u svemu sto se sadrzaja tice, mislim da vredi.
In </code> we trust!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)