Zed Attack Proxy Cookbook
Download Zed Attack Proxy Cookbook PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Zed Attack Proxy Cookbook book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Zed Attack Proxy Cookbook
Dive into security testing and web app scanning with ZAP, a powerful OWASP security tool Purchase of the print or Kindle book includes a free PDF eBook Key FeaturesMaster ZAP to protect your systems from different cyber attacksLearn cybersecurity best practices using this step-by-step guide packed with practical examplesImplement advanced testing techniques, such as XXE attacks and Java deserialization, on web applicationsBook Description Maintaining your cybersecurity posture in the ever-changing, fast-paced security landscape requires constant attention and advancements. This book will help you safeguard your organization using the free and open source OWASP Zed Attack Proxy (ZAP) tool, which allows you to test for vulnerabilities and exploits with the same functionality as a licensed tool. Zed Attack Proxy Cookbook contains a vast array of practical recipes to help you set up, configure, and use ZAP to protect your vital systems from various adversaries. If you're interested in cybersecurity or working as a cybersecurity professional, this book will help you master ZAP. You'll start with an overview of ZAP and understand how to set up a basic lab environment for hands-on activities over the course of the book. As you progress, you'll go through a myriad of step-by-step recipes detailing various types of exploits and vulnerabilities in web applications, along with advanced techniques such as Java deserialization. By the end of this ZAP book, you'll be able to install and deploy ZAP, conduct basic to advanced web application penetration attacks, use the tool for API testing, deploy an integrated BOAST server, and build ZAP into a continuous integration and continuous delivery (CI/CD) pipeline. What you will learnInstall ZAP on different operating systems or environmentsExplore how to crawl, passively scan, and actively scan web appsDiscover authentication and authorization exploitsConduct client-side testing by examining business logic flawsUse the BOAST server to conduct out-of-band attacksUnderstand the integration of ZAP into the final stages of a CI/CD pipelineWho this book is for This book is for cybersecurity professionals, ethical hackers, application security engineers, DevSecOps engineers, students interested in web security, cybersecurity enthusiasts, and anyone from the open source cybersecurity community looking to gain expertise in ZAP. Familiarity with basic cybersecurity concepts will be helpful to get the most out of this book.
Burp Suite Cookbook
Author: Dr. Sunny Wear
language: en
Publisher: Packt Publishing Ltd
Release Date: 2023-10-27
Find and fix security vulnerabilities in your web applications with Burp Suite Key Features Set up and optimize Burp Suite to maximize its effectiveness in web application security testing Explore how Burp Suite can be used to execute various OWASP test cases Get to grips with the essential features and functionalities of Burp Suite Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionWith its many features, easy-to-use interface, and flexibility, Burp Suite is the top choice for professionals looking to strengthen web application and API security. This book offers solutions to challenges related to identifying, testing, and exploiting vulnerabilities in web applications and APIs. It provides guidance on identifying security weaknesses in diverse environments by using different test cases. Once you’ve learned how to configure Burp Suite, the book will demonstrate the effective utilization of its tools, such as Live tasks, Scanner, Intruder, Repeater, and Decoder, enabling you to evaluate the security vulnerability of target applications. Additionally, you’ll explore various Burp extensions and the latest features of Burp Suite, including DOM Invader. By the end of this book, you’ll have acquired the skills needed to confidently use Burp Suite to conduct comprehensive security assessments of web applications and APIs.What you will learn Perform a wide range of tests, including authentication, authorization, business logic, data validation, and client-side attacks Use Burp Suite to execute OWASP test cases focused on session management Conduct Server-Side Request Forgery (SSRF) attacks with Burp Suite Execute XML External Entity (XXE) attacks and perform Remote Code Execution (RCE) using Burp Suite’s functionalities Use Burp to help determine security posture of applications using GraphQL Perform various attacks against JSON Web Tokens (JWTs) Who this book is for If you are a beginner- or intermediate-level web security enthusiast, penetration tester, or security consultant preparing to test the security posture of your applications and APIs, this is the book for you.
Jenkins 2.x Continuous Integration Cookbook
Get a problem-solution approach enriched with code examples for practical and easy comprehension About This Book Explore the use of more than 40 best-of-breed plug-ins for improving efficiency Secure and maintain Jenkins 2.x by integrating it with LDAP and CAS, which is a Single Sign-on solution Efficiently build advanced pipelines with pipeline as code, thus increasing your team's productivity Who This Book Is For If you are a Java developer, a software architect, a technical project manager, a build manager, or a development or QA engineer, then this book is ideal for you. A basic understanding of the software development life cycle and Java development is needed, as well as a rudimentary understanding of Jenkins. What You Will Learn Install and Configure Jenkins 2.x on AWS and Azure Explore effective ways to manage and monitor Jenkins 2.x Secure Jenkins 2.x using Matrix-based Security Deploying a WAR file from Jenkins 2.x to Azure App Services and AWS Beanstalk Automate deployment of application on AWS and Azure PaaS Continuous Testing – Unit Test Execution, Functional Testing and Load Testing In Detail Jenkins 2.x is one of the most popular Continuous Integration servers in the market today. It was designed to maintain, secure, communicate, test, build, and improve the software development process. This book will begin by guiding you through steps for installing and configuring Jenkins 2.x on AWS and Azure. This is followed by steps that enable you to manage and monitor Jenkins 2.x. You will also explore the ways to enhance the overall security of Jenkins 2.x. You will then explore the steps involved in improving the code quality using SonarQube. Then, you will learn the ways to improve quality, followed by how to run performance and functional tests against a web application and web services. Finally, you will see what the available plugins are, concluding with best practices to improve quality. Style and approach This book provides a problem-solution approach to some common tasks and some uncommon tasks using Jenkins 2.x and is well-illustrated with practical code examples.