Think Like a Hacker: A Sysadmin's Guide to Cybersecurity by Michael Melone #hacker #Cybersecurity
—-------------------------
Targeted attack and determined human adversaries (DHA) have changed the information security game forever. Writing secure code is as important as ever; however, this satisfies only one piece of the puzzle. Effective defense against targeted attack requires IT professionals to understand how attackers use - and abuse - enterprise design to their advantage.
Learn how advanced attackers break into networks. Understand how attackers use concepts of access and authorization to jump from one computer to the next. Dive into how and why attackers use custom implants and backdoors inside an enterprise. Be introduced to the concept of service-centric design - and how it can help improve both security and usability.
To defend against hackers you must first learn to think like a hacker.
—------------------—
2017 | EPUB | 99 pages | 294 KB
—----------------

@iranopensource🐧

☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧

Containers in OpenStack by Pradeep Kumar Singh #Containers #OpenStack
------------------------------
Containers are one of the most talked about technologies of recent times. They have become increasingly popular as they are changing the way we develop, deploy, and run software applications. OpenStack gets tremendous traction as it is used by many organizations across the globe and as containers gain in popularity and become complex, it’s necessary for OpenStack to provide various infrastructure resources for containers, such as compute, network, and storage.
Containers in OpenStack answers the question, how can OpenStack keep ahead of the increasing challenges of container technology? You will start by getting familiar with container and OpenStack basics, so that you understand how the container ecosystem and OpenStack work together. To understand networking, managing application services and deployment tools, the book has dedicated chapters for different OpenStack projects: Magnum, Zun, Kuryr, Murano, and Kolla.
Towards the end, you will be introduced to some best practices to secure your containers and COE on OpenStack, with an overview of using each OpenStack projects for different use cases.
-----------------------------
2018 | EPUB | 176 pages | 1,18 MB
-------------------------

@iranopensource🐧

💎 بررسی برخی قابلیت های جدید در Wireshark 3.0
💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧

💎 قابلیت Npcap Loopback Capture: ما در Wireshark 2 یکسری کتابخانه یا اصطلاحاً liberary داشتیم که به آنها WinPcap می گفتیم که در Wireshark 3 با Npcap جایگزین شده است. در واقع Npcap کتابخانه Nmap Project packet sniffing برای سیستم عامل های ویندوزیست که خودش هم می توان گفت forkی از WinPcap و Libpacp می باشد اما پیشرفت هایی در سرعت اجرا، امنیت و portability و... داشته است. Npcap کاربردهای مختلفی از جمله: قابلیت capture کردن ترافیک و پکت های اینترفیس های Loopback که اصطلاحاً به نام Loopback Packet Capture شناخته می شود، قابلیت Loopback Packet Injection (این قابلیت توسط تکنیکی به نام WinSock Kernel یا به اختصار WSK می تواند پکت های اینترفیس Loopback شما را ارسال کند) و... را دارا می باشد. بطور کلی می توانید توسط این feature پکت های اینترفیس (های) loopback تان را توسط مکانیزیمی به نام Windows Filtering Platform یا به اختصار WFP، شنود یا sniff نمایید. بعد از نصب Wireshark 3 کتابخانه Npcap یه اینترفیس به اسم Npcap Loopback Adapter برای شما ایجاد کرده و می توانید از آن استفاده کنید.

💎 قابلیت USBPacp: ابزار USBPacp هم یک ابزار Packet Capture از نوع Open Sourceی برای ویندوز می باشد که در Wireshark 3 آن را embed کرده اند (پیشتر این ابزار را می توانستیم بطور جداگونه دانلود و نصب نماییم و در Wireshark از آن استفاده کرد) و می توانید از آن برای capture و آنالیز کردن ترافیک پورت های USB تان استفاده نمایید.

💎 قابلیت Random Packet Generator هم یک utility کوچک است و یک اینترفیس ایجاد می کند که کارش ایجاد پکت های رندم با استفاده ابزار randpkt است. طوریکه می توانید خودتان تعداد پکت های تولید شده را کنترل کنید، یا maximum size پکت ها را مشخص نموده و حتی نوع پکت ها را تعیین نمایید. به این طریق می توانید با Wireshark به عنوان یک packet sniffer، پکت های malforme شده را از پکت های استاندارد تشخیص دهید.

💎 قابلیت SSH Remote Capture نیز یک utility دیگر است که در Wireshark 3 آن را embed کرده اند و در واقع همان ابزار sshdump است که اینترفیس هایی را برای Capture کردن ترافیک از طریق پروتکل SSH از روی یک remote host برایتان فراهم می کند. در واقع همان کار capture را انجام می دهد، منتها از طریق یک SSH Connection.

💎 قابلیت UDP Listener Capture نیز از در واقع حاصل insert کرد Utility‌ی به نام udpdump در Wireshark می باشد که یک UDP receiver جهت دریافت پکت ها از network deviceها و export کردن آنها به PCAP را برای شما فراهم می کند.

💎 قابلیت Cisco Remote Capture در Wireshark توسط ابزاری به نام ciscodump از قابلیتی به نام Remote Packet Capture استفاده می کند. قابلیت Remote Packet Capture شما را قادر می سازد تا یک remote port را به عنوان destination برای packet capturing مشخص نمایید. این قابلیت می تواند پکت های capture شده را از طریق یک TCP connection به Wireshark و البته از طریق پروتکل SSH ارسال کند.

📌 در صورت تمایل به اطلاع بیشتر از سایر قابلیت های جدید ارائه شده در Wireshark 3 می توانید release noteهای آن را در آدرس زیر مطالعه فرمایید:
https://www.wireshark.org/docs/relnotes/wireshark-3.0.0.html

میثم ناظمی

☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧

Vagrant allows you to use virtualization and cloud technologies to power faster, efficient, and sharable development environments. It duplicates the development environment to allow users to easily share and combine data on different machines and also takes care of security concerns. #Vagrant

Each recipe of Vagrant Virtual Development Environment Cookbook provides practical information on using Vagrant to solve specific problems and additional resources to help you learn more about the techniques demonstrated.

With recipes ranging from getting new users acquainted with Vagrant, to setting up multimachine environments, you will be able to develop common project types and solutions with the help of this practical guide.

What You Will Learn

Define single and multiple virtual machine Vagrant environments
Provision Vagrant environments in a consistent and repeatable manner with various configuration management tools
Control powerful cloud resources from a desktop development environment
Use Vagrant to publish and share development environments
Start and expand your Vagrant environment with community resources
Share resources on a development machine with a virtual Vagrant environment
———————————————-
2015 | PDF | 426 Pages | 10.8 MB
————————————————

@iranopensource🐧

🐧 کتاب های لینوکس LPIC-1 و LPIC-2 تهیه توسط یکی از اعضای محترم کانال IOS از انتشارات ناقوس

💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧

This book aims to impart the skills of a professional Burp user to empower you to successfully perform various kinds of tests on any web application of your choice. It begins by acquainting you with Burp Suite on various operating systems and showing you how to customize the settings for maximum performance. You will then get to grips with SSH port forwarding and SOCKS-based proxies. You will also get hands-on experience in leveraging the features of Burp tools such as Target, Proxy, Intruder, Scanner, Repeater, Spider, Sequencer, Decoder, and more. You will then move on to searching, extracting, and matching patterns for requests and responses, and you will learn how to work with upstream proxies and SSL certificates. Next, you will dive into the world of Burp Extensions and also learn how to write simple extensions of your own in Java, Python, and Ruby. #Burp_Suite

As a professional tester, you will need to be able to report your work, safeguard it, and sometimes even extend the tools that you are using; you will learn how to do all this in the concluding chapters of this book.

Who This Book Is For

If you are interested in learning how to test web applications and the web part of mobile applications using Burp, then this is the book for you. It is specifically designed to meet your needs if you have basic experience in using Burp and are now aiming to become a professional Burp user.

What You Will Learn

Get to grips with the user-driven workflow so that you can test any kind of web application
Get acquainted with the use of each of the components in Burpa€”Target, Proxy, Intruder, Scanner, and Repeater
Search, extract, and match patterns for requests and responses using response extraction rules, URL-matching rules, and Grep – Match
Set up and test SSL-enabled applications without any errors
Intercept SSL traffic from all kinds of web and mobile applications
Develop customized Burp Extensions to suit your needs using Java, Python, and Ruby

————————————————
2014 | PDF | 144 Pages | 5.27MB
————————————————-

@iranopensource🐧

☁️ لینک گروه تکنولوژی های ابری و مجازی سازی
https://t.iss.one/joinchat/BDE3OVH_RBXgwYZzbPZNqA
@iranopensource🐧

Get an in-depth tour of OpenShift, the container-based software deployment and management platform from Red Hat that provides a secure multi-tenant environment for the enterprise. This practical guide describes in detail how OpenShift, building on Kubernetes, enables you to automate the way you create, ship, and run applications in a containerized environment.

Author Graham Dumpleton provides the knowledge you need to make the best use of the OpenShift container platform to deploy not only your cloud-native applications, but also more traditional stateful applications. Developers and administrators will learn how to run, access, and manage containers in OpenShift, including how to orchestrate them at scale.

Build application container images from source and deploy them
Implement and extend application image builders
Use incremental and chained builds to accelerate build times
Automate builds by using a webhook to link OpenShift to a Git repository
Add configuration and secrets to the container as project resources
Make an application visible outside the OpenShift cluster
Manage persistent storage inside an OpenShift container
Monitor application health and manage the application lifecycle
This book is a perfect follow-up to OpenShift for Developers: A Guide for Impatient Beginners (O’Reilly).

———————————————-
2018 | PDF | 162 pages | 5.5 MB
———————————————

@iranopensource🐧

💎 لینک گروه الماس
https://t.iss.one/joinchat/BDE3OQ2LakQWk-JDHFiNaQ
@iranopensource🐧

It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network?

Updated to cover Wireshark 2.x, the third edition of Practical Packet Analysis will teach you to make sense of your packet captures so that you can better troubleshoot network problems. You’ll find added coverage of IPv6 and SMTP, a new chapter on the powerful command line packet analyzers tcpdump and TShark, and an appendix on how to read and reference packet values using a packet map.

Practical Packet Analysis will show you how to:

Monitor your network in real time and tap live network communications
Build customized capture and display filters
Use packet analysis to troubleshoot and resolve common network problems, like loss of connectivity, DNS issues, and slow speeds
Explore modern exploits and malware at the packet level
Extract files sent across a network from packet captures
Graph traffic patterns to visualize the data flowing across your network
Use advanced Wireshark features to understand confusing captures
Build statistics and reports to help you better explain technical network information to non-techies
No matter what your level of experience is, Practical Packet Analysis will show you how to use Wireshark to make sense of any network and get things done.

————————————————-
2017 | PDF | 372 Pages | 15 MB
————————————————-

@iranopensource🐧