A Bug Hunter's Diary

A Guided Tour Through the Wilds of Software Security

Author: Tobias Klein

Publisher: No Starch Press

ISBN: 1593273851

Category: COMPUTERS

Page: 208

View: 7194

DOWNLOAD NOW »

Klein tracks down and exploits bugs in some of the world's most popular programs. Whether by browsing source code, poring over disassembly, or fuzzing live programs, readers get an over-the-shoulder glimpse into the world of a bug hunter as Klein unearths security flaws and uses them to take control of affected systems.
Release

ICT Systems Security and Privacy Protection

32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings

Author: Sabrina De Capitani di Vimercati,Fabio Martinelli

Publisher: Springer

ISBN: 3319584693

Category: Computers

Page: 586

View: 7288

DOWNLOAD NOW »

This book constitutes the refereed proceedings of the 32nd IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2017, held in Rome, Italy, in May 2017. The 38 revised full papers presented were carefully reviewed and selected from 199 submissions. The papers are organized in the following topical sections: network security and cyber attacks; security and privacy in social applications and cyber attacks defense; private queries and aggregations; operating systems and firmware security; user authentication and policies; applied cryptography and voting schemes; software security and privacy; privacy; and digital signature, risk management, and code reuse attacks.
Release

Real-World Bug Hunting

A Field Guide to Web Hacking

Author: Peter Yaworski

Publisher: No Starch Press

ISBN: 1593278624

Category: Computers

Page: 264

View: 2098

DOWNLOAD NOW »

Uses real-world bug reports (vulnerabilities in software or in this case web applications) to teach programmers and InfoSec professionals how to discover and protect vulnerabilities in web applications. Real-World Bug Hunting is a field guide to finding software bugs. Ethical hacker Peter Yaworski breaks down common types of bugs, then contextualizes them with real bug bounty reports released by hackers on companies like Twitter, Facebook, Google, Uber, and Starbucks. As you read each report, you'll gain deeper insight into how the vulnerabilities work and how you might find similar ones. Each chapter begins with an explanation of a vulnerability type, then moves into a series of real bug bounty reports that show how the bugs were found. You'll learn things like how Cross-Site Request Forgery tricks users into unknowingly submitting information to websites they are logged into; how to pass along unsafe JavaScript to execute Cross-Site Scripting; how to access another user's data via Insecure Direct Object References; how to trick websites into disclosing information with Server Side Request Forgeries; and how bugs in application logic can lead to pretty serious vulnerabilities. Yaworski also shares advice on how to write effective vulnerability reports and develop relationships with bug bounty programs, as well as recommends hacking tools that can make the job a little easier.
Release

Smart TV Security

Media Playback and Digital Video Broadcast

Author: Benjamin Michéle

Publisher: Springer

ISBN: 3319209949

Category: Computers

Page: 92

View: 7383

DOWNLOAD NOW »

This book discusses the emerging topic of Smart TV security, including its implications on consumer privacy. The author presents chapters on the architecture and functionality of Smart TVs, various attacks and defenses, and associated risks for consumers. This includes the latest attacks on broadcast-related digital services and built-in media playback, as well as access to integrated cameras and microphones. This book is a useful resource for professionals, researchers and students engaged with the field of Smart TV security.
Release