Episodios

  • Windows APT Warfare: Identify and prevent Windows APT attacks effectively

    Windows APT Warfare: Identify and prevent Windows APT attacks effectively
    May 22 2025
    The Book is a technical guide focused on understanding and countering advanced persistent threats (APTs) targeting Windows systems. It explores concepts from reverse engineering, compilers, and operating system principles to explain attack techniques from a red team perspective, including practical examples of malware and hacking methods like shellcode development, packer design, and digital signature forgery. The text also provides insights into Windows internals, such as the PE format, process memory, API calling conventions, and User Account Control (UAC) bypasses, often referencing publicly available research and tools.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Windows-APT-Warfare-Identify-effectively/dp/180461811X?&linkCode=ll1&tag=cvthunderx-20&linkId=77c6b979fcfcc06e3f208abde4295520&language=en_US&ref_=as_li_ss_tl
    Más Menos
    30 m
  • Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting

    Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting
    May 22 2025
    A practical guide to modern web penetration testing authored by Rafay Baloch and published by CRC Press in 2025. The content covers a wide range of web security topics, beginning with fundamentals of web and browser interaction, including HTTP, encoding, and browser security policies. It progresses through techniques for intelligence gathering and enumeration, identifying server-side vulnerabilities like SQL injection, command injection, and template injection, and analyzing business logic flaws. The text also examines client-side attacks such as cross-site scripting and cross-site request forgery, file system vulnerabilities, authentication and authorization weaknesses including those in JWT and OAuth, and attacks against web services like SOAP, REST, and GraphQL. Finally, it discusses techniques for evading Web Application Firewalls and best practices for pentest report writing.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Web-Hacking-Arsenal-Practical-Pentesting/dp/1032447192?&linkCode=ll1&tag=cvthunderx-20&linkId=f8e0c086d09ecefde10236ae0f9381ba&language=en_US&ref_=as_li_ss_tl
    Más Menos
    31 m
  • JavaScript for Sound Artists

    JavaScript for Sound Artists
    May 21 2025
    It is a guide for individuals interested in creating interactive audio applications using JavaScript within a web browser. The book introduces foundational JavaScript concepts such as variables, data types, functions, and object-oriented programming, while also providing detailed explanations of how to use the Web Audio API for tasks like generating and manipulating sound. It covers implementing common audio effects and building practical applications like a spectrum analyzer and a step sequencer. The text emphasizes a hands-on, example-based learning approach, suggesting that readers connect new programming knowledge to their existing understanding of audio technology.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/JavaScript-Sound-Artists-William-Turner/dp/103206272X?&linkCode=ll1&tag=cvthunderx-20&linkId=7595c846a1e2add9fcfe62e624e88c52&language=en_US&ref_=as_li_ss_tl
    Más Menos
    18 m
  • Building Your Own JavaScript Framework: Architect extensible and reusable framework systems

    Building Your Own JavaScript Framework: Architect extensible and reusable framework systems
    May 21 2025
    It covers various aspects of JavaScript framework development, ranging from historical context and the evolution of the ecosystem to core architectural patterns, tooling, testing, documentation, and considerations for long-term maintenance. The text also includes a foreword by Mike Taylor of Google, contributor information, technical requirements, and excerpts from several chapters that illustrate concepts like abstractions, framework building blocks, internal architecture, ensuring usability and quality, and the process of creating a full stack framework by example.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Building-Your-Own-JavaScript-Framework/dp/1804617407?&linkCode=ll1&tag=cvthunderx-20&linkId=af448778a771de7475b38812b40aed02&language=en_US&ref_=as_li_ss_tl
    Más Menos
    27 m
  • Visual Threat Intelligence: An Illustrated Guide For Threat Researchers

    Visual Threat Intelligence: An Illustrated Guide For Threat Researchers
    May 20 2025
    Beginning with fundamental concepts like the intelligence lifecycle and various gathering disciplines such as OSINT, HUMINT, GEOINT, SIGINT, and FININT. It explores identifying and profiling threat actors, discussing motivations, the Diamond Model, TTPs, attribution challenges, and the MITRE ATT&CK framework, while also highlighting the Unprotect Project as a resource for malware evasion techniques. Furthermore, the text examines Indicators of Compromise (IOCs), their lifecycle, the Pyramid of Pain for prioritization, and the crucial skill of pivoting during investigations. The sources also touch upon essential tools for threat analysis, including YARA, Sigma rules for log analysis, and the MSTICpy Python library, concluding with a look at impactful cyberattacks like NotPetya and Shamoon, the complexities of false flags, and a glimpse into the cybercrime ecosystem.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Visual-Threat-Intelligence-Illustrated-Researchers/dp/B0C7JCF8XD?&linkCode=ll1&tag=cvthunderx-20&linkId=7338fa70ea706bf82f2fd223a64ef23d&language=en_US&ref_=as_li_ss_tl
    Más Menos
    18 m
  • 12 Twisted Python Projects for Young Coders

    12 Twisted Python Projects for Young Coders
    May 20 2025
    Designed to teach programming to beginners in a fun and engaging way. The book focuses on using the Python language along with the guizero library to create Graphical User Interfaces (GUIs) through twelve distinct projects. The included chapters detail how to build a "Hello GUI" introduction, a "Joke Machine" using random selection from a list, and a "F.A.R.T. box" soundboard incorporating buttons, image display, and audio playback. Appendices provide essential guidance on installing Python and guizero across different operating systems, as well as explaining key guizero components like elements and widgets.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary
    Más Menos
    16 m
  • Think Like a Software Engineering Manager

    Think Like a Software Engineering Manager
    May 19 2025
    Explores the fundamental role of an engineering manager (EM), contrasting it with that of an individual contributor (IC) and addressing common misconceptions about the transition. It emphasizes the crucial aspects of managing people, teams, and oneself, covering topics such as performance management, delegation, recognition, hiring, and addressing attrition. The text also details essential skills for project delivery and execution, including working effectively with cross-functional partners and setting clear expectations. Finally, it highlights the importance of process-oriented skills like embracing DevOps and operational excellence, navigating organizational change, and mastering time management for success as an EM.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Think-Like-Software-Engineering-Manager/dp/1633438430?&linkCode=ll1&tag=cvthunderx-20&linkId=b0f2b522831f779129be2488e8331c8a&language=en_US&ref_=as_li_ss_tl
    Más Menos
    15 m
  • The Vulnerability Researcher's Handbook: A comprehensive guide to discovering, reporting, and publishing security vulnerabilities

    The Vulnerability Researcher's Handbook: A comprehensive guide to discovering, reporting, and publishing security vulnerabilities
    May 19 2025
    It explains the software vulnerability life cycle, from inception to deprecation, and discusses different types of vulnerabilities, such as cross-site scripting and SQL injection. The text also covers the use of vulnerability scanning tools and the importance of organizing research and using templates and resources. Crucially, it outlines various vulnerability disclosure methods, including responsible disclosure, private disclosure, and independent publishing, while also exploring the complexities of working with vendors, including navigating potential hostility and mediation options. Finally, the book emphasizes the characteristics and motivations of security researchers and offers guidance on how vendors can build trust and collaborate effectively with them.

    You can listen and download our episodes for free on more than 10 different platforms:
    https://linktr.ee/cyber_security_summary

    Get the Book now from Amazon:
    https://www.amazon.com/Vulnerability-Researchers-Handbook-comprehensive-vulnerabilities-ebook/dp/B0BHKGNDMP?&linkCode=ll1&tag=cvthunderx-20&linkId=b7269b93f4baf12ee7933ae8b541fd45&language=en_US&ref_=as_li_ss_tl
    Más Menos
    25 m
adbl_web_global_use_to_activate_T1_webcro805_stickypopup