مقالات در عشق
Essays in love
معرفی کتاب «مقالات در عشق» (با عنوان لاتین Essays in love) نوشتهٔ JOSHUA ARVIN. LAT و De Botton, Alain، منتشرشده توسط نشر 0. این کتاب در فرمت rtf، زبان انگلیسی ارائه شده است.
Take your penetration testing career to the next level by discovering how to set up and exploit cost-effective hacking lab environments on AWS, Azure, and GCP Key Features Explore strategies for managing the complexity, cost, and security of running labs in the cloud Unlock the power of infrastructure as code and generative AI when building complex lab environments Learn how to build pentesting labs that mimic modern environments on AWS, Azure, and GCP Purchase of the print or Kindle book includes a free PDF eBook Book Description The significant increase in the number of cloud-related threats and issues has led to a surge in the demand for cloud security professionals. This book will help you set up vulnerable-by-design environments in the cloud to minimize the risks involved while learning all about cloud penetration testing and ethical hacking. This step-by-step guide begins by helping you design and build penetration testing labs that mimic modern cloud environments running on AWS, Azure, and Google Cloud Platform (GCP). Next, you'll find out how to use infrastructure as code (IaC) solutions to manage a variety of lab environments in the cloud. As you advance, you'll discover how generative AI tools, such as ChatGPT, can be leveraged to accelerate the preparation of IaC templates and configurations. You'll also learn how to validate vulnerabilities by exploiting misconfigurations and vulnerabilities using various penetration testing tools and techniques. Finally, you'll explore several practical strategies for managing the complexity, cost, and risks involved when dealing with penetration testing lab environments in the cloud. By the end of this penetration testing book, you'll be able to design and build cost-effective vulnerable cloud lab environments where you can experiment and practice different types of attacks and penetration testing techniques. What you will learn Build vulnerable-by-design labs that mimic modern cloud environments Find out how to manage the risks associated with cloud lab environments Use infrastructure as code to automate lab infrastructure deployments Validate vulnerabilities present in penetration testing labs Find out how to manage the costs of running labs on AWS, Azure, and GCP Set up IAM privilege escalation labs for advanced penetration testing Use generative AI tools to generate infrastructure as code templates Import the Kali Linux Generic Cloud Image to the cloud with ease Who this book is for This book is for security engineers, cloud engineers, and aspiring security professionals who want to learn more about penetration testing and cloud security. Other tech professionals working on advancing their career in cloud security who want to learn how to manage the complexity, costs, and risks associated with building and managing hacking lab environments in the cloud will find this book useful. Table of Contents Getting Started with Penetration Testing Labs in the Cloud Preparing Our First Vulnerable Cloud Lab Environment Succeeding with Infrastructure as Code Tools and Strategies Setting Up Isolated Penetration Testing Lab Environments on GCP Setting Up Isolated Penetration Testing Lab Environments on Azure Setting Up Isolated Penetration Testing Lab Environments on AWS Setting Up an IAM Privilege Escalation Lab Designing and Building a Vulnerable Active Directory Lab Recommended Strategies and Best Practices Cover Title Page Copyright and Credits Contributors Table of Contents Preface Part 1: A Gentle Introduction to Vulnerable-by-Design Environments Chapter 1: Getting Started with Penetration Testing Labs in the Cloud Why build your penetration testing labs in the cloud? Recognizing the impact of cloud computing on the cybersecurity landscape Exploring how modern cloud applications are designed, developed, and deployed Examining the considerations when building penetration testing lab environments in the cloud Summary Further reading Chapter 2: Preparing Our First Vulnerable Cloud Lab Environment Technical requirements Designing our first cloud penetration testing lab environment Preparing our first vulnerable environment Creating an empty S3 bucket Configuring the S3 bucket to host a static website Updating the S3 bucket configuration settings Uploading files to the S3 bucket Testing and hacking our first vulnerable environment Inspecting and verifying the S3 bucket’s security Downloading and inspecting the files stored in the S3 bucket Cleaning up Summary Further reading Chapter 3: Succeeding with Infrastructure as Code Tools and Strategies Technical requirements Diving deeper into IaC tools and strategies Demystifying IaC Leveraging IaC for penetration testing labs Embracing IaC best practices and strategies Setting up Terraform in AWS CloudShell Getting our feet wet with Terraform Understanding the core Terraform workflow Testing our Terraform setup with a Hello World example Understanding the Terraform configuration language Demystifying commonly used Terraform configuration blocks Working with simple Terraform configurations Building our vulnerable lab environment with Terraform Part 1 of 4 – Creating an S3 bucket with Terraform Part 2 of 4 – Updating the security configuration of the S3 bucket Part 3 of 4 – Uploading files to the S3 bucket Part 4 of 4 – Cleaning up and deleting the S3 bucket Configuring a Terraform backend with state locking Understanding Terraform remote backends Configuring a Terraform remote backend Verifying the state-locking setup Part 1 of 4 – Adding a 60-second delay to the upload script Part 2 of 4 – Acquiring the state lock Part 3 of 4 – Testing our state-lock setup Part 4 of 4 – Cleaning up Summary Further reading Part 2: Setting Up Isolated Penetration Testing Lab Environments in the Cloud Chapter 4: Setting Up Isolated Penetration Testing Lab Environments on GCP Technical requirements Preparing the necessary components and prerequisites Part 1 of 3 – Retrieving the IP address of your local machine Part 2 of 3 – Setting up the Google Cloud project Part 3 of 3 – Generating SSH keys to access the attacker VM instance Defining the project structure Preparing the isolated network Setting up the target VM instance Part 1 of 2 – Preparing the target VM instance using Terraform Part 2 of 2 – Using the serial console to access the target VM instance Importing the Kali Linux Generic Cloud Image Manually setting up the attacker VM instance Part 1 of 3 – Manually launching the attacker instance Part 2 of 3 – Enabling browser access to our Kali Linux server Part 3 of 3 – Validating our setup Leveraging Terraform to automatically set up the attacker VM instance Part 1 of 3 – Creating a golden image Part 2 of 3 – Using Terraform to prepare the attacker VM instance Part 3 of 3 – Accessing the Kali Linux desktop environment Simulating penetration testing in an isolated network environment Cleaning up Summary Further reading Chapter 5: Setting Up Isolated Penetration Testing Lab Environments on Azure Technical requirements Preparing the necessary components and prerequisites Part 1 of 2 – Manually creating a resource group Part 2 of 2 – Generating SSH keys to access the attacker VM instance Defining the project’s structure Preparing the isolated network Setting up the target resources Part 1 of 2 – Preparing the target resources using Terraform Part 2 of 2 – Verifying our target VM instance setup Manually setting up the attacker VM instance Part 1 of 2 – Manually launching and setting up the attacker instance Part 2 of 2 – Verifying that our setup is working Leveraging Terraform to automatically set up the attacker VM instance Part 1 of 3 – Creating the golden image Part 2 of 3 – Deleting the manually created resources Part 3 of 3 – Preparing the Terraform configuration files Simulating penetration testing in the isolated network environment Part 1 of 4 – Scanning with Nmap Part 2 of 4 – Using the VNC login scanner module of Metasploit Part 3 of 4 – Breaking out of the container Part 4 of 4 – Locating the flags Cleaning up Summary Further reading Chapter 6: Setting Up Isolated Penetration Testing Lab Environments on AWS Technical requirements Leveraging Terraform to automatically set up the lab environment Validating network connectivity and security Part 1 of 3 – Authorizing the use of the serial console Part 2 of 3 – Manually verifying network connectivity with ping tests Part 3 of 3 – Using the Reachability Analyzer to validate network connectivity Setting up the attacker VM instance Simulating penetration testing in the isolated network environment Part 1 of 3 – Obtaining the first flag Part 2 of 3 – Pivoting to attack other resources Part 3 of 3 – Obtaining the second flag Cleaning up Summary Further reading Part 3: Exploring Advanced Strategies and Best Practices in Lab Environment Design Chapter 7: Setting Up an IAM Privilege Escalation Lab Technical requirements Preparing the Cloud9 environment Part 1 of 3 – Preparing the EC2 instance role Part 2 of 3 – Launching the Cloud9 environment Part 3 of 3 – Attaching the IAM role to the EC2 instance of the Cloud9 environment Setting up cloud resources and flags manually Part 1 of 3 – Preparing the QLDB resource with the first flag Part 2 of 3 – Setting up an S3 bucket with the second flag Part 3 of 3 – Creating a vulnerable Lambda execution role Leveraging Terraform to automatically set up target resources Part 1 of 4 – Setting up the file and folder structure Part 2 of 4 – Defining the iam_workshop_user module resources Part 3 of 4 – Defining the notebook_instance_role module resources Part 4 of 4 – Defining the notebook_instance module resources Using generative AI tools for exploit code generation Part 1 of 3 – Generating a Python function that returns an AWS account ID Part 2 of 3 – Generating a Python function that generates a random password Part 3 of 3 – Generating Python code that creates a new IAM user Simulating penetration testing in the lab environment Part 1 of 4 – Retrieving the flag from the S3 bucket Part 2 of 4 – Looking for vulnerable resources Part 3 of 4 – Using the Lambda execution role for privilege escalation Part 4 of 4 – Retrieving the flag from the ledger database Cleaning up Summary Further reading Chapter 8: Designing and Building a Vulnerable Active Directory Lab Technical requirements Preparing the necessary components and prerequisites Part 1 of 3 – Generating SSH keys to access the attacker VM instance Part 2 of 3 – Setting up the lab network environment with Terraform Part 3 of 3 – Accessing the attacker VM instance Launching the target VM instances Part 1 of 3 – Launching the VM instance for the domain controller Part 2 of 3 – Launching the VM instance for the workstation machine Part 3 of 3 – Testing network connectivity Setting up and configuring the Active Directory lab Part 1 of 1 – Installing Active Directory Domain Services Part 2 of 12 – Promoting the VM instance to become the domain controller Part 3 of 12 – Setting up Active Directory Certificate Services Part 4 of 12 – Configuring Active Directory Certificate Services Part 5 of 12 – Updating the trusted hosts configuration and enabling PowerShell Remoting Part 6 of 12 – Setting up the flag inside the domain controller Part 7 of 12 – Creating the John Doe user Part 8 of 12 – Creating the Jane Doe user Part 9 of 12 – Creating the Service Account user Part 10 of 12 – Setting up the SPN for the service account Part 11 of 12 – Adding the Service Account user to the Remote Management Users group Part 12 of 12 – Configuring the workstation machine Simulating penetration testing in the lab environment Cleaning up Summary Further reading Chapter 9: Recommended Strategies and Best Practices Technical requirements Increasing the complexity of penetration testing lab environments Leveraging Generative AI for estimating penetration testing lab costs Unleashing the power of AI-powered tools to accelerate automation script development Part 1 of 3 – Leveraging GitHub Copilot to speed up shell scripting Part 2 of 3 – Accelerating Python coding with Amazon CodeWhisperer Part 3 of 3 – Coding PowerShell scripts faster with Tabnine Pro Using AI-powered solutions to generate and explain IaC template code Part 1 of 2 – Using ChatGPT to generate Terraform templates Part 2 of 2 – Using GitHub Copilot Labs to explain existing Terraform templates Recognizing relevant considerations and practical strategies when building and automating lab environments Summary Index Other Books You May Enjoy
دانلود کتاب مقالات در عشق