舉報 
會員
Security with Go
SecuritywithGoisaimedatdeveloperswithbasicsinGotothelevelthattheycanwritetheirownscriptsandsmallprogramswithoutdifficulty.Readersshouldbefamiliarwithsecurityconcepts,andfamiliaritywithPythonsecurityapplicationsandlibrariesisanadvantage,butnotanecessity.
目錄(297章)
倒序
- coverpage
- Title Page
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Conventions used
- Get in touch
- Reviews
- Introduction to Security with Go
- About Go
- Go language design
- The History of Go
- Adoption and community
- Common criticisms about Go
- The Go toolchain
- Go mascot
- Learning Go
- Why use Go?
- Why use Go for security?
- Why not use Python?
- Why not use Java?
- Why not use C++?
- Development environment
- Installing Go on other platforms
- Other Linux distributions
- Windows
- Mac
- Setting up Go
- Creating your workspace
- Setting up environment variables
- Editors
- Creating your first package
- Writing your first program
- Running the executable file
- Building the executable file
- Installing the executable file
- Formatting with go fmt
- Running Go examples
- Building a single Go file
- Running a single Go file
- Building multiple Go files
- Building a folder (package)
- Installing a program for use
- Summary
- The Go Programming Language
- Go language specification
- The Go playground
- A tour of Go
- Keywords
- Notes about source code
- Comments
- Types
- Boolean
- Numeric
- Generic numbers
- Specific numbers
- Unsigned integers
- Signed integers
- Floating point numbers
- Other numeric types
- String
- Array
- Slice
- Struct
- Pointer
- Function
- Interface
- Map
- Channel
- Control structures
- if
- for
- range
- switch case fallthrough and default
- goto
- Defer
- Packages
- Classes
- Inheritance
- Polymorphism
- Constructors
- Methods
- Operator overloading
- Goroutines
- Getting help and documentation
- Online Go documentation
- Offline Go documentation
- Summary
- Working with Files
- File basics
- Creating an empty file
- Truncating a file
- Getting the file info
- Renaming a file
- Deleting a file
- Opening and closing files
- Checking whether a file exists
- Checking read and write permissions
- Changing permissions ownership and timestamps
- Hard links and symlinks
- Reading and writing
- Copying a file
- Seeking positions in a file
- Writing bytes to a file
- Quickly writing to a file
- Buffered writer
- Reading up to n bytes from a file
- Reading exactly n bytes
- Reading at least n bytes
- Reading all bytes of a file
- Quickly reading whole files to memory
- Buffered reader
- Reading with a scanner
- Archives
- Archive (ZIP) files
- Extracting (unzip) archived files
- Compression
- Compressing a file
- Uncompressing a File
- Creating temporary files and directories
- Downloading a file over HTTP
- Summary
- Forensics
- Files
- Getting file information
- Finding the largest files
- Finding recently modified files
- Reading the boot sector
- Steganography
- Generating an image with random noise
- Creating a ZIP archive
- Creating a steganographic image archive
- Detecting a ZIP archive in a JPEG image
- Network
- Looking up a hostname from an IP address
- Looking up IP addresses from a hostname
- Looking up MX records
- Looking up nameservers for a hostname
- Summary
- Packet Capturing and Injection
- Prerequisites
- Installing libpcap and Git
- Installing libpcap on Ubuntu
- Installing libpcap on Windows
- Installing libpcap on macOS
- Installing gopacket
- Permission problems
- Getting a list of network devices
- Capturing packets
- Capturing with filters
- Saving to the pcap file
- Reading from a pcap file
- Decoding packet layers
- Creating a custom layer
- Converting bytes to and from packets
- Creating and sending packets
- Decoding packets faster
- Summary
- Cryptography
- Hashing
- Hashing small files
- Hashing large files
- Storing passwords securely
- Encryption
- Cryptographically secure pseudo-random number generator (CSPRNG)
- Symmetric encryption
- AES
- Asymmetric encryption
- Generating a public and private key pair
- Digitally signing a message
- Verifying a signature
- TLS
- Generating a self-signed certificate
- Creating a certificate signing request
- Signing a certificate request
- TLS server
- TLS client
- Other encryption packages
- OpenPGP
- Off The Record (OTR) messaging
- Summary
- Secure Shell (SSH)
- Using the Go SSH client
- Authentication methods
- Authenticating with a password
- Authenticating with private key
- Verifying remote host
- Executing a command over SSH
- Starting an interactive shell
- Summary
- Brute Force
- Brute forcing HTTP basic authentication
- Brute forcing the HTML login form
- Brute forcing SSH
- Brute forcing database login
- Summary
- Web Applications
- HTTP server
- Simple HTTP servers
- HTTP basic auth
- Using HTTPS
- Creating secure cookies
- HTML escaping output
- Middleware with Negroni
- Logging requests
- Adding secure HTTP headers
- Serving static files
- Other best practices
- CSRF tokens
- Preventing user enumeration and abuse
- Registration
- Login
- Resetting the password
- User profiles
- Preventing LFI and RFI abuse
- Contaminated files
- HTTP client
- The basic HTTP request
- Using the client SSL certificate
- Using a proxy
- Using system proxy
- Using a specific HTTP proxy
- Using a SOCKS5 proxy (Tor)
- Summary
- Web Scraping
- Web scraping fundamentals
- Finding strings in HTTP responses with the strings package
- Using regular expressions to find email addresses in a page
- Extracting HTTP headers from an HTTP response
- Setting cookies with an HTTP client
- Finding HTML comments in a web page
- Finding unlisted files on a web server
- Changing the user agent of a request
- Fingerprinting web application technology stacks
- Fingerprinting based on HTTP response headers
- Fingerprinting web applications
- How to prevent fingerprinting of your applications
- Using the goquery package for web scraping
- Listing all hyperlinks in a page
- Finding documents in a web page
- Listing page title and headings
- Crawling pages on the site that store the most common words
- Printing a list of external JavaScript files in a page
- Depth-first crawling
- Breadth-first crawling
- How to protect against web scraping
- Summary
- Host Discovery and Enumeration
- TCP and UDP sockets
- Creating a server
- Creating a client
- Port scanning
- Grabbing a banner from a service
- Creating a TCP proxy
- Finding named hosts on a network
- Fuzzing a network service
- Summary
- Social Engineering
- Gathering intel via JSON REST API
- Sending phishing emails with SMTP
- Generating QR codes
- Base64 encoding data
- Honeypots
- TCP honeypot
- The TCP testing tool
- HTTP POST form login honeypot
- HTTP form field honeypots
- Sandboxing
- Summary
- Post Exploitation
- Cross compiling
- Creating bind shells
- Creating reverse bind shells
- Creating web shells
- Finding writable files
- Changing file timestamp
- Changing file permissions
- Changing file ownership
- Summary
- Conclusions
- Recapping the topics you have learned
- More thoughts on the usage of Go
- What I hope you take away from the book
- Be aware of legal ethical and technical boundaries
- Where to go from here
- Getting help and learning more
- Another Book You May Enjoy
- Leave a review – let other readers know what you think 更新時間:2021-06-30 19:07:25
推薦閱讀
- 走進奇妙的數學世界(小學一二年級)
- 奇妙數學史:數字與生活
- 線性代數及其應用(原書第6版)
- Hands-On Blockchain Development in 7 Days
- 世界是隨機的:大數據時代的概率統計學
- 你學的數學可能是假的
- 數學的力量
- 排序問題的數學規劃松弛方法
- 丈量世界:時間、空間與數學(萬物皆數學)
- 數學要素(全彩圖解 + 微課 + Python編程)
- 經濟數學(二):線性代數、概率論及數理統計
- 線性代數
- 黎曼猜想漫談:一場攀登數學高峰的天才盛宴
- Radioss 基礎理論與工程高級應用
- 在動手實驗中學習科學與數學
- 歐幾里得之窗
- 10倍速心算:寫給中小學生的56個心算技巧
- 機器學習數學基礎
- 初等數論(第三版)
- 時滯相關隨機系統的分析、控制與模型降階
- AP微積分基礎教程
- 數學世界的探奇之旅
- 高等數學(下冊)
- 基于MATLAB的人工智能模式識別
- 數學方法論與數學文化專題探析
- 炫酷的數學趣聞
- MATLAB科學計算從入門到精通
- 幾何原本
- 線性代數與概率統計學習指南:富媒體
- 神秘的數學之謎
