舉報(bào) 
會(huì)員
Security with Go
SecuritywithGoisaimedatdeveloperswithbasicsinGotothelevelthattheycanwritetheirownscriptsandsmallprogramswithoutdifficulty.Readersshouldbefamiliarwithsecurityconcepts,andfamiliaritywithPythonsecurityapplicationsandlibrariesisanadvantage,butnotanecessity.
最新章節(jié)
- Leave a review – let other readers know what you think
- Another Book You May Enjoy
- Getting help and learning more
- Where to go from here
- Be aware of legal ethical and technical boundaries
- What I hope you take away from the book
品牌:中圖公司
上架時(shí)間:2021-06-30 18:30:03
出版社:Packt Publishing
本書數(shù)字版權(quán)由中圖公司提供,并由其授權(quán)上海閱文信息技術(shù)有限公司制作發(fā)行
- Leave a review – let other readers know what you think 更新時(shí)間:2021-06-30 19:07:25
- Another Book You May Enjoy
- Getting help and learning more
- Where to go from here
- Be aware of legal ethical and technical boundaries
- What I hope you take away from the book
- More thoughts on the usage of Go
- Recapping the topics you have learned
- Conclusions
- Summary
- Changing file ownership
- Changing file permissions
- Changing file timestamp
- Finding writable files
- Creating web shells
- Creating reverse bind shells
- Creating bind shells
- Cross compiling
- Post Exploitation
- Summary
- Sandboxing
- HTTP form field honeypots
- HTTP POST form login honeypot
- The TCP testing tool
- TCP honeypot
- Honeypots
- Base64 encoding data
- Generating QR codes
- Sending phishing emails with SMTP
- Gathering intel via JSON REST API
- Social Engineering
- Summary
- Fuzzing a network service
- Finding named hosts on a network
- Creating a TCP proxy
- Grabbing a banner from a service
- Port scanning
- Creating a client
- Creating a server
- TCP and UDP sockets
- Host Discovery and Enumeration
- Summary
- How to protect against web scraping
- Breadth-first crawling
- Depth-first crawling
- Printing a list of external JavaScript files in a page
- Crawling pages on the site that store the most common words
- Listing page title and headings
- Finding documents in a web page
- Listing all hyperlinks in a page
- Using the goquery package for web scraping
- How to prevent fingerprinting of your applications
- Fingerprinting web applications
- Fingerprinting based on HTTP response headers
- Fingerprinting web application technology stacks
- Changing the user agent of a request
- Finding unlisted files on a web server
- Finding HTML comments in a web page
- Setting cookies with an HTTP client
- Extracting HTTP headers from an HTTP response
- Using regular expressions to find email addresses in a page
- Finding strings in HTTP responses with the strings package
- Web scraping fundamentals
- Web Scraping
- Summary
- Using a SOCKS5 proxy (Tor)
- Using a specific HTTP proxy
- Using system proxy
- Using a proxy
- Using the client SSL certificate
- The basic HTTP request
- HTTP client
- Contaminated files
- Preventing LFI and RFI abuse
- User profiles
- Resetting the password
- Login
- Registration
- Preventing user enumeration and abuse
- CSRF tokens
- Other best practices
- Serving static files
- Adding secure HTTP headers
- Logging requests
- Middleware with Negroni
- HTML escaping output
- Creating secure cookies
- Using HTTPS
- HTTP basic auth
- Simple HTTP servers
- HTTP server
- Web Applications
- Summary
- Brute forcing database login
- Brute forcing SSH
- Brute forcing the HTML login form
- Brute forcing HTTP basic authentication
- Brute Force
- Summary
- Starting an interactive shell
- Executing a command over SSH
- Verifying remote host
- Authenticating with private key
- Authenticating with a password
- Authentication methods
- Using the Go SSH client
- Secure Shell (SSH)
- Summary
- Off The Record (OTR) messaging
- OpenPGP
- Other encryption packages
- TLS client
- TLS server
- Signing a certificate request
- Creating a certificate signing request
- Generating a self-signed certificate
- TLS
- Verifying a signature
- Digitally signing a message
- Generating a public and private key pair
- Asymmetric encryption
- AES
- Symmetric encryption
- Cryptographically secure pseudo-random number generator (CSPRNG)
- Encryption
- Storing passwords securely
- Hashing large files
- Hashing small files
- Hashing
- Cryptography
- Summary
- Decoding packets faster
- Creating and sending packets
- Converting bytes to and from packets
- Creating a custom layer
- Decoding packet layers
- Reading from a pcap file
- Saving to the pcap file
- Capturing with filters
- Capturing packets
- Getting a list of network devices
- Permission problems
- Installing gopacket
- Installing libpcap on macOS
- Installing libpcap on Windows
- Installing libpcap on Ubuntu
- Installing libpcap and Git
- Prerequisites
- Packet Capturing and Injection
- Summary
- Looking up nameservers for a hostname
- Looking up MX records
- Looking up IP addresses from a hostname
- Looking up a hostname from an IP address
- Network
- Detecting a ZIP archive in a JPEG image
- Creating a steganographic image archive
- Creating a ZIP archive
- Generating an image with random noise
- Steganography
- Reading the boot sector
- Finding recently modified files
- Finding the largest files
- Getting file information
- Files
- Forensics
- Summary
- Downloading a file over HTTP
- Creating temporary files and directories
- Uncompressing a File
- Compressing a file
- Compression
- Extracting (unzip) archived files
- Archive (ZIP) files
- Archives
- Reading with a scanner
- Buffered reader
- Quickly reading whole files to memory
- Reading all bytes of a file
- Reading at least n bytes
- Reading exactly n bytes
- Reading up to n bytes from a file
- Buffered writer
- Quickly writing to a file
- Writing bytes to a file
- Seeking positions in a file
- Copying a file
- Reading and writing
- Hard links and symlinks
- Changing permissions ownership and timestamps
- Checking read and write permissions
- Checking whether a file exists
- Opening and closing files
- Deleting a file
- Renaming a file
- Getting the file info
- Truncating a file
- Creating an empty file
- File basics
- Working with Files
- Summary
- Offline Go documentation
- Online Go documentation
- Getting help and documentation
- Goroutines
- Operator overloading
- Methods
- Constructors
- Polymorphism
- Inheritance
- Classes
- Packages
- Defer
- goto
- switch case fallthrough and default
- range
- for
- if
- Control structures
- Channel
- Map
- Interface
- Function
- Pointer
- Struct
- Slice
- Array
- String
- Other numeric types
- Floating point numbers
- Signed integers
- Unsigned integers
- Specific numbers
- Generic numbers
- Numeric
- Boolean
- Types
- Comments
- Notes about source code
- Keywords
- A tour of Go
- The Go playground
- Go language specification
- The Go Programming Language
- Summary
- Installing a program for use
- Building a folder (package)
- Building multiple Go files
- Running a single Go file
- Building a single Go file
- Running Go examples
- Formatting with go fmt
- Installing the executable file
- Building the executable file
- Running the executable file
- Writing your first program
- Creating your first package
- Editors
- Setting up environment variables
- Creating your workspace
- Setting up Go
- Mac
- Windows
- Other Linux distributions
- Installing Go on other platforms
- Development environment
- Why not use C++?
- Why not use Java?
- Why not use Python?
- Why use Go for security?
- Why use Go?
- Learning Go
- Go mascot
- The Go toolchain
- Common criticisms about Go
- Adoption and community
- The History of Go
- Go language design
- About Go
- Introduction to Security with Go
- Reviews
- Get in touch
- Conventions used
- Download the example code files
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewer
- About the author
- Contributors
- PacktPub.com
- Why subscribe?
- Packt Upsell
- Title Page
- coverpage
- coverpage
- Title Page
- Packt Upsell
- Why subscribe?
- PacktPub.com
- Contributors
- About the author
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the example code files
- Conventions used
- Get in touch
- Reviews
- Introduction to Security with Go
- About Go
- Go language design
- The History of Go
- Adoption and community
- Common criticisms about Go
- The Go toolchain
- Go mascot
- Learning Go
- Why use Go?
- Why use Go for security?
- Why not use Python?
- Why not use Java?
- Why not use C++?
- Development environment
- Installing Go on other platforms
- Other Linux distributions
- Windows
- Mac
- Setting up Go
- Creating your workspace
- Setting up environment variables
- Editors
- Creating your first package
- Writing your first program
- Running the executable file
- Building the executable file
- Installing the executable file
- Formatting with go fmt
- Running Go examples
- Building a single Go file
- Running a single Go file
- Building multiple Go files
- Building a folder (package)
- Installing a program for use
- Summary
- The Go Programming Language
- Go language specification
- The Go playground
- A tour of Go
- Keywords
- Notes about source code
- Comments
- Types
- Boolean
- Numeric
- Generic numbers
- Specific numbers
- Unsigned integers
- Signed integers
- Floating point numbers
- Other numeric types
- String
- Array
- Slice
- Struct
- Pointer
- Function
- Interface
- Map
- Channel
- Control structures
- if
- for
- range
- switch case fallthrough and default
- goto
- Defer
- Packages
- Classes
- Inheritance
- Polymorphism
- Constructors
- Methods
- Operator overloading
- Goroutines
- Getting help and documentation
- Online Go documentation
- Offline Go documentation
- Summary
- Working with Files
- File basics
- Creating an empty file
- Truncating a file
- Getting the file info
- Renaming a file
- Deleting a file
- Opening and closing files
- Checking whether a file exists
- Checking read and write permissions
- Changing permissions ownership and timestamps
- Hard links and symlinks
- Reading and writing
- Copying a file
- Seeking positions in a file
- Writing bytes to a file
- Quickly writing to a file
- Buffered writer
- Reading up to n bytes from a file
- Reading exactly n bytes
- Reading at least n bytes
- Reading all bytes of a file
- Quickly reading whole files to memory
- Buffered reader
- Reading with a scanner
- Archives
- Archive (ZIP) files
- Extracting (unzip) archived files
- Compression
- Compressing a file
- Uncompressing a File
- Creating temporary files and directories
- Downloading a file over HTTP
- Summary
- Forensics
- Files
- Getting file information
- Finding the largest files
- Finding recently modified files
- Reading the boot sector
- Steganography
- Generating an image with random noise
- Creating a ZIP archive
- Creating a steganographic image archive
- Detecting a ZIP archive in a JPEG image
- Network
- Looking up a hostname from an IP address
- Looking up IP addresses from a hostname
- Looking up MX records
- Looking up nameservers for a hostname
- Summary
- Packet Capturing and Injection
- Prerequisites
- Installing libpcap and Git
- Installing libpcap on Ubuntu
- Installing libpcap on Windows
- Installing libpcap on macOS
- Installing gopacket
- Permission problems
- Getting a list of network devices
- Capturing packets
- Capturing with filters
- Saving to the pcap file
- Reading from a pcap file
- Decoding packet layers
- Creating a custom layer
- Converting bytes to and from packets
- Creating and sending packets
- Decoding packets faster
- Summary
- Cryptography
- Hashing
- Hashing small files
- Hashing large files
- Storing passwords securely
- Encryption
- Cryptographically secure pseudo-random number generator (CSPRNG)
- Symmetric encryption
- AES
- Asymmetric encryption
- Generating a public and private key pair
- Digitally signing a message
- Verifying a signature
- TLS
- Generating a self-signed certificate
- Creating a certificate signing request
- Signing a certificate request
- TLS server
- TLS client
- Other encryption packages
- OpenPGP
- Off The Record (OTR) messaging
- Summary
- Secure Shell (SSH)
- Using the Go SSH client
- Authentication methods
- Authenticating with a password
- Authenticating with private key
- Verifying remote host
- Executing a command over SSH
- Starting an interactive shell
- Summary
- Brute Force
- Brute forcing HTTP basic authentication
- Brute forcing the HTML login form
- Brute forcing SSH
- Brute forcing database login
- Summary
- Web Applications
- HTTP server
- Simple HTTP servers
- HTTP basic auth
- Using HTTPS
- Creating secure cookies
- HTML escaping output
- Middleware with Negroni
- Logging requests
- Adding secure HTTP headers
- Serving static files
- Other best practices
- CSRF tokens
- Preventing user enumeration and abuse
- Registration
- Login
- Resetting the password
- User profiles
- Preventing LFI and RFI abuse
- Contaminated files
- HTTP client
- The basic HTTP request
- Using the client SSL certificate
- Using a proxy
- Using system proxy
- Using a specific HTTP proxy
- Using a SOCKS5 proxy (Tor)
- Summary
- Web Scraping
- Web scraping fundamentals
- Finding strings in HTTP responses with the strings package
- Using regular expressions to find email addresses in a page
- Extracting HTTP headers from an HTTP response
- Setting cookies with an HTTP client
- Finding HTML comments in a web page
- Finding unlisted files on a web server
- Changing the user agent of a request
- Fingerprinting web application technology stacks
- Fingerprinting based on HTTP response headers
- Fingerprinting web applications
- How to prevent fingerprinting of your applications
- Using the goquery package for web scraping
- Listing all hyperlinks in a page
- Finding documents in a web page
- Listing page title and headings
- Crawling pages on the site that store the most common words
- Printing a list of external JavaScript files in a page
- Depth-first crawling
- Breadth-first crawling
- How to protect against web scraping
- Summary
- Host Discovery and Enumeration
- TCP and UDP sockets
- Creating a server
- Creating a client
- Port scanning
- Grabbing a banner from a service
- Creating a TCP proxy
- Finding named hosts on a network
- Fuzzing a network service
- Summary
- Social Engineering
- Gathering intel via JSON REST API
- Sending phishing emails with SMTP
- Generating QR codes
- Base64 encoding data
- Honeypots
- TCP honeypot
- The TCP testing tool
- HTTP POST form login honeypot
- HTTP form field honeypots
- Sandboxing
- Summary
- Post Exploitation
- Cross compiling
- Creating bind shells
- Creating reverse bind shells
- Creating web shells
- Finding writable files
- Changing file timestamp
- Changing file permissions
- Changing file ownership
- Summary
- Conclusions
- Recapping the topics you have learned
- More thoughts on the usage of Go
- What I hope you take away from the book
- Be aware of legal ethical and technical boundaries
- Where to go from here
- Getting help and learning more
- Another Book You May Enjoy
- Leave a review – let other readers know what you think 更新時(shí)間:2021-06-30 19:07:25
