Thursday, 26 January 2012

CISSP: Certified Information Systems Security Professional Study Guide, 5th Edition - 2011


Description:
Date:2011-01-25 |Language:English|Format:PDF|Size:5.81 MB
Totally updated for 2011, here's the ultimate study guide for the CISSP exam Considered the most desired certification for IT security professionals, the Certified Information Systems Security Professional designation is also a career-booster. This comprehensive study guide covers every aspect of the 2011 exam and the latest revision of the CISSP body of knowledge. It offers advice on how to pass each section of the exam and features expanded coverage of biometrics, auditing and accountability, software security testing, and other key topics. Included is a CD with two full-length, 250-question sample exams to test your progress. CISSP certification identifies the ultimate IT security professional; this complete study guide is fully updated to cover all the objectives of the 2011 CISSP exam Provides in-depth knowledge of access control, application development security, business continuity and disaster recovery planning, cryptography, Information Security governance and risk management, operations security, physical (environmental) security, security architecture and design, and telecommunications and network security Also covers legal and regulatory investigation and compliance Includes two practice exams and challenging review questions on the CD Professionals seeking the CISSP certification will boost their chances of success with CISSP: Certified Information Systems Security Professional Study Guide, 5th Edition.

Wednesday, 18 January 2012

XSS – Cross Site Scripting Attack & Prevention (Basics)


Cross-site scripting is a security vulnerability associated with web applications, where an attacker injects client-side scripting (malicious) code  into server pages which is then served to another users of the web application.  XSS attack is typically focused on

  • cookie hijacking/poisoning.
  • user session hijacking.
  • user identity theft.
  • gaining free access to paid contents.
  • redirecting users to another websites.
  • false advertisements or defamation.

VMware Workstation v7.0.185517 x86:x64 - MediaFire Download


VMware.Workstation.v7.0.185517.T.P.x86.x64

VMware Workstation v7.0.185517
VMware Workstation 8 is your on-ramp to the cloud. With over 50+ new features, it's going to dramatically change the way you work with virtual machines. Save time, enhance collaboration, and do more than you ever thought possible with a PC.

Access Anytime, Anywhere
VMware Workstation provides a seamless way to access all of the virtual machines you need, regardless of where they are running. Connect to Server enables remote connections to virtual machines running on VMware Workstation, VMware vSphere, and VMware vCenter. Now you can work with local and server hosted virtual machines side by side within the same interface. You are no longer constrained by the power of your PC to run multiple virtual machines at the same time.

Sunday, 15 January 2012

CISA - Certified Information Systems Auditor Study Guide (Sybex)


Book Description

Publication Date: May 8, 2006 | ISBN-10: 0782144381 | ISBN-13: 978-0782144383

Demand for qualified and certified information systems (IS) auditors has increased dramatically since the adoption of the Sarbanes-Oxley Act in 2002. Now you can prepare for CISA certification, the one certification designed specifically for IS auditors, and improve your job skills with this valuable book. Not only will you get the valuable preparation you need for the CISA exam, you?ll also find practical information to prepare you for the real world. This invaluable guide contains:

Tuesday, 10 January 2012

Burp Suite- A Web Application Scanner(P.T.)



There are so many tools available for web application testing, and every tools has its own importance either it is commercial tool or it is open source tool. The main agenda of the scanning is to find out the possible vulnerabilities and fix them before a hacker find it and exploit it.

Every pen-tester has their own list of toolkit, and i am sure burp suite is the most common one, burp suite is a most favourite tool for web application testing.


It is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Sunday, 8 January 2012

Hide Multiple Tabs on Browser in just One Click | Panic Button Extension for Chrome

Panic Button Chrome Extension


Panic Button Chrome Extension – Review, Features.

Very often users tend to visit websites which are banned at workplace or in college. After visiting such sites, users might get worried that they may get caught. But do not worry. Panic Button is one of the great Chrome extensions which allow users to hide all the tabs with a single click. With another click all the hidden tabs can be restored in the same manner as they were open. After clicking on the icon of the extension, it shows users as to how many tabs are hidden.

Paros Proxy-Web Application Security Assessment



Paros proxy is a web application security assessment tool used to measure the security of a web application. It allows you to see what data exactly do you submit with your HTML form with Post method?

Just like other web application security tools paros can be used to find out the SQL-injection and XSS (Cross site scripting) vulnerability on a web application.

Paros is a Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.