How we did it:
For any feedback, any questions, any notes or just for chat - feel free to follow us on social networks
Steven Sanderson has seen the ASP.NET MVC framework mature from the start, so his experience, combined with comprehensive coverage of all its features, including those in the official MVC development toolkit, offers the clearest understanding of how this exciting framework could improve your coding efficiency—and you'll gain invaluable awareness of security, deployment, and interoperability challenges. The ASP.NET MVC Framework is the evolution of Microsoft's ASP.NET web platform. It introduced a radical high–productivity programming model that promotes cleaner code architecture, test–driven development, and powerful extensibility, combined with all the benefits of ASP.NET 3.5. An integral benefit of this book is that the core Model–View–Controller architectural concepts are not simply explained or discussed in isolation, but demonstrated in action. You'll work through an extended tutorial to create a working e–commerce web application that combines ASP.NET MVC with the latest C# 3.0 language features and unit–testing best practices. By gaining this invaluable, practical experience, you can discover MVCs strengths and weaknesses for yourself—and put your best learned theory into practice.
Mark E. Russinovich, David A. Solomon, Alex Ionescu
See how the core components of the Windows operating system work behind the scenes--guided by a team of internationally renowned internals experts. Fully updated for Windows Server(R) 2008 and Windows Vista(R), this classic guide delivers key architectural insights on system design, debugging, performance, and support--along with hands-on experiments to experience Windows internal behavior firsthand. Delve inside Windows architecture and internals: Understand how the core system and management mechanisms work--from the object manager to services to the registry Explore internal system data structures using tools like the kernel debugger Grasp the scheduler's priority and CPU placement algorithms Go inside the Windows security model to see how it authorizes access to data Understand how Windows manages physical and virtual memory Tour the Windows networking stack from top to bottom--including APIs, protocol drivers, and network adapter drivers Troubleshoot file-system access problems and system boot problems Learn how to analyze crashes
“For software developers of all experience levels looking to improve their results, and design and implement domain-driven enterprise applications consistently with the best current state of professional practice, Implementing Domain-Driven Design will impart a treasure trove of knowledge hard won within the DDD and enterprise application architecture communities over the last couple decades.” –Randy Stafford, Architect At-Large, Oracle Coherence Product Development “This book is a must-read for anybody looking to put DDD into practice.” –Udi Dahan, Founder of NServiceBus Implementing Domain-Driven Design presents a top-down approach to understanding domain-driven design (DDD) in a way that fluently connects strategic patterns to fundamental tactical programming tools. Vaughn Vernon couples guided approaches to implementation with modern architectures, highlighting the importance and value of focusing on the business domain while balancing technical considerations. Building on Eric Evans' seminal book, Domain-Driven Design, the author presents practical DDD techniques through examples from familiar domains. Each principle is backed up by realistic Java examples–all applicable to C# developers–and all content is tied together by a single case study: the delivery of a large-scale Scrum-based SaaS system for a multitenant environment. The author takes you far beyond “DDD-lite” approaches that embrace DDD solely as a technical toolset, and shows you how to fully leverage DDD's “strategic design patterns” using Bounded Context, Context Maps, and the Ubiquitous Language. Using these techniques and examples, you can reduce time to market and improve quality, as you build software that is more flexible, more scalable, and more tightly aligned to business goals. Coverage includes Getting started the right way with DDD, so you can rapidly gain value from it Using DDD within diverse architectures, including Hexagonal, SOA, REST, CQRS, Event-Driven, and Fabric/Grid-Based Appropriately designing and applying Entities–and learning when to use Value Objects instead Mastering DDD's powerful new Domain Events technique Designing Repositories for ORM, NoSQL, and other databases
Eldad Eilam, Elliot J. Chikofsky
Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various applications of reverse engineering, this book provides readers with practical, in-depth techniques for software reverse engineering. The book is broken into two parts, the first deals with security-related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third-party software library to improve interfacing and how to reverse engineer a competitor's software to build a better product. * The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products * Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy-protection schemes and identify software targets for viruses and other malware * Offers a primer on advanced reverse-engineering, delving into "disassembly"-code-level reverse engineering-and explaining how to decipher assembly language
Andrew S. Tanenbaum
The widely anticipated revision of this worldwide best-seller incorporates the latest developments in operating systems technologies. The Third Edition includes up-to-date materials on relevant operating systems such as Linux, Windows, and embedded real-time and multimedia systems. Includes new and updated coverage of multimedia operating systems, multiprocessors, virtual machines, and antivirus software. Covers internal workings of Windows Vista (Ch. 11); unique even for current publications. Provides information on current research based Tanenbaum's experiences as an operating systems researcher. A useful reference for programmers.
Do you want to create .NET applications that provide high performance and scalability? Do you want to employ object–oriented programming techniques in a distributed environment? Do you want to maximize the reuse and maintainability of your code? Then this book is for you. In Rockford Lhotka's Expert C# 2008 Business Objects, you'll learn how to use advanced .NET Framework capabilities alongside object-oriented design and programming to create scalable, maintainable object–oriented applications. Better still, this book includes Component-based Scalable Logical Architecture (CSLA) .NET 3.6, a widely-used framework on which you can base your application development. By using the concepts and framework in the book, you can focus more on your business issues and less on technology. Using VS 2008 and C# 3.0, Rockford Lhotka shows you how CSLA .NET 3.6 allows great flexibility in object persistence, so business objects can use virtually any data sources available. The CSLA framework supports 1–, 2– and n–tier models through the concept of mobile objects. This provides the flexibility to optimize performance, scalability, security, and fault tolerance with no changes to code in the UI or business objects. Business objects based on CSLA.NET 3.6 automatically gain many advanced features that simplify the creation of Windows forms, web forms, WPF, WCF, WF, and web services interfaces, and LINQ.
Michael James Hernandez
“This book takes the somewhat daunting process of database design and breaks it into completely manageable and understandable components. Mike’s approach whilst simple is completely professional, and I can recommend this book to any novice database designer.” –Sandra Barker, Lecturer, University of South Australia, Australia “Databases are a critical infrastructure technology for information systems and today’s business. Mike Hernandez has written a literate explanation of database technology–a topic that is intricate and often obscure. If you design databases yourself, this book will educate you about pitfalls and show you what to do. If you purchase products that use a database, the book explains the technology so that you can understand what the vendor is doing and assess their products better.” –Michael Blaha, consultant and trainer, author of A Manager’s Guide to Database Technology “If you told me that Mike Hernandez could improve on the first edition of Database Design for Mere Mortals I wouldn’t have believed you, but he did! The second edition is packed with more real-world examples, detailed explanations, and even includes database-design tools on the CD-ROM! This is a must-read for anyone who is even remotely interested in relational database design, from the individual who is called upon occasionally to create a useful tool at work, to the seasoned professional who wants to brush up on the fundamentals. Simply put, if you want to do it right, read this book!” –Matt Greer, Process Control Development, The Dow Chemical Company “Mike’s approach to database design is totally common-sense based, yet he’s adhered to all the rules of good relational database design. I use Mike’s books in my starter database-design class, and I recommend his books to anyone who’s interested in learning how to design databases or how to write SQL queries.” –Michelle Poolet, President, MVDS, Inc. “Slapping together sophisticated applications with poorly designed data will hurt you just as much now as when Mike wrote his first edition, perhaps even more. Whether you’re just getting started developing with data or are a seasoned pro; whether you've read Mike’s previous book or this is your first; whether you're happier letting someone else design your data or you love doing it yourself–this is the book for you. Mike’s ability to explain these concepts in a way that’s not only clear, but fun, continues to amaze me.” –From the Foreword by Ken Getz, MCW Technologies, coauthor ASP.NET Developer's JumpStart “The first edition of Mike Hernandez’s book Database Design for Mere Mortals was one of the few books that survived the cut when I moved my office to smaller quarters. The second edition expands and improves on the original in so many ways. It is not only a good, clear read, but contains a remarkable quantity of clear, concise thinking on a very complex subject. It’s a must for anyone interested in the subject of database design.” –Malcolm C. Rubel, Performance Dynamics Associates “Mike’s excellent guide to relational database design deserves a second edition. His book is an essential tool for fledgling Microsoft Access and other desktop database developers, as well as for client/server pros. I recommend it highly to all my readers.” –Roger Jennings, author of Special Edition Using Access 2002 “There are no silver bullets! Database technology has advanced dramatically, the newest crop of database servers perform operations faster than anyone could have imagined six years ago, but none of these technological advances will help fix a bad database design, or capture data that you forgot to include! Database Design for Mere Mortals™, Second Edition, helps you design your database right in the first place!” –Matt Nunn, Product Manager, SQL Server, Microsoft Corporation “When my brother started his professional career as a developer, I gave him Mike’s book to help him understand database concepts and make real-world application of database technology. When I need a refresher on the finer points of database design, this is the book I pick up. I do not think that there is a better testimony to the value of a book than that it gets used. For this reason I have wholeheartedly recommended to my peers and students that they utilize this book in their day-to-day development tasks.” –Chris Kunicki, Senior Consultant, OfficeZealot.com “Mike has always had an incredible knack for taking the most complex topics, breaking them down, and explaining them so that anyone can ‘get it.’ He has honed and polished his first very, very good edition and made it even better. If you're just starting out building database applications, this book is a must-read cover to cover. Expert designers will find Mike’s approach fresh and enlightening and a source of great material for training others.” –John Viescas, President, Viescas Consulting, Inc., author of Running Microsoft Access 2000 and coauthor of SQL Queries for Mere Mortals “Whether you need to learn about relational database design in general, design a relational database, understand relational database terminology, or learn best practices for implementing a relational database, Database Design for Mere Mortals™, Second Edition, is an indispensable book that you’ll refer to often. With his many years of real-world experience designing relational databases, Michael shows you how to analyze and improve existing databases, implement keys, define table relationships and business rules, and create data views, resulting in data integrity, uniform access to data, and reduced data-entry errors.” –Paul Cornell, Site Editor, MSDN Office Developer Center Sound database design can save hours of development time and ensure functionality and reliability. Database Design for Mere Mortals™, Second Edition, is a straightforward, platform-independent tutorial on the basic principles of relational database design. It provides a commonsense design methodology for developing databases that work. Database design expert Michael J. Hernandez has expanded his best-selling first edition, maintaining its hands-on approach and accessibility while updating its coverage and including even more examples and illustrations. This edition features a CD-ROM that includes diagrams of sample databases, as well as design guidelines, documentation forms, and examples of the database design process. This book will give you the knowledge and tools you need to create efficient and effective relational databases.
Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte
This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application New material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and Vista Also features the first-ever published information on exploiting Cisco's IOS, with content that has never before been explored The companion Web site features downloadable code files
Dafydd Stuttard, Marcus Pinto
This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results. The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.
"Two thumbs up" —Gregory V. Wilson, Dr. Dobbs Journal (October 2004) No one can disparage the ability to write good code. At its highest levels, it is an art. But no one can confuse writing good code with developing good software. The difference—in terms of challenges, skills, and compensation—is immense. Coder to Developer helps you excel at the many non-coding tasks entailed, from start to finish, in just about any successful development project. What's more, it equips you with the mindset and self-assurance required to pull it all together, so that you see every piece of your work as part of a coherent process. Inside, you'll find plenty of technical guidance on such topics as: Choosing and using a source code control system Code generation tools--when and why Preventing bugs with unit testing Tracking, fixing, and learning from bugs Application activity logging Streamlining and systematizing the build process Traditional installations and alternative approaches To pull all of this together, the author has provided the source code for Download Tracker, a tool for organizing your collection of downloaded code, that's used for examples throughout this book. The code is provided in various states of completion, reflecting every stage of development, so that you can dig deep into the actual process of building software. But you'll also develop "softer" skills, in areas such as team management, open source collaboration, user and developer documentation, and intellectual property protection. If you want to become someone who can deliver not just good code but also a good product, this book is the place to start. If you must build successful software projects, it's essential reading.
"PHP Web Application Security" helps readers build secure Web applications, using Apache and MySQL along with PHP 5. The book details the attacks that hackers use against Web sites, and shows how to correctly configure Apache and PHP to guard against them.
""This is the best book on SSL/TLS. Rescorla knows SSL/TLS as well as anyone and presents it both clearly and completely.... At times, I felt like he's been looking over my shoulder when I designed SSL v3. If network security matters to you, buy this book."" Paul Kocher, Cryptography Research, Inc. Co-Designer of SSL v3 " "Having the right crypto is necessary but not sufficient to having secure communications. If you're using SSL/TLS, you should have "SSL and TLS"sitting on your shelf right next to "Applied Cryptography." Bruce Schneier, Counterpane Internet Security, Inc. Author of "Applied Cryptography"" "Everything you wanted to know about SSL/TLS in one place. It covers the protocols down to the level of packet traces. It covers how to write software that uses SSL/TLS. And it contrasts SSL with other approaches. All this while being technically sound and readable!"" Radia Perlman, Sun Microsystems, Inc. Author of "Interconnections" Secure Sockets Layer (SSL) and its IETF successor, Transport Layer Security (TLS), are the leading Internet security protocols, providing security for e-commerce, web services, and many other network functions. Using SSL/TLS effectively requires a firm grasp of its role in network communications, its security properties, and its performance characteristics. "SSL and TLS" provides total coverage of the protocols from the bits on the wire up to application programming. This comprehensive book not only describes how SSL/TLS is supposed to behave but also uses the author's free ssldump diagnostic tool to show the protocols in action. The author covers each protocol feature, first explaining how it works and then illustrating it in a live implementation. This unique presentation bridges the difficult gap between specification and implementation that is a common source of confusion and incompatibility. In addition to describing the protocols, "SSL and TLS" delivers the essential details required by security architects, application designers, and software engineers. Use the practical design rules in this book to quickly design fast and secure systems using SSL/TLS. These design rules are illustrated with chapters covering the new IETF standards for HTTP and SMTP over TLS. Written by an experienced SSL implementor, "SSL and TLS" contains detailed information on programming SSL applications. The author discusses the common problems faced by implementors and provides complete sample programs illustrating the solutions in both C and Java. The sample programs use the free OpenSSL and PureTLS toolkits so the reader can immediately run the examples. 0201615983B04062001
Programmers: protect and defend your Web apps against attack! You may know ASP.NET, but if you don't understand how to secure your applications, you need this book. This vital guide explores the often-overlooked topic of teaching programmers how to design ASP.NET Web applications so as to prevent online thefts and security breaches. You'll start with a thorough look at ASP.NET 3.5 basics and see happens when you don't implement security, including some amazing examples. The book then delves into the development of a Web application, walking you through the vulnerable points at every phase. Learn to factor security in from the ground up, discover a wealth of tips and industry best practices, and explore code libraries and more resources provided by Microsoft and others. Shows you step by step how to implement the very latest security techniques Reveals the secrets of secret-keeping—encryption, hashing, and not leaking information to begin with Delves into authentication, authorizing, and securing sessions Explains how to secure Web servers and Web services, including WCF and ASMX Walks you through threat modeling, so you can anticipate problems Offers best practices, techniques, and industry trends you can put to use right away Defend and secure your ASP.NET 3.5 framework Web sites with this must-have guide.
Michael Howard, David LeBlanc, John Viega
This essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications
Mickey Gousset, Brian Keller, Ajoy Krishnamoorthy, Martin Woodward
Get up to speed on Application Lifecycle Management (ALM) with Visual Studio 2010 through a combination of hands-on instruction and deep-dives. Microsoft has packed a lot of brand new testing and modeling tools into Visual Studio 2010, tools that previously were available only to Microsoft internal development teams. Developers will appreciate the focus on practical implementation techniques and best practices. A team of Microsoft insiders provides a nuts-and-bolts approach. This Wrox guide is designed as both a step-by-step guide and a reference for modeling, designing, and coordinating software development solutions at every level using Visual Studio 2010 and Visual Studio Team Foundation Server 2010. Visual Studio 2010 offers a complete lifecycle management system that covers modeling, testing, code analysis, collaboration, build and deployment tools.