Cryptography - RSA Encryption Algorithm in a NutShell
http://rapidshare.de/files/14464822/...Shell.rar.html

Type: .pdf
Pages: 35

The Art Of Sql
Book review:
For all the buzz about trendy IT techniques, data processing is still at the core of our systems, especially now that enterprises all over the world are confronted with exploding volumes of data. Database performance has become a major headache, and most IT departments believe that developers should provide simple SQL code to solve immediate problems and let DBAs tune any "bad SQL" later.

In The Art of SQL, author and SQL expert Stephane Faroult argues that this "safe approach" only leads to disaster. His insightful book, named after Art of War by Sun Tzu, contends that writing quick inefficient code is sweeping the dirt under the rug. SQL code may run for 5 to 10 years, surviving several major releases of the database management system and on several generations of hardware. The code must be fast and sound from the start, and that requires a firm understanding of SQL and relational theory.

The Art of SQL offers best practices that teach experienced SQL users to focus on strategy rather than specifics. Faroult's approach takes a page from Sun Tzu's classic treatise by viewing database design as a military campaign. You need knowledge, skills, and talent. Talent can't be taught, but every strategist from Sun Tzu to modern-day generals believed that it can be nurtured through the experience of others. They passed on their experience acquired in the field through basic principles that served as guiding stars amid the sound and fury of battle. This is what Faroult does with SQL.

Like a successful battle plan, good architectural choices are based on contingencies. What if the volume of this or that table increases unexpectedly? What if, following a merger, the number of users doubles? What if you want to keep several years of data online? Faroult's way of looking at SQL performance may be unconventional and unique, but he's deadly serious about writing good SQL and using SQL well. The Art of SQL is not a cookbook, listing problems and giving recipes. The aim is to get you-and your manager-to raise good questions.

Download link: http://rapidshare.de/files/16830744/The.Art.of.SQL.rar (1.7mb)
Password: www.AvaxHome.ru

------
Ten hacker tricks to exploit SQL Server systems

SQL Server runs databases for financial, bank, biotech, Ecommerce, data warehousing, scientific applications, etc. which often require huge data processing with complex formulas or algorithms.
Most of this work is done with TSQL stored procedures and .NET procedures (in SQL Server 2005), however neither one of them can achieve the performance and flexibility of external procedures which are natively compiled code.
http://searchsqlserver.techtarget.co...fer=SQLwnha217

http://www.cgisecurity.com/articles/xss-faq.shtml - XSS FAQ

_http://www.l0t3k.net/biblio/
Big collection of security docs (about a 400 MB)

I guess you all know Cross-Site Scripting attacks are becoming more and more dangerous every day. In the Web 2.0 era, stealing a user cookie\session or hijacking a user browser is almost equal to compromising his box by exploiting a remote code execution vulnerability.

Computer experts say that in the not so far future, operating systems will be no more then just a web browser, all the applications a user need will be online (take Office Online for example).
Therefor the phrase “XSS is the New Buffer Overflow, JavaScript Malware is the New Shell Code” is true, no wonder XSS made it the number one attack vector of 2006.

So it’s about time someone will publish an XSS book

XSS Attacks - Cross Site Scripting Attacks Exploits and Defense written by Jeremiah Grossman, Robert Hansen (RSnake), Petko D. Petkov (pdp), Anton Rager and Seth Fogie, is the first book ever made that is dedicated entirely to Cross-Site Scripting.

From what we can see in the preview (Chapter 5 and the Table of Contents), this book is packed with a lot of attack techniques, covers the simplest attack to the most advanced, universal cross-site scripting attacks, XSS exploitation frameworks and a lot more

For further information check out the book announcements in Jeremiah’s and RSnake’s blogs.



Good luck

(IN)SECURE Magazine11


Issue 11 of (IN)SECURE Magazine released.
In this issue:

• Review: GFI LANguard Network Security Scanner 8
• Critical steps to secure your virtualized environment
• Interview with Howard Schmidt, President and CEO R & H Security Consulting
• Quantitative look at penetration testing
• Integrating ISO 17799 into your Software Development Lifecycle
• Public Key Infrastructure (PKI): dead or alive?
• Interview with Christen Krogh, Opera Software’s Vice President of Engineering
• Super ninja privacy techniques for web application developers
• Security economics
• iptables - an introduction to a robust firewall
• Black Hat Briefings & Training Europe 2007
• Enforcing the network security policy with digital certificates

Very interesting stuff! Download (IN)SECURE issue 11.

Addison-Wesley Professional.Honeypots- Tracking Hackers.pdf
Wiley.The Database Hacker's Handbook- Defending Database Servers.chm
John Wiley & Sons.Hacking GMail (ExtremeTech).pdf
Hacking.Guide.V3.1.pdf
A-List Publishing.Hacker Linux Uncovered.chm
Hacker'S.Delight.chm
Hacker.Bibel.[278.kB_www.netz.ru].pdf
HackerHighSchool.pdf
Hacker's Desk Reference.pdf
Hackers Beware Defending Your Network From The Wiley Hacker.pdf
Addison Wesley - Hackers Delight 2002.pdf
addison wesley - web hacking - attacks and defense.chm
Addison Wesley, The Outlook Answer Book Useful Tips Tricks And Hacks (2005) Bbl Lotb.chm
Anti-Hacker ToolKit - McGraw Hill 2E 2004.chm
Auerbach.Pub.The.Hackers.Handbook.The.Strategy.Beh ind.Breaking.into.and.Defending.Networks.Nov.2003. eBook-DDU.pdf
ceh-official-certified-ethical-hacker-review-guide-exam-312-50.9780782144376.27422.pdf
ebook.oreilly.-.windows.xp.hacks.sharereactor.chm
For.Dummies.Hacking.for.Dummies.Apr.2004.eBook-DDU.pdf
For.Dummies.Hacking.Wireless.Networks.For.Dummies. Sep.2005.eBook-DDU.pdf
Hack_Attacks_Revealed_A_Complete_Reference_With_Cu stom_Security_Hacking_Toolkit.chm
hacker-disassembling-uncovered.9781931769228.20035.chm
Hacking Cisco Routers.pdf
Hacking the Code - ASP.NET Web Application Security Cookbook (2004) .chm
John.Wiley.and.Sons.Hacking.Windows.XP.Jul.2004.eB ook.pdf
John.Wiley.and.Sons.The.Art.of.Intrusion.The.Real. Stories.Behind.the.Exploits.of.Hackers.Intruders.a nd.Deceivers.Feb.2005.ISBN0764569597.pdf
Jon.Erickson.Hacking.The.Art.Of.Exploitation.No.St arch.Press.2003.chm
Linux-Server.Hacks-OReilly.pdf
McGraw Hill - Web Applications (Hacking Exposed).pdf
McGraw.Hill.HackNotes.Linux.and.Unix.Security.Port able.Reference.eBook-DDU.pdf
McGraw.Hill.HackNotes.Network.Security.Portable.Re ference.eBook-DDU.pdf
McGraw.Hill.HackNotes.Web.Security.Portable.Refere nce.eBook-DDU.pdf
McGraw.Hill.HackNotes.Windows.Security.Portable.Re ference.eBook-DDU.pdf
OReilly - Flickr Hacks Tips and Tools for Sharing Photos Online (Feb 2006).chm
Oreilly Access Hacks Apr 2005.chm
OReilly,.Digital.Video.Hacks.(2005).DDU.LotB.chm
oreilly,.visual.studio.hacks.(2005).ddu.lotb.chm
Oreilly.Amazon.Hacks.eBook.LiB.chm
oreilly.firefox.hacks.ebook-lib.chm
OReilly.Google.Hacks.2nd.Edition.Dec.2004.ISBN0596 008570.chm
OReilly.Google.Maps.Hacks.Jan.2006.chm
Oreilly.Linux.Desktop.Hacks.Mar.2005.eBook-LiB.chm
OReilly.Linux.Server.Hacks.Volume.Two.Dec.2005.chm
OReilly.Network.Security.Hacks.chm
OReilly.PayPal.Hacks.Sep.2004.eBook-DDU.chm
OReilly.PC.Hacks.Oct.2004.eBook-DDU.chm
OReilly.Perl.Hacks.Tips.and.Tools.for.Programming. Debugging.and.Surviving.May.2006.chm
OReilly.Skype.Hacks.Tips.and.Tools.for.Cheap.Fun.I nnovative.Phone.Service.Dec.2005.chm
OReilly.Statistics.Hacks.May.2006.chm
OReilly.Ubuntu.Hacks.Tips.and.Tools.for.Exploring. Using.and.Tuning.Linux.Jun.2006.chm
OReilly.VoIP.Hacks.Tips.and.Tools.for.Internet.Tel ephony.Dec.2005.chm
oreilly.windows.xp.hacks.2nd.edition.feb.2005.lib. chm
OReilly.Word.Hacks.Oct.2004.eBook-DDU.chm
prentice hall - pipkin - halting the hacker- a practical guide to computer security, 2nd edition.chm
Que - UNIX Hints Hacks.chm
Que.Certified.Ethical.Hacker.Exam.Prep.Apr.2006.ch m
Syngress - Hack Proofing Linux (2001).pdf
Syngress - Hack Proofing Your Identity in the Information Age - 2002.pdf
Syngress -- Hack Proofing Your Wireless Network.pdf
Syngress.Hacking.a.Terror.Network.Nov.2004.ISBN192 8994989.pdf
the-database-hackers-handbook-defending-database-servers.9780764578014.25524.chm
Websters.New.World.Websters.New.World.Hacker.Dicti onary.Sep.2006.pdf
Wiley.Hacking.Firefox.More.Than.150.Hacks.Mods.and .Customizations.Jul.2005.eBook-DDU.pdf
Wiley.Hacking.Google.Maps.and.Google.Earth.Jul.200 6.pdf
Wiley.Hacking.GPS.Mar.2005.ISBN0764598805.pdf
Wiley.Lifehacker.Dec.2006.pdf

Behind the Scenes of Malicious Web Servers


OR: