Essential Cryptography for JavaScript Developers


Book Description

Discover how to take advantage of common cryptographic operations to build safer apps that respect users' privacy with the help of examples in JavaScript for Node.js and browsers Key FeaturesUnderstand how to implement common cryptographic operations in your code with practical examplesLearn about picking modern safe algorithms, which libraries you should rely on, and how to use them correctlyBuild modern and secure applications that respect your users' privacy with cryptographyBook Description If you're a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework. With a purely hands-on approach that is focused on sharing actionable knowledge, you'll learn about the common categories of cryptographic operations that you can leverage in all apps you're developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You'll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you'll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers. By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities. What you will learnWrite JavaScript code that uses cryptography running within a Node.js environment for the server-side or in frontend applications for web browsersUse modern, safe hashing functions for calculating digests and key derivation, including SHA-2 and Argon2Practice encrypting messages and files with a symmetric key using AES and ChaCha20-Poly1305Use asymmetric and hybrid encryption, leveraging RSA and Elliptic Curve Cryptography with ECDH and ECIESCalculate and verify digital signatures using RSA and ECDSA/EdDSAManage passwords and encryption keys safelyWho this book is for This cryptography book is an introductory guide for software developers who don't necessarily have a background in cryptography but are interested in learning how to integrate it in their solutions, correctly and safely. You'll need to have at least intermediate-level knowledge of building apps with JavaScript and familiarity with Node.js to make the most of this book.




Essential Cryptography for JavaScript Developers


Book Description

Discover how to take advantage of common cryptographic operations to build safer apps that respect users' privacy with the help of examples in JavaScript for Node.js and browsers Key Features: Understand how to implement common cryptographic operations in your code with practical examples Learn about picking modern safe algorithms, which libraries you should rely on, and how to use them correctly Build modern and secure applications that respect your users' privacy with cryptography Book Description: If you're a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework. With a purely hands-on approach that is focused on sharing actionable knowledge, you'll learn about the common categories of cryptographic operations that you can leverage in all apps you're developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You'll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you'll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers. By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities. What You Will Learn: Write JavaScript code that uses cryptography running within a Node.js environment for the server-side or in frontend applications for web browsers Use modern, safe hashing functions for calculating digests and key derivation, including SHA-2 and Argon2 Practice encrypting messages and files with a symmetric key using AES and ChaCha20-Poly1305 Use asymmetric and hybrid encryption, leveraging RSA and Elliptic Curve Cryptography with ECDH and ECIES Calculate and verify digital signatures using RSA and ECDSA/EdDSA Manage passwords and encryption keys safely Who this book is for: This cryptography book is an introductory guide for software developers who don't necessarily have a background in cryptography but are interested in learning how to integrate it in their solutions, correctly and safely. You'll need to have at least intermediate-level knowledge of building apps with JavaScript and familiarity with Node.js to make the most of this book.




Professional JavaScript for Web Developers


Book Description

Update your skill set for ES 6 and 7 with the ultimate JavaScript guide for pros Professional JavaScript for Web Developers is the essential guide to next-level JavaScript development. Written for intermediate-to-advanced programmers, this book jumps right into the technical details to help you clean up your code and become a more sophisticated JavaScript developer. From JavaScript-specific object-oriented programming and inheritance, to combining JavaScript with HTML and other markup languages, expert instruction walks you through the fundamentals and beyond. This new fourth edition has been updated to cover ECMAScript 6 and 7 (also known as ES2015 and ES2016) and the major re-imagination and departure from ES 5.1; new frameworks and libraries, new techniques, new testing tools, and more are explained in detail for the professional developer, with a practical focus that helps you put your new skills to work on real-world projects. The latest—and most dramatic—ES release is already being incorporated into JavaScript engines in major browsers; this, coupled with the rise in mobile web traffic increasing demand for responsive, dynamic web design, means that all web developers need to update their skills—and this book is your ideal resource for quick, relevant guidance. Get up to date with ECMAScript 6 and 7, new frameworks, and new libraries Delve into web animation, emerging APIs, and build systems Test more effectively with mocks, unit tests, functional tests, and other tools Plan your builds for future ES releases Even if you think you know JavaScript, new ES releases bring big changes that will affect the way you work. For a professional-level update that doesn't waste time on coding fundamentals, Professional JavaScript for Web Developers is the ultimate resource to bring you up to speed.




Pentesting APIs


Book Description

Learn the essential steps to successfully identify and leverage API endpoints with a sequenced and structured approach Key Features Gain detailed insights into vulnerabilities and attack vectors for RESTful and GraphQL APIs Follow practical advice and best practices for securing APIs against potential threats Explore essential security topics, potential vulnerabilities, common attack vectors, and the overall API security landscape Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionUnderstanding API security is crucial as APIs form the backbone of modern interconnected applications, making them prime targets for cyberattacks. Drawing on nearly 30 years of cybersecurity experience and an extensive background in network security and forensic analysis, this book provides the knowledge and tools to strengthen your API security practices and protect against cyber threats comprehensively. This book begins by establishing a foundational understanding of APIs, particularly focusing on REST and GraphQL, emphasizing their critical role and potential security vulnerabilities. It guides you through setting up a penetration testing environment to ensure the practical application of concepts. You’ll learn reconnaissance techniques, information-gathering strategies, and the discovery of API vulnerabilities. Authentication and authorization testing are thoroughly explored, covering mechanisms, weaknesses, and methods to bypass security controls. By comprehensively addressing these aspects, the book equips you to understand, identify, and mitigate risks, strengthening API security and effectively minimizing potential attack surfaces. By the end of this book, you’ll have developed practical skills to identify, exploit, and secure APIs against various vulnerabilities and attacks.What you will learn Get an introduction to APIs and their relationship with security Set up an effective pentesting lab for API intrusion Conduct API reconnaissance and information gathering in the discovery phase Execute basic attacks such as injection, exception handling, and DoS Perform advanced attacks, including data exposure and business logic abuse Benefit from expert security recommendations to protect APIs against attacks Who this book is for This book is for security engineers, particularly those focused on application security, as well as security analysts, application owners, web developers, pentesters, and all curious enthusiasts who want to learn about APIs, effective testing methods for their robustness, and how to protect them against cyber attacks. Basic knowledge of web development, familiarity with API concepts, and a foundational understanding of cybersecurity principles will help you get started with this book.




Practical Cryptography in Python


Book Description

Develop a greater intuition for the proper use of cryptography. This book teaches the basics of writing cryptographic algorithms in Python, demystifies cryptographic internals, and demonstrates common ways cryptography is used incorrectly. Cryptography is the lifeblood of the digital world’s security infrastructure. From governments around the world to the average consumer, most communications are protected in some form or another by cryptography. These days, even Google searches are encrypted. Despite its ubiquity, cryptography is easy to misconfigure, misuse, and misunderstand. Developers building cryptographic operations into their applications are not typically experts in the subject, and may not fully grasp the implication of different algorithms, modes, and other parameters. The concepts in this book are largely taught by example, including incorrect uses of cryptography and how "bad" cryptography can be broken. By digging into the guts of cryptography, you can experience what works, what doesn't, and why. What You’ll Learn Understand where cryptography is used, why, and how it gets misused Know what secure hashing is used for and its basic propertiesGet up to speed on algorithms and modes for block ciphers such as AES, and see how bad configurations breakUse message integrity and/or digital signatures to protect messagesUtilize modern symmetric ciphers such as AES-GCM and CHACHAPractice the basics of public key cryptography, including ECDSA signaturesDiscover how RSA encryption can be broken if insecure padding is usedEmploy TLS connections for secure communicationsFind out how certificates work and modern improvements such as certificate pinning and certificate transparency (CT) logs Who This Book Is For IT administrators and software developers familiar with Python. Although readers may have some knowledge of cryptography, the book assumes that the reader is starting from scratch.




Essential Node.js Security


Book Description

Hands-on and abundant with source code for a practical guide to Securing Node.js web applications. This book is intended to be a hands-on thorough guide for securing web applications based on Node.js and the ExpressJS web application framework. Many of the concepts, tools and practices in this book are primarily based on open source libraries and the author leverages these projects and highlights them. The main objective of the book is to equip the reader with practical solutions to real world problems, and so this book is heavily saturated with source code examples as well as a high level description of the risks involved with any security topic, and the practical solution to prevent or mitigate it.




A Curious Moon


Book Description

Starting an application is simple enough, whether you use migrations, a model-synchronizer or good old-fashioned hand-rolled SQL. A year from now, however, when your app has grown and you're trying to measure what's happened... the story can quickly change when data is overwhelming you and you need to make sense of what's been accumulating. Learning how PostgreSQL works is just one aspect of working with data. PostgreSQL is there to enable, enhance and extend what you do as a developer/DBA. And just like any tool in your toolbox, it can help you create crap, slice off some fingers, or help you be the superstar that you are.That's the perspective of A Curious Moon - data is the truth, data is your friend, data is your business. The tools you use (namely PostgreSQL) are simply there to safeguard your treasure and help you understand what it's telling you.But what does it mean to be "data-minded"? How do you even get started? These are good questions and ones I struggled with when outlining this book. I quickly realized that the only way you could truly understand the power and necessity of solid databsae design was to live the life of a new DBA... thrown into the fire like we all were at some point...Meet Dee Yan, our fictional intern at Red:4 Aerospace. She's just been handed the keys to a massive set of data, straight from Saturn, and she has to load it up, evaluate it and then analyze it for a critical project. She knows that PostgreSQL exists... but that's about it.Much more than a tutorial, this book has a narrative element to it a bit like The Martian, where you get to know Dee and the problems she faces as a new developer/DBA... and how she solves them.The truth is in the data...




Blockchain Programming Smart Contract on Polygon


Book Description

Traditional database technologies present several challenges in recording financial transactions. As an example, this can be seen in the case of property sales, where the buyer's ownership is obtained after payment has been completed. Both buyers and sellers can record monetary transactions, but there is no reliable source. However, all parties can deny each other. Blockchain is a database that contains a history of whatever information it is designed to store. Blockchain consists of a series of information "blocks" built on top of one another in an immutable chain. This book guides developing Smart Contracts with Solidity, on Polygon. Ethereum is a lovely blockchain to work with, but the heavy traffic and many people building on it have made the network a bit congested. The 2nd layer solution to solving this problem by extending the scalability of Ethereum is with Polygon. Polygon is an Ethereum companion network with Ethereum security and lower gas fees.




Criptomonedas Para Principiantes


Book Description

Criptomonedas Para Principiantes es una guía completa para aquellos que desean introducirse en el mundo de las criptomonedas. Desde una introducción clara sobre qué son las criptomonedas hasta consejos sobre cómo invertir y comerciar, este libro cubre todos los aspectos clave para principiantes. El libro comienza con una explicación de las criptomonedas, su historia y los beneficios y riesgos asociados con ellas. Luego, se explora el funcionamiento de las criptomonedas, centrándose en la tecnología blockchain, la minería de criptomonedas y las carteras digitales. Las principales criptomonedas, como Bitcoin, Ethereum, Ripple y Litecoin, se presentan en detalle, brindando a los lectores una comprensión sólida de cada una de ellas. Para aquellos interesados en comprar y vender criptomonedas, el libro ofrece información sobre las plataformas de intercambio, así como consejos sobre cómo gestionar carteras de forma segura. La negociación de criptomonedas y la inversión a largo plazo también se abordan en capítulos separados, proporcionando a los lectores las habilidades y estrategias necesarias para aprovechar al máximo su experiencia en criptomonedas. El libro también explora temas éticos y sostenibilidad relacionados con las criptomonedas, así como las oportunidades profesionales que se presentan en este campo en crecimiento. Además, se discute el futuro de las criptomonedas, incluyendo las tecnologías emergentes y la adopción masiva. El libro también examina diferentes escenarios de evolución y proporciona a los lectores una visión general de lo que podría deparar el futuro en términos de criptomonedas. En resumen, Criptomonedas Para Principiantes es una guía esencial para aquellos que desean adentrarse en el mundo de las criptomonedas, proporcionando información clara y concisa, así como consejos prácticos para ayudar a los principiantes en su viaje cripto.




Blockchain Developer's Guide


Book Description

Build real-world projects like a smart contract deployment platform, betting apps, wallet services, and much more using blockchain Key FeaturesApply blockchain principles and features for making your life and business betterUnderstand Ethereum for smart contracts and DApp deploymentTackle current and future challenges and problems relating to blockchainBook Description Blockchain applications provide a single-shared ledger to eliminate trust issues involving multiple stakeholders. It is the main technical innovation of Bitcoin, where it serves as the public ledger for Bitcoin transactions. Blockchain Developer's Guide takes you through the electrifying world of blockchain technology. It begins with the basic design of a blockchain and elaborates concepts, such as Initial Coin Offerings (ICOs), tokens, smart contracts, and other related terminologies. You will then explore the components of Ethereum, such as Ether tokens, transactions, and smart contracts that you need to build simple DApps. Blockchain Developer's Guide also explains why you must specifically use Solidity for Ethereum-based projects and lets you explore different blockchains with easy-to-follow examples. You will learn a wide range of concepts - beginning with cryptography in cryptocurrencies and including ether security, mining, and smart contracts. You will learn how to use web sockets and various API services for Ethereum. By the end of this Learning Path, you will be able to build efficient decentralized applications. This Learning Path includes content from the following Packt products: Blockchain Quick Reference by Brenn Hill, Samanyu Chopra, Paul ValencourtBuilding Blockchain Projects by Narayan PrustyWhat you will learnUnderstand how various components of the blockchain architecture workGet familiar with cryptography and the mechanics behind blockchainApply consensus protocol to determine the business sustainabilityUnderstand what ICOs and crypto-mining are, and how they workWho this book is for Blockchain Developer's Guide is for you if you want to get to grips with the blockchain technology and develop your own distributed applications. It is also designed for those who want to polish their existing knowledge regarding the various pillars of the blockchain ecosystem. Prior exposure to an object-oriented programming language such as JavaScript is needed.




Recent Books