szhourj的专栏

Scott Mitchell 的ASP.NET 2.0数据教程!!!!!!!!!!!!!!!!

WF从入门到精通（中文版）.pdf!!!!!!!!!!!!!!!!!!!

Product Description If your job is to design or implement IT security solutions or if youre studying for any security certification, this is the how-to guide youve been looking for. Heres how to assess your needs, gather the tools, and create a controlled environment in which you can experiment, test, and develop the solutions that work. With liberal examples from real-world scenarios, it tells you exactly how to implement a strategy to secure your systems now and in the future. From the Back Cover Many books tell you what to do. This one tells you how. If your job is to design or implement IT security solutions, or if you’re studying for any security certification, this is the how-to guide you’ve been looking for. Here’s how to assess your needs, gather the tools, and create a controlled environment in which you can experiment, test, and develop the solutions that work. With liberal examples from real-world scenarios, it tells you exactly how to implement a strategy to secure your systems now and in the future. Collect the necessary hardware and software and assemble your own network lab Configure a bootable Linux CD Explore various methods for gathering information about existing security Identify automated attack and penetration tools Understand cryptographic systems and encryption and authentication attacks Learn to find, identify, and defeat malware Address the special protection needs of wireless systems Use Snort® to build an IDS that will help to detect and identify attacks in real time

Introduction There are many books about software testing management. When they discuss software test automation, they introduce third-party testing tools. This book describes techniques for developing a fully automated software testing tool. You can use this tool to generate test scripts for continuous unit testing, integration testing, and regression testing. Software defects are common and cause economic losses from time to time. Today, software organizations invest more time and resources in analyzing and testing software as a unit rather than as independent entities. Software engineers have observed that writing testing code is as expensive and time consuming as developing the product itself. To ensure software quality, organizations encourage software developers and testers to achieve objectives such as these: Locating the source of defects faster and more precisely Detecting bugs earlier in the software development life cycle Removing more defects before the product is released Improved testing tools can reduce the cost of software development and increase the quality of software. An automated testing tool must have the following characteristics: Accurate functionality, reliability, interoperability, and compliance An interface that is user friendly and easy to learn and operate Enhanced fault tolerance and automatic error recoverability Efficient algorithm for time and resource management Stable and mature final products that can be maintained and upgraded Easy portability with regard to installation, uninstallation, adaptability, and security I have used many of the commercial software test tools. Their developers declare that they have the capability to conduct various types of software tests and meet the requirements of an organization. But they have limitations. For example, some of them require users to record a series of mouse clicks and keystrokes. Others require users to write test scripts in a specified script language or to generate a test script automatically to test only one function (member) of a software module. Furthermore, the test scripts produced by these tools and methods need to be edited and debugged before they can be executed to perform the desired tests. Automatic generation of the testing data is beyond the reach of these tools, and integration testing involves extensive manual stubbing and guesswork. Software test engineers would like to see a fully automated software test tool on the market, one that is capable of completing testing tasks from generating test scripts and composing the testing cases to presenting the results and fixing the bugs. But the tool vendors are not able to keep up with the complexity and technology advancements in today’s software projects. In addition, software products can include features that incorporate a company’s trade secrets, which the commercial testing tools won’t have the capability of testing. Engineers are often in the position of having to develop their own tools to cover the gaps. This book presents a way to develop and enhance a testing tool development with full automation. When I was trained to use commercial tools, the trainers from the manufacturers presented hundreds of testing features. Software test engineers do appreciate these features, and they are important in improving the quality of software. But the tedious and time-consuming processes of editing and debugging the generated test scripts sometimes prevent a thorough software test. Thus, software products are delivered to end users with costly errors. These costs are shared by virtually all businesses in the United States that depend on software for their development, production, distribution, and after-sales supports and services. To address these current inadequacies, this book will introduce an automated method to minimize the data editing steps, generate a test script to test the entire application, and free you from having to edit and debug the test script manually. The final product simply accepts an application under test and delivers the test results. Who This Book Is For Software engineers have long relied on the tools and infrastructures supplied by the current software testing tool vendors. Some engineers tell successful stories. But more engineers experience frustrations. The automation is not enough, the test is not efficient, and the test script generation and data composition methods need to be improved. One expert’s solution to software test automation is to develop testing tools instead of purchasing commercial tools developed with the current inadequate infrastructure. This book is written for people who are involved in software engineering and want to automate the software testing process for their organizations. With the methods introduced by this book, software engineers should gain a good understanding of the limited automation provided by the available testing tools and how to improve the current test infrastructure and conduct a fully automated software test. This book is for software engineers who want more effective ways to perform software tests. The automated test tool introduced in this book can serve as an independent software test tool as well as an adjunct to the commercial tools. I assume you are a moderately experienced software developer and a test engineer in the process of conducting software test for your organization. The explanations and examples in this book can be easily understood and followed by any intermediate- to advanced-level programmer interested in expanding their knowledge in both software development and software testing. Knowledge of the fundamentals of software testing is essential for software test engineers. Examining a combination of programming and testing issues leads to a solid solution to software test automation. This book’s content includes sound programming techniques with examples in C#. Then it gradually progresses to the development of a fully automated test tool. Although the sample code is in C# using the Microsoft Windows platform, the concept can be used with other languages and platforms. As economists have reported, software failures result in a substantial economic loss to the United States each year. Approximately half of the losses occur within the software manufacturing industry. If you are a senior managerial administrator of a software organization, you are most likely interested in an improved software test method. The other half of the loss comes out of the pockets of the software end users. If your business or institution consists of software end users, you probably maintain teams to support the software purchased from the contract vendors. Being aware of testing methods will assist you with efficient software application in your organization.

Introduction There are many books about software testing management. When they discuss software test automation, they introduce third-party testing tools. I have used many of the commercial software testing tools. Their developers declare that they have the capability to conduct various types of software tests and meet the requirements of an organization. But they have limitations. For example, many of GUI testing tools require users to record a series of mouse clicks and keystrokes. Others require users to write test scripts in a specified script language. Furthermore, the test scripts produced by these tools and methods need to be edited and debugged before they can be executed to perform the desired tests. This book presents ideas for automating graphical user interface (GUI) testing. The sample code in this book forms a foundation for a fully automated GUI testing tool. Using this tool, users don’t need to record, edit, and debug test scripts. Testers can spend their time creating testing cases and executing the testing.

Review Aimed at the working test manager or test engineer, the second edition of William Perry’s Effective Methods for Software Testing is one of the most rigorous guides to software testing available. This book provides the latest in standards for measuring how good your organization’s commitment to software testing is and many ways to improve it. In all, with its numerous lists and practical step-by-step guide to testing, this book points the way toward more economical and effective software testing. This book’s major strength is its meticulous 11-step guide to all aspects of today’s software testing process–from initial analysis and test planning to testing software installation and looking at ways to improve the testing cycle the next time around. The book is filled with to-do lists that enumerate the resources and tasks required for each step with helpful hints for what to do, how to work with management, and how to staff and execute a test plan from start to finish. (There is a chapter devoted to each of the 11 steps.) The text also incorporates the latest in testing standards from the Quality Assurance Institute (QAI), and the author does a good job of integrating testing with today’s iterative software methodologies. Another standout here is a look at software tools and how they can simplify the testing process. Of course, few software shops will be as rigorous in real life with the testing process outlined in this book, but there’s little doubt that this exhaustive guide sets a high standard that test engineers can aim for. Written in a somewhat formal–yet clear–style, this book can certainly benefit any software testing engineer or manager. –Richard Dragan Topics covered: Software testing process fundamentals, Quality Assurance Institute (QAI) test quality assessment, software defects, Kiviatt charts, testing economics, methodologies and costs, test plans, risk analysis, structural and functional testing, dynamic and static testing, manual and automated testing, testing tools, stress testing, compliance testing, security testing, requirements testing, regression testing, 11-step software testing process, testing client/server, and Web-based systems. –This text refers to an out of print or unavailable edition of this title. Product Description Written by the founder and executive director of the Quality Assurance Institute, which sponsors the most widely accepted certification program for software testing Software testing is a weak spot for most developers, and many have no system in place to find and correct defects quickly and efficiently This comprehensive resource provides step-by-step guidelines, checklists, and templates for each testing activity, as well as a self-assessment that helps readers identify the sections of the book that respond to their individual needs Covers the latest regulatory developments affecting software testing, including Sarbanes-Oxley Section 404, and provides guidelines for agile testing and testing for security, internal controls, and data warehouses CD-ROM with all checklists and templates saves testers countless hours of developing their own test documentation

Review …a comprehensive, practical cookbook of software testing with a slight mix of quality spices. …the book is a step-by-step guide of how to perform testing. It is practically focused and, in many of the chapters, the reader can follow the tasks (as if they were recipes) when performing testing activities. -Software Testing, Verification & Reliability, Vol. 15, No. 3, Sept. 2005 Product Description Whether you are inheriting a test team or starting one up,Manage Software Testing is a must-have resource that covers all aspects of test management. It guides you through the business and organizational issues that you are confronted with on a daily basis, explaining what you need to focus on strategically, tactically, and operationally. Using a risk-based approach, the author addresses a range of questions about software product development. The book covers unit, system, and non-functional tests and includes examples on how to estimate the number of bugs expected to be found, the time required for testing, and the date when a release is ready. It weighs the cost of finding bugs against the risks of missing release dates or letting bugs appear in the final released product. It is imperative to determine if bugs do exist and then be able to metric how quickly they can be identified, the cost they incur, and how many remain in the product when it is released. With this book,test managers can effectively and accurately establish these parameters.

Product Description Among the tests you perform on web applications, security testing is perhaps the most important, yet it’s often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite. Recipes cover the basics from observing messages between clients and servers to multi-phase tests that script the login and execution of web application features. By the end of the book, you’ll be able to build tests pinpointed at Ajax functions, as well as large multi-step tests for the usual suspects: cross-site scripting and injection attacks. This book helps you: Obtain, install, and configure useful-and free-security testing tools Understand how your application communicates with users, so you can better simulate attacks in your tests Choose from many different methods that simulate common attacks such as SQL injection, cross-site scripting, and manipulating hidden form fields Make your tests repeatable by using the scripts and examples in the recipes as starting points for automated testsDon’t live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book’s examples, you can incorporate security coverage into your test suite, and sleep in peace. About the Author Paco Hope is a Technical Manager at Cigital, Inc. and co-author of Mastering FreeBSD and OpenBSD Security (April 2005, O’Reilly, ISBN 0596006268). Mr. Hope has also published articles on Misuse and Abuse Cases and PKI. He has been invited to conferences to speak on topics such as software security re-quirements, web application security, and embedded system security. At Cigi-tal, he has served as a subject matter expert to MasterCard International for security policies and has assisted a Fortune 500 hospitality company in writ-ing software security policy. He also trains software developers and testers in the fundamentals of software security. In the gaming and mobile communica-tions industries he has advised several companies on software security. Mr. Hope majored in Computer Science and English at The College of William and Mary and received an M.S. in Computer Science from the University of Virginia. Ben Walther is a consultant at Cigital and contributor to the Edit Cookies tool. He has a hand in both normal Quality Assurance and Software Security. Day to day, he designs and executes tests – and so he understands the need for simple recipes, in the hectic QA world. Yet he has also given talks on web ap-plication testing tools to members of the Open Web Application Security Pro-ject (OWASP). Through Cigital, he tests systems ranging from financial data processing to slot machines. Mr. Walther has a B.S. in Information Science from Cornell University.

Greasemonkey Hacks is an invaluable compendium 100 ingenious hacks for power users who want to master Greasemonkey, the hot new Firefox extension that allows you to write scripts that alter the web pages you visit. With Greasemonkey, you can create scripts that make a web site more usable, fix rendering bugs that site owners can’t be bothered to fix themselves, or add items to a web site’s menu bar. You can alter pages so they work better with technologies that speak a web page out loud or convert it to Braille. Greasemonkey gurus can even import, combine, and alter data from different web sites to meet their own specific needs. Greasemonkey has achieved a cult-like following in its short lifespan, but its uses are just beginning to be explored. Let’s say you’re shopping on an e-commerce site. You can create a script that will automatically display competitive prices for that particular product from other web sites. The possibilities are limited only by your imagination and your Greasemonkey expertise. Greasemonkey Hacks can’t help you with the imagination part, but it can provide the expert hacks-complete with the sample code-you need to turn your brainstorms into reality. More than just an essential collection of made-to-order Greasemonkey solutions, Greasemonkey Hacks is crammed with sample code, a Greasemonkey API reference, and a comprehensive list of resources, to ensure that every resource you need is available between its covers. Some people are content to receive information from websites passively; some people want to control it. If you are one of the latter, Greasemonkey Hacks provides all the clever customizations and cutting-edge tips and tools you need to take command of any web page you view.

Lock down next-generation Web services “This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats.” –Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You’ll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings. Plug security holes in Web 2.0 implementations the proven Hacking Exposed way Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks Circumvent XXE, directory traversal, and buffer overflow exploits Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons Use input validators and XML classes to reinforce ASP and .NET security Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks About the Author Rich Cannings is a senior information security engineer at Google. Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization, and the author of several security books. Zane Lackey is a senior security consultant with iSEC Partners.

Review “Erickson presents the material in a manner that is both easy to follow and a joy to read.” — IEEE Security & Privacy, March 2004 “I highly recommend this book.” — IEEE Cipher, March 15, 2004 “This is an excellent book.” — About.com, November 2003 “This would make a great addition to any c

The latest Windows security attack and defense strategies “Securing Windows begins with reading this book.” –James Costello (CISSP) IT Security Specialist, Honeywell Meet the challenges of Windows security with the exclusive Hacking Exposed “attack-countermeasure” approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors’ and contributors’ many years as security professionals hired to break into the world’s largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to: Establish business relevance and context for security by highlighting real-world risks Take a tour of the Windows security architecture from the hacker’s perspective, exposing old and new vulnerabilities that can easily be avoided Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services See up close how professional hackers reverse engineer and develop new Windows exploits Identify and eliminate rootkits, malware, and stealth software Fortify SQL Server against external and insider attacks Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization About the Author Joel Scambray, CISSP, is Chief Strategy Officer at Leviathan Security Group (leviathansecurity.com). His nearly 15 years of information security experience encompasses roles as a corporate leader (senior management positions at Microsoft and Ernst & Young), entrepreneur (co-founder of Foundstone), successful technical consultant for Fortune 500 firms, and internationally recognized speaker and author of multiple security books, including all five editions of Hacking Exposed: Network Security Secrets & Solutions. Stuart McClure, CISSP, an independent computer security consultant, is one of today’s leading authorities on information security. He was SVP of Global Threats and Research for McAfee where he led an elite global security team fighting the most vicious cyber attacks ever seen. Stuart is the coauthor of multiple security books, including all five editions of Hacking Exposed: Network Security Secrets & Solutions.

Product Description “A fantastic book for anyone looking to learn the tools and techniques needed to break in and stay in.” –Bruce Potter, Founder, The Shmoo Group “Very highly recommended whether you are a seasoned professional or just starting out in the security business.” –Simple Nomad, Hacker From the Back Cover Uncover, plug, and ethically disclose security flaws Prevent catastrophic network attacks by exposing security flaws, fixing them, and ethically reporting them to the software author. Fully expanded to cover the hacker’s latest devious methods, Gray Hat Hacking: The Ethical Hacker’s Handbook, Second Edition lays out each exploit alongside line-by-line code samples, detailed countermeasures, and moral disclosure procedures. Find out how to execute effective penetration tests, use fuzzers and sniffers, perform reverse engineering, and find security holes in Windows and Linux applications. You’ll also learn how to trap and autopsy stealth worms, viruses, rootkits, adware, and malware. Implement vulnerability testing, discovery, and reporting procedures that comply with applicable laws Learn the basics of programming, stack operations, buffer overflow and heap vulnerabilities, and exploit development Test and exploit systems using Metasploit and other tools Break in to Windows and Linux systems with perl scripts, Python scripts, and customized C programs Analyze source code using ITS4, RATS, FlawFinder, PREfast, Splint, and decompilers Understand the role of IDA Pro scripts, FLAIR tools, and third-party plug-ins in discovering software vulnerabilities Reverse-engineer software using decompiling, profiling, memory monitoring, and data flow analysis tools Reveal client-side web browser vulnerabilities with MangleMe, AxEnum, and AxMan Probe Windows Access Controls to discover insecure access tokens, security descriptors, DACLs, and ACEs Find and examine malware and rootkits using honeypots, honeynets, and Norman SandBox technology

Product Description Secure Your Wireless Networks the Hacking Exposed Way Defend against the latest pervasive and devastating wireless attacks using the tactical security information contained in this comprehensive volume. Hacking Exposed Wireless reveals how hackers zero in on susceptible networks and peripherals, gain access, and execute debilitating attacks. Find out how to plug security holes in Wi-Fi/802.11 and Bluetooth systems and devices. You’ll also learn how to launch wireless exploits from Metasploit, employ bulletproof authentication and encryption, and sidestep insecure wireless hotspots. The book includes vital details on new, previously unpublished attacks alongside real-world countermeasures. Understand the concepts behind RF electronics, Wi-Fi/802.11, and Bluetooth Find out how hackers use NetStumbler, WiSPY, Kismet, KisMAC, and AiroPeek to target vulnerable wireless networks Defend against WEP key brute-force, aircrack, and traffic injection hacks Crack WEP at new speeds using Field Programmable Gate Arrays or your spare PS3 CPU cycles Prevent rogue AP and certificate authentication attacks Perform packet injection from Linux Launch DoS attacks using device driver-independent tools Exploit wireless device drivers using the Metasploit 3.0 Framework Identify and avoid malicious hotspots Deploy WPA/802.11i authentication and encryption using PEAP, FreeRADIUS, and WPA pre-shared keys About the Author Johnny Cache received his Masters in Computer Science from the Naval Postgraduate School in 2006. His thesis work, which focused on fingerprinting 802.11 device drivers, won the Gary Kildall award for the most innovative computer science thesis. Johnny wrote his first program on a Tandy 128K color computer sometime in 1988. Since then he has spoken at several security conferences including BlackHat, BlueHat, and ToorCon. He has also released a number of papers related to 802.11 security, and is the author of many wireless tools. Most of his wireless utilities are included in the Airbase suite, available at 802.11mercenary.net. Vincent Liu , CISSP is the Managing Director at Stach & Liu, a professional services firm providing IT security consulting to the Fortune 500, national law firms, and global financial institutions. Before founding Stach & Liu, Vincent led the Attack & Penetration and Reverse Engineering teams for the Global Security unit at Honeywell International. Prior to that, he was a consultant with the Ernst & Young Advanced Security Centers and an analyst at the National Security Agency. Vincent is a developer for the Metasploit Project and an experienced speaker, having presented his research at conferences including BlackHat, ToorCon, and Microsoft BlueHat. Vincent has been published in interviews, journals, and books with highlights including: Penetration Tester’s Open Source Toolkit; Writing Security Tools and Exploits; Sockets, and Shellcode, Porting, and Coding. Vincent holds a Bachelor of Science and Engineering from the University of Pennsylvania with a major in Computer Science and Engineering and a minor in Psychology.

Book Description The only book on the industry standard for examining wireless network traffic! Product Description Kismet Hacking brings together the premiere wireless security experts to outline how to successfully use the top wireless tool, Kismet. As wireless networking continues to spread in home, corporate and government use, and as Linux continues to replace Windows for many advanced users, Kismet is increasingly the tool that they rely upon. Now with the introduction of Kismet NewCore, people who are using Kismet for applications from wireless network design to wireless security, have an improved version of their favorite wireless application. Kismet Hacking is for both new users who are just starting to use Kismet and those who have been using Kismet for years. Vital user information on getting the most out of wireless Linux setups is contained here. This book covers everything a Kismet user would need to know about Kismet, from the basic installation to advanced subjects such as creating Wireless Intrusion Detection Systems.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College. This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Book Description Completely updated second edition of Google Hacking for Penetration Testers, which has sold 30,000 copies worldwide! Product Description A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I’ve seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at http://johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true-creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information. -Johnny Long . Learn Google Searching Basics Explore Google’s Web-based Interface, build Google queries, and work with Google URLs. . Use Advanced Operators to Perform Advanced Queries Combine advanced operators and learn about colliding operators and bad search-fu. . Learn the Ways of the Google Hacker See how to use caches for anonymity and review directory listings and traversal techniques. . Review Document Grinding and Database Digging See the ways to use Google to locate documents and then search within the documents to locate information. . Understand Google’s Part in an Information Collection Framework Learn the principles of automating searches and the applications of data mining. . Locate Exploits and Finding Targets Locate exploit code and then vulnerable targets. . See Ten Simple Security Searches Learn a few searches that give good results just about every time and are good for a security assessment. . Track Down Web Servers Locate and profile web servers, login portals, network hardware and utilities. . See How Bad Guys Troll for Data Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information. . Hack Google Services Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.

Microsoft Silverlight 2 导学！！！！！！！！！！！！！！！！

PKI网络安全认证技术与编程实现.rarPKI网络安全认证技术与编程实现.rar

client_side_reporting_with_visual_studio_in_c_sharp.1299881980.pdf

Expert C# 2008 Business Objects !!!!!!!!!!!!!!!!

C# in Depth !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

data_structures_and_algorithms_using_csharp.8254762801.pdf

domain_driven_design.8989333702.chm

developing_service_oriented_ajax_applications_on_the_microsoft_platform.9538093688.chm

data_driven_services_with_silverlight_2.1384410525.chm

essential_silverlight_2_up_to_date.4846476174!!!!!!!!!!!

introducing_microsoft_asp_dot_net_ajax.5418213431

maximizing_asp_net_real_world.5189404328!!!!!!!!!!!!!!!

mcts_self_paced_training_kit_exam_70_561_microsoft_dot_net_framework_35_ado_dot_net_application_development.8491558117

microsoft_visual_web_developer_2008_express_edition_step_by_step.6566452480

pro_dot_net_20_graphics_programming.4709396870!!!!!!!!!!!!!

programming_wcf_services_2nd_edition!!!!!!!!!!

[ASP.NET.3.5电子商务开发实战教程及源代码!!!!!!!!!!!!!!!

WCF揭密（英文版本pdf）!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

面象服务编程-ProgrammingWCFServices》+源代码.rar!!!!!!!!!!!!!!!!!

SQL语法祥解!!!!!!!!!!!!!!!!!!!!!!!!!!

ASP.NET分布式数据应用程序高级编程.pdf

SQL语法范例大全SQL和Oracle通解!!!!!!!!!!!!!!!!

SQL语法大全中文版!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!