Discover how to take advantage of common cryptographic operations to build safer apps that respect users' privacy with the help of examples in JavaScript for Node.js and browsers Key FeaturesUnderstand how to implement common cryptographic operations in your code with practical examplesLearn about picking modern safe algorithms, which libraries you should rely on, and how to use them correctlyBuild modern and secure applications that respect your users' privacy with cryptographyBook Description If you're a software developer, this book will give you an introduction to cryptography, helping you understand how to make the most of it for your applications. The book contains extensive code samples in JavaScript, both for Node.js and for frontend apps running in a web browser, although the core concepts can be used by developers working with any programming language and framework. With a purely hands-on approach that is focused on sharing actionable knowledge, you'll learn about the common categories of cryptographic operations that you can leverage in all apps you're developing, including hashing, encryption with symmetric, asymmetric and hybrid ciphers, and digital signatures. You'll learn when to use these operations and how to choose and implement the most popular algorithms to perform them, including SHA-2, Argon2, AES, ChaCha20-Poly1305, RSA, and Elliptic Curve Cryptography. Later, you'll learn how to deal with password and key management. All code in this book is written in JavaScript and designed to run in Node.js or as part of frontend apps for web browsers. By the end of this book, you'll be able to build solutions that leverage cryptography to protect user privacy, offer better security against an expanding and more complex threat landscape, help meet data protection requirements, and unlock new opportunities. What you will learnWrite JavaScript code that uses cryptography running within a Node.js environment for the server-side or in frontend applications for web browsersUse modern, safe hashing functions for calculating digests and key derivation, including SHA-2 and Argon2Practice encrypting messages and files with a symmetric key using AES and ChaCha20-Poly1305Use asymmetric and hybrid encryption, leveraging RSA and Elliptic Curve Cryptography with ECDH and ECIESCalculate and verify digital signatures using RSA and ECDSA/EdDSAManage passwords and encryption keys safelyWho this book is for This cryptography book is an introductory guide for software developers who don't necessarily have a background in cryptography but are interested in learning how to integrate it in their solutions, correctly and safely. You'll need to have at least intermediate-level knowledge of building apps with JavaScript and familiarity with Node.js to make the most of this book.

CD-ROM includes: WCCO 1.0 Source Code -- WCCO 1.0 Manual -- WCCO Test Code -- CryptoAPI Container Manager -- Regasaurus program.

Learn the essential steps to successfully identify and leverage API endpoints with a sequenced and structured approach Key Features Gain detailed insights into vulnerabilities and attack vectors for RESTful and GraphQL APIs Follow practical advice and best practices for securing APIs against potential threats Explore essential security topics, potential vulnerabilities, common attack vectors, and the overall API security landscape Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionUnderstanding API security is crucial as APIs form the backbone of modern interconnected applications, making them prime targets for cyberattacks. Drawing on nearly 30 years of cybersecurity experience and an extensive background in network security and forensic analysis, this book provides the knowledge and tools to strengthen your API security practices and protect against cyber threats comprehensively. This book begins by establishing a foundational understanding of APIs, particularly focusing on REST and GraphQL, emphasizing their critical role and potential security vulnerabilities. It guides you through setting up a penetration testing environment to ensure the practical application of concepts. You’ll learn reconnaissance techniques, information-gathering strategies, and the discovery of API vulnerabilities. Authentication and authorization testing are thoroughly explored, covering mechanisms, weaknesses, and methods to bypass security controls. By comprehensively addressing these aspects, the book equips you to understand, identify, and mitigate risks, strengthening API security and effectively minimizing potential attack surfaces. By the end of this book, you’ll have developed practical skills to identify, exploit, and secure APIs against various vulnerabilities and attacks.What you will learn Get an introduction to APIs and their relationship with security Set up an effective pentesting lab for API intrusion Conduct API reconnaissance and information gathering in the discovery phase Execute basic attacks such as injection, exception handling, and DoS Perform advanced attacks, including data exposure and business logic abuse Benefit from expert security recommendations to protect APIs against attacks Who this book is for This book is for security engineers, particularly those focused on application security, as well as security analysts, application owners, web developers, pentesters, and all curious enthusiasts who want to learn about APIs, effective testing methods for their robustness, and how to protect them against cyber attacks. Basic knowledge of web development, familiarity with API concepts, and a foundational understanding of cybersecurity principles will help you get started with this book.

Update your skill set for ES 6 and 7 with the ultimate JavaScript guide for pros Professional JavaScript for Web Developers is the essential guide to next-level JavaScript development. Written for intermediate-to-advanced programmers, this book jumps right into the technical details to help you clean up your code and become a more sophisticated JavaScript developer. From JavaScript-specific object-oriented programming and inheritance, to combining JavaScript with HTML and other markup languages, expert instruction walks you through the fundamentals and beyond. This new fourth edition has been updated to cover ECMAScript 6 and 7 (also known as ES2015 and ES2016) and the major re-imagination and departure from ES 5.1; new frameworks and libraries, new techniques, new testing tools, and more are explained in detail for the professional developer, with a practical focus that helps you put your new skills to work on real-world projects. The latest—and most dramatic—ES release is already being incorporated into JavaScript engines in major browsers; this, coupled with the rise in mobile web traffic increasing demand for responsive, dynamic web design, means that all web developers need to update their skills—and this book is your ideal resource for quick, relevant guidance. Get up to date with ECMAScript 6 and 7, new frameworks, and new libraries Delve into web animation, emerging APIs, and build systems Test more effectively with mocks, unit tests, functional tests, and other tools Plan your builds for future ES releases Even if you think you know JavaScript, new ES releases bring big changes that will affect the way you work. For a professional-level update that doesn't waste time on coding fundamentals, Professional JavaScript for Web Developers is the ultimate resource to bring you up to speed.

Hands-on and abundant with source code for a practical guide to Securing Node.js web applications. This book is intended to be a hands-on thorough guide for securing web applications based on Node.js and the ExpressJS web application framework. Many of the concepts, tools and practices in this book are primarily based on open source libraries and the author leverages these projects and highlights them. The main objective of the book is to equip the reader with practical solutions to real world problems, and so this book is heavily saturated with source code examples as well as a high level description of the risks involved with any security topic, and the practical solution to prevent or mitigate it.

Develop a greater intuition for the proper use of cryptography. This book teaches the basics of writing cryptographic algorithms in Python, demystifies cryptographic internals, and demonstrates common ways cryptography is used incorrectly. Cryptography is the lifeblood of the digital world’s security infrastructure. From governments around the world to the average consumer, most communications are protected in some form or another by cryptography. These days, even Google searches are encrypted. Despite its ubiquity, cryptography is easy to misconfigure, misuse, and misunderstand. Developers building cryptographic operations into their applications are not typically experts in the subject, and may not fully grasp the implication of different algorithms, modes, and other parameters. The concepts in this book are largely taught by example, including incorrect uses of cryptography and how "bad" cryptography can be broken. By digging into the guts of cryptography, you can experience what works, what doesn't, and why. What You’ll Learn Understand where cryptography is used, why, and how it gets misused Know what secure hashing is used for and its basic propertiesGet up to speed on algorithms and modes for block ciphers such as AES, and see how bad configurations breakUse message integrity and/or digital signatures to protect messagesUtilize modern symmetric ciphers such as AES-GCM and CHACHAPractice the basics of public key cryptography, including ECDSA signaturesDiscover how RSA encryption can be broken if insecure padding is usedEmploy TLS connections for secure communicationsFind out how certificates work and modern improvements such as certificate pinning and certificate transparency (CT) logs Who This Book Is For IT administrators and software developers familiar with Python. Although readers may have some knowledge of cryptography, the book assumes that the reader is starting from scratch.

Traditional database technologies present several challenges in recording financial transactions. As an example, this can be seen in the case of property sales, where the buyer's ownership is obtained after payment has been completed. Both buyers and sellers can record monetary transactions, but there is no reliable source. However, all parties can deny each other. Blockchain is a database that contains a history of whatever information it is designed to store. Blockchain consists of a series of information "blocks" built on top of one another in an immutable chain. This book guides developing Smart Contracts with Solidity, on Polygon. Ethereum is a lovely blockchain to work with, but the heavy traffic and many people building on it have made the network a bit congested. The 2nd layer solution to solving this problem by extending the scalability of Ethereum is with Polygon. Polygon is an Ethereum companion network with Ethereum security and lower gas fees.