(Part 3) Top products from r/PowerShell
We found 13 product mentions on r/PowerShell. We ranked the 51 resulting products by number of redditors who mentioned them. Here are the products ranked 41-60. You can also go back to the previous section.
42. SCFM: Secure Coding Field Manual: A Programmer's Guide to OWASP Top 10 and CWE/SANS Top 25
Sentiment score: 2
Number of reviews: 1
43. Windows PowerShell Step by Step
Sentiment score: 0
Number of reviews: 1
MICROSOFT PRESS
44. PowerShell Studio: A Comprehensive Guide
Sentiment score: 0
Number of reviews: 1
45. Microsoft Windows PowerShell Programming for the Absolute Beginner
Sentiment score: 1
Number of reviews: 1
46. Working Effectively with Legacy Code
Sentiment score: 0
Number of reviews: 1
Prentice Hall
47. Code Complete: A Practical Handbook of Software Construction, Second Edition
Sentiment score: 1
Number of reviews: 1
Microsoft Press
48. PowerShell in Depth: An administrator's guide
Sentiment score: 0
Number of reviews: 1
49. Sams Teach Yourself Windows PowerShell in 24 Hours
Sentiment score: 0
Number of reviews: 1
Sams Publishing
This was a slow month. I picked up a copy of Pro Git 2nd Edition to try to take my Git skills to another level. It's a a good read if anyone is looking to get into Git (ha!).
For PowerShell specific stuff:
Finally I've started to take a hard look at my internal Git repositories where I work and realized that I'd really like some stuff on the outside on github.com, however I work for a company that is quite strict with sharing code, so I can't make direct ports from my internal repositories to external, which means I may have to do some re-inventing on my own time and publish stuff. I see a lot of the stuff others folks are doing on Github and I'd love to have some of my own stuff out there, so trying to find time and figure out what kinds of projects should be out there which others may see value in.
I took an online course through a local college 3 years ago. I hadn't been in school for over a decade, but the structured learning of the environment, plus the desire to get a good grade in the class, absolutely attributed to my success.
The labs and online class environment ensured I actually learned the material and underlying reasons why things were they way they were. It was not just a "paper cert."
I was able to immediately put what I learned to work at my place of business. The return on my investment was immediate and has helped me make more money while doing a better job for my clients. To this day I credit the class as the best money I've ever spent.
We used this book and it was very helpful while being pretty fun, since you are making (simple) video games the whole time: https://www.amazon.com/Microsoft-PowerShell-Programming-Absolute-Beginner/dp/1598633546
I will say, looking back now, the book really is what it says on the cover; for the absolute beginner. If you have any other scripting or programming knowledge, I would probably do "month of lunches" instead.
It's alway sa asgood thing to see different per spectives on a given topic or strategy.
However, how do you see your offering as being different, more informative, etc., than the courseware the SANS.org offers on the topic...
https://www.sans.org/webcasts/purple-powershell-current-attack-strategies-defenses-109700
... or the Secure Code strategies that have been in play via the MS SDL (Secure Development Lifecycle) for the last couple of decades?
>About Microsoft SDL
>
>https://www.microsoft.com/en-us/securityengineering/sdl/about
>
>Microsoft Security Development Lifecycle (SDL)
>
>https://www.microsoft.com/en-us/securityengineering/sdl
>
>SDL Resource List
>
>https://www.microsoft.com/en-us/securityengineering/sdl/resources
>
>Writing Secure Code (Developer Best Practices) 2nd Edition, Kindle Edition
>
>https://www.amazon.com/Writing-Secure-Code-Developer-Practices-ebook/dp/B00JDMP718/ref=sr_1_2?keywords=secure+code&qid=1555311132&s=gateway&sr=8-2
>
>Secure By Design 1st Edition
>
>https://www.amazon.com/Secure-Design-Daniel-Deogun/dp/1617294357/ref=sr_1_1?keywords=secure+code&qid=1555311132&s=gateway&sr=8-1
>
>SCFM: Secure Coding Field Manual: A Programmer's Guide to OWASP Top 10 and CWE/SANS Top 25
>
>https://www.amazon.com/SCFM-Secure-Coding-Manual-Programmers/dp/1508929572/ref=sr_1_4?keywords=secure+code&qid=1555311132&s=gateway&sr=8-4
Though there are particluars to a given language, and none of the above are PowerShell specific. The SDL thought, design and implemention relative to a give goal is the same.
Now, the real issue here is all the noise about PowerShell hacking and org leaders using that as the excuse to not allow PowerShell, without fully realizing that the use of PowerShell is a post exploit thing. The hacker got into your system another way, that was not properly defined, managed, protected, understood and or reacted to.
​
Also, there are whole websites and business offering conver Defensice PowerShell, and PowerShell forRed/Blue/Purple Teams.
Example:
https://devblogs.microsoft.com/powershell/defending-against-powershell-attacks/
http://www.defensivepowershell.com/
https://artofpwn.com/offensive-and-defensive-powershell-ii.html
https://adsecurity.org/?tag=powershell-defenses
https://devblogs.microsoft.com/powershell/powershell-security-at-derbycon/
https://nsfocusglobal.com/Attack-and-Defense-Around-PowerShell-Event-Logging
​
Learning how to attack with adn defend against, grants one greater edification on how they need to be thinking about writing and using PowerShell.
But good article. Looking forward to the rest.
Honestly, I'd go with Windows Powershell Best Practices instead. PSIAMOL is nice, but this one focuses more heavily on ensuring you not only get the syntax, but the proper script structure, code re-usability, high performance, and just a ton of other stuff.
PSIAMOL Teaches you how to use PowerShell. WPBP teaches you how to be good at PowerShell.
Once that's done, it wouldn't hurt to check out Code Complete which had such an impact I ended up re-writing several of my larger scripts after reading it...
PowerShell.org free ebook: Secrets of PowerShell Remoting
There is also more information in the books PowerShell Deep Dives or PowerShell In Depth.
Not only because they explain how remoting works thoroughly, but because they also will cover the security aspects as well as remote session configuration files, which you can use for various aspects of your remoting.
Just to add, if you want a good book to read after. This is very informative.
https://www.amazon.com/dp/0735675112?aaxitk=.sjYWQ4iWEoQs178fs504w
What do the PowerShell scripts you want to rewrite in Python do? I find the idea of a "commandlet like Python script" misguided and confused. PowerShell is still very much an administrative tool geared toward Microsoft systems. At this point in time I wouldn't consider it a general purpose scripting language like Python. No one is writing webapps with a MVC framework, e.g. Django, with PowerShell. And I doubt anyone ever will, despite all appearances from MS that they're trying to turn it into a general purpose language with PS Core. If your scripts are doing a lot of administrative things with AD, etc. then you're likely not going to have much success porting them to Python. I would question your sanity if you really wanted to do that.
You also need to spend some time groking Linux and Unix to get the most out of Python. Remember that it's a product of that environment and very much follows those conventions. So if you're looking to parse arguments then you should look at argparse. You should also think about what the syntactic sugar of a switch statement is doing, and realize you can do the same thing with a hashtable/dictionary.
If you're just interested in doing administrative things with Python then take a look at this book: Python for Unix and Linux System Administration. But realize the Python ecosystem is about a billion and one times larger than PowerShell's and covers everything from web development to machine learning.
this book may help: http://www.amazon.com/Working-Effectively-Legacy-Michael-Feathers/dp/0131177052.
also, put everything into functions and then unit test all of it (with mocks) using pester.
I'd suggest reading Powershell In Depth - http://www.amazon.com/PowerShell-Depth-An-administrators-guide/dp/1617290556
You can probably finish it in less than a week of train rides. A lot of that advice I had to learn the hard way.
Can I ask what you're trying to accomplish with a WSUS Offline deployment? Are these air gapped machines?
PowerShell Studio Book if you want to learn to build GUI applications with powershell backend.
I used this book:
Sams Teach Yourself Windows PowerShell in 24 Hours
https://www.amazon.com/dp/0672337282/ref=cm_sw_r_cp_api_i_BXYzCbGQT17AA