万本电子书0元读

万本电子书0元读

顶部广告

Penetration Testing Bootcamp电子书

售       价:¥

37人正在读 | 0人评论 9.8

作       者:Jason Beltrame

出  版  社:Packt Publishing

出版时间:2017-07-07

字       数:25.4万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:此类商品不支持退换货,不支持下载打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Sharpen your pentesting skill in a bootcamp About This Book ? Get practical demonstrations with in-depth explanations of complex security-related problems ? Familiarize yourself with the most common web vulnerabilities ? Get step-by-step guidance on managing testing results and reporting Who This Book Is For This book is for IT security enthusiasts and administrators who want to understand penetration testing quickly. What You Will Learn ? Perform different attacks such as MiTM, and bypassing SSL encryption ? Crack passwords and wireless network keys with brute-forcing and wordlists ? Test web applications for vulnerabilities ? Use the Metasploit Framework to launch exploits and write your own Metasploit modules ? Recover lost files, investigate successful hacks, and discover hidden data ? Write organized and effective penetration testing reports In Detail Penetration Testing Bootcamp delivers practical, learning modules in manageable chunks. Each chapter is delivered in a day, and each day builds your competency in Penetration Testing. This book will begin by taking you through the basics and show you how to set up and maintain the C&C Server. You will also understand how to scan for vulnerabilities and Metasploit, learn how to setup connectivity to a C&C server and maintain that connectivity for your intelligence gathering as well as offsite processing. Using TCPDump filters, you will gain understanding of the sniffing and spoofing traffic. This book will also teach you the importance of clearing up the tracks you leave behind after the penetration test and will show you how to build a report from all the data obtained from the penetration test. In totality, this book will equip you with instructions through rigorous tasks, practical callouts, and assignments to reinforce your understanding of penetration testing. Style and approach This book is delivered in the form of a 10-day boot camp style book. The day-by-day approach will help you get to know everything about penetration testing, from the use of network reconnaissance tools, to the writing of custom zero-day buffer overflow exploits.
目录展开

Title Page

Copyright

Penetration Testing Bootcamp

Credits

About the Author

About the Reviewer

www.PacktPub.com

Why subscribe?

Customer Feedback

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

Planning and Preparation

Why does penetration testing take place?

Understanding the engagement

Defining objectives with stakeholder questionnaires

Scoping criteria

Documentation

Understanding the network diagram – onshore IT example

Data flow diagram

Organization chart

Building the systems for the penetration test

Penetration system software setup

Summary

Information Gathering

Understanding the current environment

Where to look for information – checking out the toolbox!

Search engines as an information source

Utilizing whois for information gathering

Enumerating DNS with dnsmap

DNS reconnaissance with DNSRecon

Checking for a DNS BIND version

Probing the network with Nmap

Checking for DNS recursion with NSE

Fingerprinting systems with P0f

Firewall reconnaissance with Firewalk

Detecting a web application firewall

Protocol fuzzing with DotDotPwn

Using Netdiscover to find undocumented IPs

Enumerating your findings

Summary

Setting up and maintaining the Command and Control Server

Command and control servers

Setting up secure connectivity

Inside server SSH setup

Command and control server SSH setup

Setting up a reverse SSH tunnel

stunnel to the rescue

stunnel setup on the client – Raspberry Pi

Verifying automation

Automating evidence collection

File utilities

Playing with tar

Split utility

Summary

Vulnerability Scanning and Metasploit

Vulnerability scanning tools

Scanning techniques

OpenVAS

Getting started with OpenVAS

Performing scans against the environment

Getting started with Metasploit

Exploiting our targets with Metasploit

Understanding client-side attacks

Using BeEF for browser-based exploitation

Using SET for client-side exploitation

Summary

Traffic Sniffing and Spoofing

Traffic sniffing tools and techniques

Sniffing tools

Tcpdump

WinDump

Wireshark

Understanding spoofing attacks

ARP spoofing

Ettercap

SSLStrip

Intercepting SSL traffic with SSLsplit

Summary

Password-based Attacks

Generating rainbow tables and wordlists

Creating rainbows with RainbowCrack

Crunching wordlists

Online locations

Cracking utilities

John the Ripper

THC-Hydra

Ncrack

Medusa

Social engineering experiments

Impersonation to get the goods

Scenario 1

Scenario 2

Dumpster diving

Free USB drives for all!!

Summary

Attacks on the Network Infrastructure

Wired-based attacks

snmp-check

Rogue DHCP server

Denial-of-service checks

Various attacks with hping3

Land attacks with hping3

Smurf attacks using hping3

MAC flooding with Macof

Wireless-based attacks

Cracking WPA2 with aircrack-ng

Monitoring the airway with Kismet

Attacking WEP with wifite

Bluetooth probing

Bluelog

Btscanner

Blueranger

Scanning with Hcitool

Physical security considerations

Secure access

Employee/vendor identification

Summary

Web Application Attacks

Manipulation by client-side testing

Cross-site scripting attacks

Reflected XSS attack

Stored XSS attack

Using OWASP ZAP to find session issues

Infrastructure and design weaknesses

Uniscan

Using Skipfish for web application recon

Identity-based testing

Role based access control

Apache-users

Wfuzz

Validating data, error handling, and logic

SQL Injection fun with Sqlmap

Error handling issues

Session management

Burp suite with intercept

Using XSS for cookie retrieval

Summary

Cleaning Up and Getting Out

Cleaning up any trails left behind

Covering your tracks

Clearev with Metasploit

Shredding files with shred

CLI tips for hiding your tracks

ClearLogs for Windows

Using DD and mkfs to clear drives

LUKS Nuke blowing up partition

Destroying equipment

Stakeholder-sponsored destruction

Destruction by the penetration tester

Summary

Writing Up the Penetration Testing Report

Gathering all your data

Importance of defining risk

Structure of a penetration test report

Cover sheet

Table of contents

Executive summary

The scope of the project

Objectives of the penetration test

Description of risk rating scale

Summary of findings

Detailed findings

Conclusion

Appendix A - tools used

Appendix B - attached reports

Appendix C - attached diagrams

About your company

Building the report

Delivering the report

Summary

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部