Advanced penetration testing for highly-secured environments
Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments About This Book Learn how to build your own pentesting lab environment to practice advanced techniques Customize your own scripts, and learn methods to exploit 32-bit and 64-bit programs Explore...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham :
Packt Publishing
[2016]
|
| Edición: | Second edition |
| Colección: | Community experience distilled.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630008006719 |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Authors; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Penetration Testing Essentials; Chapter 2: Preparing a Test Environment; Chapter 3: Assessment Planning; Chapter 4: Intelligence Gathering; Chapter 5: Network Service Attacks; Chapter 6: Exploitation; Chapter 7: Web Application Attacks; Chapter 8: Exploitation Concepts; Chapter 9: Post-Exploitation; Chapter 10: Stealth Techniques; Chapter 11: Data Gathering and Reporting; Chapter 12: Penetration Testing Challenge; Index; Methodology defined; Example methodologies
- Abstract methodologySummary; Introducing VMware Workstation; Installing VMware Workstation; Network design; Understanding the default architecture; Creating the switches; Putting it all together; Summary; Introducing advanced penetration testing; Before testing begins; Planning for action; Installing LibreOffice; Effectively managing your test results; Introduction to the Dradis framework; Summary; Introducing reconnaissance; DNS recon; Gathering and validating domain and IP information; Using search engines to do your job for you; Creating network baselines with scanPBNJ; Summary
- Web Application Attack and Audit framework (w3af)Introduction to browser plugin HackBar; Reader challenge; Summary; Buffer overflows - a refresher; 64-bit exploitation; Introducing vulnserver; Fuzzing tools included in Kali; Social Engineering Toolkit; Fast-Track; Reader challenge; Summary; Rules of Engagement; Data gathering, network analysis, and pillaging; Pivoting; Reader challenge; Summary; Lab preparation; Stealth scanning through the firewall; Now you see me, now you don't - avoiding IDS; Blending in; PfSense SSH logs; Looking at traffic patterns; Cleaning up compromised hosts
- Miscellaneous evasion techniquesReader challenge; Summary; Record now - sort later; Old school - the text editor method; Dradis framework for collaboration; The report; Reader challenge; Summary; Firewall lab setup; The scenario; The virtual lab setup; The challenge; The walkthrough; Reporting; Summary; Penetration testing framework; Penetration Testing Execution Standard; Pre-engagement interactions; Intelligence gathering; Threat modeling; Vulnerability analysis; Exploitation; Post exploitation; Reporting; Final thoughts; Why VMware Workstation?; VMnet0; VMnet1; VMnet8; Folders
- Installing Kali Linux
