Lee Allen is currently the Vulnerability Management Program Lead for one of the Fortune 500.
His journey into the exciting world of security began in the 1980s while visiting BBS's with his trusty Commodore 64 and a room carpeted with 5.25-inch diskettes.
Throughout the years, he has continued his attempts at remaining up-to-date with the latest and greatest in the security industry and the security community.
He has several industry certifications including the OSWP and has been working in the IT industry for over 15 years.
His hobbies and obsessions include validating and reviewing proof of concept exploit code, programming, security research, attending security conferences, discussing technology, writing, 3D Game development, and skiing.

• Preface(第1頁)
• Chapter 1：Planning and Scoping for a Successful Penetration Test(第7頁)
  • Introduction to advanced penetration testing(第7頁)
  • Before testing begins(第10頁)
  • Planning for action(第14頁)
  • Exploring BackTrack(第24頁)
  • Installing OpenOffice(第26頁)
  • Effectively manage your test results(第26頁)
  • Introduction to the Dradis Framework(第32頁)
  • Summary(第42頁)
• Chapter 2：Advanced Reconnaissance Techniques(第43頁)
  • Introduction to reconnaissance(第44頁)
  • DNS recon(第47頁)
  • Gathering and validating domain and IP information(第61頁)
  • Using search engines to do your job for you(第64頁)
  • Summary(第78頁)
• Chapter 3：Enumeration：Choosing Your Targets Wisely(第79頁)
  • Adding another virtual machine to our lab(第80頁)
  • Nmap — getting to know you(第84頁)
  • SNMP：A goldmine of information just waiting to be discovered(第100頁)
  • Creating network baselines with scanPBNJ(第106頁)
  • Enumeration avoidance techniques(第111頁)
  • Summary(第113頁)
• Chapter 4：Remote Exploitation(第115頁)
  • Exploitation – Why bother？(第115頁)
  • Target practice – Adding a Kioptrix virtual machine(第116頁)
  • Manual exploitation(第118頁)
  • Getting files to and from victim machines(第137頁)
  • Passwords：Something you know…(第140頁)
  • Metasploit — learn it and love it(第148頁)
  • Summary(第158頁)
Chapter 5：Web Application Exploitation(第159頁)
• Practice makes perfect(第160頁)
• Detecting load balancers(第177頁)
• Detecting Web Application Firewalls（WAF）(第180頁)
• Taking on Level 3 – Kioptrix(第182頁)
• Web Application Attack and Audit Framework（w3af）(第182頁)
• Introduction to Mantra(第197頁)
• Summary(第200頁)
Chapter 6：Exploits and Client-Side Attacks(第201頁)
• Buffer overflows—A refresher(第202頁)
• Introduction to fuzzing(第210頁)
• Introducing vulnserver(第213頁)
• Fuzzing tools included in BackTrack(第215頁)
• Fast-Track(第227頁)
• Social Engineering Toolkit(第233頁)
• Summary(第237頁)
Chapter 7：Post-Exploitation(第239頁)
• Rules of engagement(第240頁)
• Data gathering, network analysis, and pillaging(第242頁)
• Pivoting(第284頁)
• Summary(第286頁)
Chapter 8：Bypassing Firewalls and Avoiding Detection(第287頁)
• Lab preparation(第288頁)
• Stealth scanning through the firewall(第297頁)
• Now you see me, now you don't — Avoiding IDS(第301頁)
• Blending in(第304頁)
• Looking at traffic patterns(第306頁)
• Cleaning up compromised hosts(第308頁)
• Miscellaneous evasion techniques(第309頁)
• Summary(第311頁)
Chapter 9：Data Collection Tools and Reporting(第313頁)
• Record now — Sort later(第314頁)
• Old school — The text editor method(第314頁)
• Dradis framework for collaboration(第319頁)
• The report(第322頁)
• Challenge to the reader(第330頁)
• Summary(第331頁)
Chapter 10：Setting Up Virtual Test Lab Environments(第333頁)
• Why bother with setting up labs？(第333頁)
• Keeping it simple(第334頁)
• Adding complexity or emulating target environments(第343頁)
• Summary(第354頁)
Chapter 11：Take the Challenge – Putting It All Together(第355頁)
• The scenario(第355頁)
• The setup(第356頁)
• The challenge(第362頁)
• The walkthrough(第363頁)
• Reporting(第377頁)
• Summary(第378頁)
Index(第379頁)