-
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
- 點閱:39
- 作者: by Lee Allen
- 出版社:Packt Publishing Ltd.
- 出版年:2012
- ISBN:9781849517744 ; 9781849517751
- 格式:EPUB,PDF
- 版次:1st ed.
◆ Learn how to perform an efficient, organized, and effective penetration test from start to finish
◆ Gain hands-on penetration testing experience by building and testing a virtual lab environment that includes commonly found security measures such as IDS and firewalls
◆ Take the challenge and perform a virtual penetration test against a fictional corporation from start to finish and then verify your results by walking through step-by-step solutions
◆ Detailed step-by-step guidance on managing testing results and writing clearly organized and effective penetration testing reports
◆ Properly scope your penetration test to avoid catastrophe
◆ Understand in detail how the testing process works from start to finish, not just how to use specific tools
◆ Use advanced techniques to bypass security controls and remain hidden while testing
◆ Create a segmented virtual network with several targets, IDS and firewall
◆ Generate testing reports and statistics
◆ Perform an efficient, organized, and effective penetration test from start to finish
Although the book is intended for someone that has a solid background in information security the step-by-step instructions make it easy to follow for all skill levels.
You will learn Linux skills, how to setup your own labs, and much much more.
◆ Use advanced techniques to bypass security controls and remain hidden while testing
◆ Create a segmented virtual network with several targets, IDS and firewall
◆ Generate testing reports and statistics
◆ Perform an efficient, organized, and effective penetration test from start to finish
Although the book is intended for someone that has a solid background in information security the step-by-step instructions make it easy to follow for all skill levels.
You will learn Linux skills, how to setup your own labs, and much much more.
- Preface(第1頁)
- Chapter 1:Planning and Scoping for a Successful Penetration Test(第7頁)
- Introduction to advanced penetration testing(第7頁)
- Before testing begins(第10頁)
- Planning for action(第14頁)
- Exploring BackTrack(第24頁)
- Installing OpenOffice(第26頁)
- Effectively manage your test results(第26頁)
- Introduction to the Dradis Framework(第32頁)
- Summary(第42頁)
- Chapter 2:Advanced Reconnaissance Techniques(第43頁)
- Introduction to reconnaissance(第44頁)
- DNS recon(第47頁)
- Gathering and validating domain and IP information(第61頁)
- Using search engines to do your job for you(第64頁)
- Summary(第78頁)
- Chapter 3:Enumeration:Choosing Your Targets Wisely(第79頁)
- Adding another virtual machine to our lab(第80頁)
- Nmap — getting to know you(第84頁)
- SNMP:A goldmine of information just waiting to be discovered(第100頁)
- Creating network baselines with scanPBNJ(第106頁)
- Enumeration avoidance techniques(第111頁)
- Summary(第113頁)
- Chapter 4:Remote Exploitation(第115頁)
- Exploitation – Why bother?(第115頁)
- Target practice – Adding a Kioptrix virtual machine(第116頁)
- Manual exploitation(第118頁)
- Getting files to and from victim machines(第137頁)
- Passwords:Something you know…(第140頁)
- Metasploit — learn it and love it(第148頁)
- Summary(第158頁)
- Chapter 5:Web Application Exploitation(第159頁)
- Practice makes perfect(第160頁)
- Detecting load balancers(第177頁)
- Detecting Web Application Firewalls(WAF)(第180頁)
- Taking on Level 3 – Kioptrix(第182頁)
- Web Application Attack and Audit Framework(w3af)(第182頁)
- Introduction to Mantra(第197頁)
- Summary(第200頁)
- Chapter 6:Exploits and Client-Side Attacks(第201頁)
- Buffer overflows—A refresher(第202頁)
- Introduction to fuzzing(第210頁)
- Introducing vulnserver(第213頁)
- Fuzzing tools included in BackTrack(第215頁)
- Fast-Track(第227頁)
- Social Engineering Toolkit(第233頁)
- Summary(第237頁)
- Chapter 7:Post-Exploitation(第239頁)
- Rules of engagement(第240頁)
- Data gathering, network analysis, and pillaging(第242頁)
- Pivoting(第284頁)
- Summary(第286頁)
- Chapter 8:Bypassing Firewalls and Avoiding Detection(第287頁)
- Lab preparation(第288頁)
- Stealth scanning through the firewall(第297頁)
- Now you see me, now you don't — Avoiding IDS(第301頁)
- Blending in(第304頁)
- Looking at traffic patterns(第306頁)
- Cleaning up compromised hosts(第308頁)
- Miscellaneous evasion techniques(第309頁)
- Summary(第311頁)
- Chapter 9:Data Collection Tools and Reporting(第313頁)
- Record now — Sort later(第314頁)
- Old school — The text editor method(第314頁)
- Dradis framework for collaboration(第319頁)
- The report(第322頁)
- Challenge to the reader(第330頁)
- Summary(第331頁)
- Chapter 10:Setting Up Virtual Test Lab Environments(第333頁)
- Why bother with setting up labs?(第333頁)
- Keeping it simple(第334頁)
- Adding complexity or emulating target environments(第343頁)
- Summary(第354頁)
- Chapter 11:Take the Challenge – Putting It All Together(第355頁)
- The scenario(第355頁)
- The setup(第356頁)
- The challenge(第362頁)
- The walkthrough(第363頁)
- Reporting(第377頁)
- Summary(第378頁)
- Index(第379頁)
紙本書 NT$ 1920
單本電子書
NT$
1152
同分類熱門書