會(huì)員

Penetration Testing Bootcamp

Jason Beltrame 著

更新時(shí)間：2021-07-02 21:36:31

開(kāi)會(huì)員，本書(shū)免費(fèi)讀 >

最新章節(jié)： Summary

計(jì)算機(jī)網(wǎng)絡(luò) 編程語(yǔ)言與程序設(shè)計(jì)

ThisbookisforITsecurityenthusiastsandadministratorswhowanttounderstandpenetrationtestingquickly.

目錄(177章)

倒序

coverpage
Title Page
Credits
About the Author
About the Reviewer
www.PacktPub.com
Why subscribe?
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
Planning and Preparation
Why does penetration testing take place?
Understanding the engagement
Defining objectives with stakeholder questionnaires
Scoping criteria
Documentation
Understanding the network diagram – onshore IT example
Data flow diagram
Organization chart
Building the systems for the penetration test
Penetration system software setup
Summary
Information Gathering
Understanding the current environment
Where to look for information – checking out the toolbox!
Search engines as an information source
Utilizing whois for information gathering
Enumerating DNS with dnsmap
DNS reconnaissance with DNSRecon
Checking for a DNS BIND version
Probing the network with Nmap
Checking for DNS recursion with NSE
Fingerprinting systems with P0f
Firewall reconnaissance with Firewalk
Detecting a web application firewall
Protocol fuzzing with DotDotPwn
Using Netdiscover to find undocumented IPs
Enumerating your findings
Summary
Setting up and maintaining the Command and Control Server
Command and control servers
Setting up secure connectivity
Inside server SSH setup
Command and control server SSH setup
Setting up a reverse SSH tunnel
stunnel to the rescue
stunnel setup on the client – Raspberry Pi
Verifying automation
Automating evidence collection
File utilities
Playing with tar
Split utility
Summary
Vulnerability Scanning and Metasploit
Vulnerability scanning tools
Scanning techniques
OpenVAS
Getting started with OpenVAS
Performing scans against the environment
Getting started with Metasploit
Exploiting our targets with Metasploit
Understanding client-side attacks
Using BeEF for browser-based exploitation
Using SET for client-side exploitation
Summary
Traffic Sniffing and Spoofing
Traffic sniffing tools and techniques
Sniffing tools
Tcpdump
WinDump
Wireshark
Understanding spoofing attacks
ARP spoofing
Ettercap
SSLStrip
Intercepting SSL traffic with SSLsplit
Summary
Password-based Attacks
Generating rainbow tables and wordlists
Creating rainbows with RainbowCrack
Crunching wordlists
Online locations
Cracking utilities
John the Ripper
THC-Hydra
Ncrack
Medusa
Social engineering experiments
Impersonation to get the goods
Scenario 1
Scenario 2
Dumpster diving
Free USB drives for all!!
Summary
Attacks on the Network Infrastructure
Wired-based attacks
snmp-check
Rogue DHCP server
Denial-of-service checks
Various attacks with hping3
Land attacks with hping3
Smurf attacks using hping3
MAC flooding with Macof
Wireless-based attacks
Cracking WPA2 with aircrack-ng
Monitoring the airway with Kismet
Attacking WEP with wifite
Bluetooth probing
Bluelog
Btscanner
Blueranger
Scanning with Hcitool
Physical security considerations
Secure access
Employee/vendor identification
Summary
Web Application Attacks
Manipulation by client-side testing
Cross-site scripting attacks
Reflected XSS attack
Stored XSS attack
Using OWASP ZAP to find session issues
Infrastructure and design weaknesses
Uniscan
Using Skipfish for web application recon
Identity-based testing
Role based access control
Apache-users
Wfuzz
Validating data error handling and logic
SQL Injection fun with Sqlmap
Error handling issues
Session management
Burp suite with intercept
Using XSS for cookie retrieval
Summary
Cleaning Up and Getting Out
Cleaning up any trails left behind
Covering your tracks
Clearev with Metasploit
Shredding files with shred
CLI tips for hiding your tracks
ClearLogs for Windows
Using DD and mkfs to clear drives
LUKS Nuke blowing up partition
Destroying equipment
Stakeholder-sponsored destruction
Destruction by the penetration tester
Summary
Writing Up the Penetration Testing Report
Gathering all your data
Importance of defining risk
Structure of a penetration test report
Cover sheet
Table of contents
Executive summary
The scope of the project
Objectives of the penetration test
Description of risk rating scale
Summary of findings
Detailed findings
Conclusion
Appendix A - tools used
Appendix B - attached reports
Appendix C - attached diagrams
About your company
Building the report
Delivering the report
Summary 更新時(shí)間：2021-07-02 21:36:31

官术网_书友最值得收藏!

Penetration Testing Bootcamp