舉報 
會員
Building Virtual Pentesting Labs for Advanced Penetration Testing
最新章節:
Index
Writteninaneasy-to-followapproachusinghands-onexamples,thisbookhelpsyoucreatevirtualenvironmentsforadvancedpenetrationtesting,enablingyoutobuildamulti-layeredarchitecturetoincludefirewalls,IDS/IPS,webapplicationfirewalls,andendpointprotection,whichisessentialinthepenetrationtestingworld.Ifyouareapenetrationtester,securityconsultant,securitytestengineer,oranalystwhowantstopracticeandperfectpenetrationtestingskillsbybuildingvirtualpentestinglabsinvaryingindustryscenarios,thisisthebookforyou.Thisbookisidealifyouwanttobuildandenhanceyourexistingpentestingmethodsandskills.Basicknowledgeofnetworksecurityfeaturesisexpectedalongwithwebapplicationtestingexperience.
目錄(89章)
倒序
- coverpage
- Building Virtual Pentesting Labs for Advanced Penetration Testing
- Credits
- About the Author
- About the Reviewers
- www.PacktPub.com
- Support files eBooks discount offers and more
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Chapter 1. Introducing Penetration Testing
- Security testing
- Abstract testing methodology
- Myths and misconceptions of pen testing
- Summary
- Chapter 2. Choosing the Virtual Environment
- Open source and free environments
- Commercial environments
- Image conversion
- Converting from a physical to virtual environment
- Summary
- Chapter 3. Planning a Range
- Planning
- Identifying vulnerabilities
- Summary
- Chapter 4. Identifying Range Architecture
- Building the machines
- Selecting network connections
- Choosing range components
- Summary
- Chapter 5. Identifying a Methodology
- The OSSTMM
- CHECK
- NIST SP-800-115
- Summary
- Chapter 6. Creating an External Attack Architecture
- Establishing layered architectures
- Configuring firewall architectures
- iptables
- Summary
- Chapter 7. Assessment of Devices
- Assessing routers
- Evaluating switches
- Attacking the firewall
- Identifying the firewall rules
- Tricks to penetrate filters
- Summary
- Chapter 8. Architecting an IDS/IPS Range
- Deploying a network-based IDS
- Implementing the host-based IDS and endpoint security
- Working with virtual switches
- Evasion
- Summary
- Chapter 9. Assessment of Web Servers and Web Applications
- Analyzing the OWASP Top Ten attacks
- Identifying web application firewalls
- Penetrating web application firewalls
- Tools
- Summary
- Chapter 10. Testing Flat and Internal Networks
- The role of Vulnerability Scanners
- Dealing with host protection
- Summary
- Chapter 11. Attacking Servers
- Common protocols and applications for servers
- Database assessment
- OS platform specifics
- Summary
- Chapter 12. Exploring Client-side Attack Vectors
- Client-side attack methods
- Pilfering data from the client
- Using the client as a pivot point
- Client-side exploitation
- Binary payloads
- Malicious PDF files
- Bypassing antivirus and other protection tools
- Obfuscation and encoding
- Summary
- Chapter 13. Building a Complete Cyber Range
- Creating the layered architecture
- Integrating decoys and honeypots
- Attacking the cyber range
- Recording the attack data for further training and analysis
- Summary
- Index 更新時間:2021-07-16 11:42:46
推薦閱讀
- Web漏洞分析與防范實戰:卷1
- 科技安全:戰略實踐與展望
- INSTANT Burp Suite Starter
- 工業物聯網安全
- 網絡安全技術與實訓(第4版)(微課版)
- 網絡運維親歷記 (網絡運維紀實文學)
- 網絡空間安全實驗
- 軟件安全保障體系架構
- 安全防御入門手冊
- 數據要素安全:新技術、新安全激活新質生產力
- 電腦安全與攻防入門很輕松(實戰超值版)
- Kali Linux高級滲透測試(原書第4版)
- 功能型密碼算法設計與分析
- 物聯網信息安全技術
- 動態賦能網絡空間防御
- CTF網絡安全競賽入門教程
- 惡意軟件、Rootkit和僵尸網絡
- 計算機網絡安全與應用技術(第2版)
- Metasploit Bootcamp
- 網站入侵與腳本技術快速防殺
- 網絡空間安全技術
- 網絡安全等級保護2.0:定級、測評、實施與運維
- Windows 7安全指南
- iOS黑客攻防秘籍(第2版)
- 構建可信白環境:方法與實踐
- CTF實戰:從入門到提升
- 工業互聯網信息安全技術
- 黑客攻防從入門到精通(黑客與反黑工具篇·全新升級版)
- DevSecOps原理、核心技術與實戰
- 博弈論與數據保護
