home libri books ebook dvd e film top ten sconti 0 Carrello


Torna Indietro

oriyano sean–philip - penetration testing essentials

Penetration Testing Essentials




Disponibilità: solo 1 copia disponibile, compra subito!

Se ordini entro 21 ore e 23 minuti, consegna garantita in 48 ore lavorative
scegliendo le spedizioni Express


PREZZO
€ 45,50
NICEPRICE
€ 38,68
SCONTO
15%


Facebook Twitter Aggiungi commento


Dettagli

Genere:Libro
Lingua: Inglese
Editore: Sybex
Pubblicazione: 12/2016





Note Editore

Learn Penetration Testing Quickly and Easily

Penetration Testing Essentials is your one–stop solution for gaining a robust foundation in discovering and reporting system vulnerabilities. This beginning guide puts you ahead of the curve before pursuing the new penetration testing certifications held by the most sought after cybersecurity experts in the world. In–depth, easy–to–understand coverage walks you through the technical and behavioral ways attackers compromise computer security, before giving you the tools you need to carry out the same penetration tests used by today's best ethical hackers. Start gaining a solid foundation of penetration testing fundamentals today.

Learn these penetration testing essentials and more:

  • Security, cryptography, and system hardening fundamentals
  • Breaking and entering methods and maintaining access to a system
  • Information gathering, scanning, and enumeration techniques
  • Covering your tracks with dependable tactics
  • Detecting and targeting wireless networks
  • Escaping and evading detection
  • Building a pen testing lab and developing a pen testing tool box
  • Penetrating a system with a state–of–the–art methodology

This striking Essentials book features:

  • Chapter–opening learning objectives
  • Step–by–step tutorials
  • Essentials and Beyond summaries and additional suggested exercises
  • Downloadable exercise files




Sommario

Introduction xvii

Chapter 1 Introduction to Penetration Testing 1

Defining Penetration Testing 1

Preserving Confidentiality, Integrity, and Availability 4

Appreciating the Evolution of Hacking 5

Chapter 2 Introduction to Operating Systems and Networking 15

Comparing Common Operating Systems 15

Exploring Networking Concepts 21

Chapter 3 Introduction to Cryptography 37

Recognizing the Four Goals of Cryptography 37

The History of Encryption 38

Speaking Intelligently About Cryptography 39

Comparing Symmetric and Asymmetric Cryptography 41

Transforming Data via Hashing 47

A Hybrid System: Using Digital Signatures 48

Working with PKI 50

Chapter 4 Outlining the Pen Testing Methodology 55

Determining the Objective and Scope of the Job 55

Choosing the Type of Test to Perform 58

Gaining Permission via a Contract 60

Following the Law While Testing68

Chapter 5 Gathering Intelligence 71

Introduction to Intelligence Gathering 71

Examining a Company s Web Presence 73

Finding Websites That Don t Exist Anymore 77

Gathering Information with Search Engines 78

Targeting Employees with People Searches 80

Discovering Location 81

Do Some Social Networking 82

Looking via Financial Services 85

Investigating Job Boards 86

Searching Email 86

Extracting Technical Information 87

Chapter 6 Scanning and Enumeration 89

Introduction to Scanning89

Checking for Live Systems 91

Performing Port Scanning 96

Identifying an Operating System 107

Scanning for Vulnerabilities 110

Using Proxies (Or Keeping Your Head Down) 110

Performing Enumeration 112

Chapter 7 Conducting Vulnerability Scanning 121

Introduction to Vulnerability Scanning 122

Recognizing the Limitations of Vulnerability Scanning 123

Outlining the Vulnerability Scanning Process 124

Types of Scans That Can Be Performed 127

Chapter 8 Cracking Passwords 129

Recognizing Strong Passwords 129

Choosing a Password–Cracking Technique 130

Executing a Passive Online Attack 131

Executing an Active Online Attack 133

Executing an Offline Attack 134

Using Nontechnical Methods 137

Escalating Privileges 140

Chapter 9 Retaining Access with Backdoors and Malware 143

Deciding How to Attack 143

Installing a Backdoor with PsTools 144

Opening a Shell with LAN Turtle 145

Recognizing Types of Malware 146

Launching Viruses 147

Launching Worms 153

Launching Spyware 153

Inserting Trojans154

Installing Rootkits 159

Chapter 10 Reporting 161

Reporting the Test Parameters 161

Collecting Information 163

Highlighting the Important Information 164

Adding Supporting Documentation 168

Conducting Quality Assurance 169

Chapter 11 Working with Defensive and Detection Systems 171

Detecting Intrusions 171

Recognizing the Signs of an Intrusion 176

Evading an IDS 179

Breaching a Firewall 182

Using Honeypots: The Wolf in Sheep s Clothing 189

Chapter 12 Covering Your Tracks and Evading Detection 193

Recognizing the Motivations for Evasion 193

Getting Rid of Log Files 194

Hiding Files 201

Evading Antivirus Software 208

Evading Defenses by Entering Through a Backdoor210

Using Rootkits for Evasion 211

Chapter 13 Detecting and Targeting Wireless 213

An Introduction to Wireless 213

Breaking Wireless Encryption Technologies 222

Conducting a Wardriving Attack 230

Conducting Other Types of Attack 232

Choosing Tools to Attack Wireless 234

Knocking Out Bluetooth 237

Hacking the Internet of Things (IoT)240

Chapter 14 Dealing with Mobile Device Security 243

Recognizing Current–Generation Mobile Devices 243

Working with Android OS 248

Working with Apple iOS 254

Finding Security Holes in Mobile Devices 256

Encountering Bring Your Own Device (BYOD) 257

Choosing Tools to Test Mobile Devices 258

Chapter 15 Performing Social Engineering 261

Introduction to Social Engineering 261

Exploiting Human Traits 263

Acting Like a Social Engineer 264

Targeting Specific Victims 265

Leveraging Social Networking 267

Conducting Safer Social Networking 268

Chapter 16 Hardening a Host System 271

Introduction to Hardening 271

Three Tenets of Defense 273

Creating a Security Baseline 276

Hardening with Group Policy 279

Hardening Desktop Security 279

Backing Up a System 289

Chapter 17 Hardening Your Network 291

Introduction to Network Hardening 291

Intrusion Detection Systems 292

Firewalls 296

Physical Security Controls 302

Chapter 18 Navigating the Path to Job Success 305

Choosing Your Career Path 305

Build a Library 307

Practice Technical Writing 309

Display Your Skills 309

Chapter 19 Building a Test Lab for Penetration Testing 311

Deciding to Build a Lab 311

Considering Virtualization 313

Getting Starting and What You Will Need 316

Installing Software 317

Appendix Answers to Review Questions 319

Index 331





Autore

About the Author

Sean Oriyano is a longtime security professional. Over the past 25 years he has divided his time between performing security research, consulting and delivering training both in the field of general IT and cybersecurity. In addition, he has become a best–selling author with many years experience in both digital and print media. Sean has published several books over the last decade and has expanded his reach further by appearing on TV and radio shows. Additionally Sean is a Chief Warrant Officer and Unit Commander specializing in cybersecurity training, development and strategy. As a CWO he is recognized as a SME in his field and is frequently called upon to provide expertise, training and mentoring wherever needed.





Consigliati dai Librai

CEH v9
Online Risk to Children
Advanced Penetration Testing
Security in Fixed and Wireless Networks
SPIA NELLA RETE




Altre Informazioni

ISBN: 9781119235309
Dimensioni: 235 x 19.15 x 189 mm Ø 482 gr
Formato: Brossura
Pagine Arabe: 360






Utilizziamo i cookie di profilazione, anche di terze parti, per migliorare la navigazione, per fornire servizi e proporti pubblicità in linea con le tue preferenze. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui. Chiudendo questo banner o proseguendo nella navigazione acconsenti all’uso dei cookie.

X