Learn Penetration Testing
Understand the art of penetration testing and develop your white hat hacker skills
- 출간 정보
- 2019.05.31. 전자책 출간
- 파일 정보
<Learn Penetration Testing> ▶Book Description
Sending information via the internet is not entirely private, as evidenced by the rise in hacking, malware attacks, and security threats. With the help of this book, you'll learn crucial penetration testing techniques to help you evaluate enterprise defenses.
You'll start by understanding each stage of pentesting and deploying target virtual machines, including Linux and Windows. Next, the book will guide you through performing intermediate penetration testing in a controlled environment. With the help of practical use cases, you'll also be able to implement your learning in real-world scenarios. By studying everything from setting up your lab, information gathering and password attacks, through to social engineering and post exploitation, you'll be able to successfully overcome security threats. The book will even help you leverage the best tools, such as Kali Linux, Metasploit, Burp Suite, and other open source pentesting tools to perform these techniques. Toward the later chapters, you'll focus on best practices to quickly resolve security threats.
By the end of this book, you'll be well versed with various penetration testing techniques so as to be able to tackle security threats effectively
▶What You Will Learn
- Perform entry-level penetration tests by learning various concepts and techniques
- Understand both common and not-so-common vulnerabilities from an attacker's perspective
- Get familiar with intermediate attack methods that can be used in real-world scenarios
- Understand how vulnerabilities are created by developers and how to fix some of them at source code level
- Become well versed with basic tools for ethical hacking purposes
- Exploit known vulnerable services with tools such as Metasploit
- Enhance your penetration testing skills to tackle security threats
- Learn to gather information, find vulnerabilities, and exploit enterprise defenses
- Navigate secured systems with the most up-to-date version of Kali Linux (2019.1) and Metasploit (5.0.0)
▶Who This Book Is For
If you're just getting started with penetration testing and want to explore various security domains, this book is for you. Security professionals, network engineers, and amateur ethical hackers will also find this book useful. Prior knowledge of penetration testing and ethical hacking is not necessary.
▶What this book covers
- Chapter 1, Introduction to Penetration Testing, helps you to understand what a penetration test is. Here, we will introduce the stages of a penetration test and what happens at each stage. Having a lab is key for learning, so we will cover how to build your own lab environment using VMware, Hyper-V, or VirtualBox. We will discuss target virtual machines based on Windows and Linux, which you will use to practice your skills.
- Chapter 2, Getting Started with Kali Linux, gets you started with a penetration base operating system. Kali Linux is well known and used by both pentesters and attackers. We will cover the installation and setup of Kali Linux, as well as the basic commands and essential tools that are contained within Kali Linux. We will look at installing additional tools, maintaining updates of the tools, and how to leverage scripts within Kali Linux.
- Chapter 3, Performing Information Gathering, gets you familiar with the various types of information gathering. We will cover various online resources and tools that can be used to gather information about your target. Techniques that are covered in this chapter include port scanning, vulnerability scanning, and traffic capturing.
- Chapter 4, Mastering Social Engineering, focuses on one of the most common attack methods in the real world. Here, we will cover why social engineering is successful and how you can conduct social engineering attacks using various tools.
- Chapter 5, Diving into the Metasploit Framework, focuses on a tool that speaks for itself. The Metasploit Framework is well known and is extremely flexible and robust. Here, you will learn about the various exploits that it contains and where to find additional ones. We will cover various components of the Metasploit Framework and how you can leverage this framework in a penetration test.
- Chapter 6, Understanding Password Attacks, dives into the various types of password attacks that exist. We will cover the tools that are used for the various attacks. You will learn how to build wordlists, and where you can obtain additional wordlists that are prebuilt. You will use these skills to perform password cracking and to dump credentials from memory.
- Chapter 7, Working with Burp Suite, teaches you how to use Burp Suite like a professional. Here, we will look at how you can obtain the latest version of Burp Suite Professional and the differences between the various editions. We will cover many aspects of the tool, and how to use the tool to perform various attacks.
- Chapter 8, Attacking Web Applications, is where we turn our focus to web applications. Web applications have evolved dramatically over the years, and we will cover the various components of web applications and some of the languages that are used for development. You will learn about various attacks and how to perform them using your lab environment, with tools designed for web application attacks.
- Chapter 9, Getting Started with Wireless Attacks, focuses on wireless technologies. To perform a penetration test on a wireless network, you need to understand the components of a wireless network, as well as the various wireless frames and tools that are used. We will cover all of these, including the hardware requirements for performing attacks against a wireless network.
- Chapter 10, Moving Laterally and Escalating Your Privileges, focuses on post-exploitation. You will learn the various post exploitation techniques that exist and the various tools that can be used. Here, we will focus on performing post-exploitation attacks on an Active Directory domain by taking advantage of the workings of the Kerberos protocol.
- Chapter 11, Antivirus Evasion, looks at how antivirus technologies have evolved. Here, we will cover the various techniques that exist for antivirus evasion. We will look at the tools that can be used, and how to use the various tools when building a payload to avoid detection.
- Chapter 12, Maintaining Control within the Environment, finalizes the post exploitation phase by looking at how we can maintain a foothold within a compromised network. Here, we will look at various ways in which we can maintain persistence, and what tools can be used to accomplish our goal.
- Chapter 13, Reporting and Acting on Your Findings, looks at an integral part of any penetration test. In this chapter, you will learn how to write a penetration testing report that is tailored to executives and technical staff. You will learn about the various recommendations that should be made to remediate some of the common findings that you would come across in a real-world penetration test.
- Chapter 14, Where Do I Go from Here?, concludes the book by looking at how you can take your skills to the next level. We will cover some certifications and where you can obtain vulnerable operating systems that you can use to practice and enhance your skills.
Penetration testing can be a complex topic, especially if you are someone who is just starting out in the field. When I wrote this book, I looked at my own situation and how overwhelmed I felt when I started working in penetration testing. There is a lot of great content available online, but knowing where to start was the point that I really got stuck on. I would find content that assumes you have some knowledge of penetration testing, or knowledge of how a certain tool works, and so on.
This book is geared to those who are looking at finding a good starting point on their career within penetration testing. The objective of the book is not to teach you flashy skills that you can use to break into networks, but rather to help you gain a good understanding of the technology while practicing your skills in a controlled environment using real-world tools.
The goal of the book is to give you a good, solid understanding of penetration testing by the time you've finished reading. You will be able to fully grasp the phases of a penetration test, how to perform various techniques, and how to use various tools.
▶About the Author
- Rishalin Pillay
Rishalin Pillay has over 12 years' cybersecurity experience, and has acquired a vast amount of skills consulting for Fortune 500 companies while taking part in projects performing tasks in network security design, implementation, and vulnerability analysis.
He holds many certifications that demonstrate his knowledge and expertise in the cybersecurity field from vendors such as ISC2, Cisco, Juniper, Checkpoint, Microsoft, CompTIA, and more.
Rishalin currently works at a large software company as a Senior Cybersecurity Engineer.
▶TABLE of CONTENTS
1. Introduction to Penetration Testing
2. IGetting Started with Kali Linux
3. IPerforming Information Gathering
4. IMastering Social Engineering
5. IDiving into the Metasploit Framework
6. IUnderstanding Password Attacks
7. IWorking with Burp Suite
8. IAttacking Web Applications
9. IGetting Started with Wireless Attacks
10. IMoving Laterally and Escalating Your Privileges
11. IAntivirus Evasion
12. IMaintaining Control within the Environment
13. IReporting and Acting on Your Findings
14. IWhere Do I Go from Here?
내가 남긴 별점 0.0
'구매자' 표시는 리디북스에서 유료도서 결제 후 다운로드 하시거나 리디셀렉트 도서를 다운로드하신 경우에만 표시됩니다.
본문 끝 최상단으로 돌아가기
사용 가능 : 개
<>부터 총 화
총 화 대여 완료했습니다.
남은 작품 : 총 화 (원)
Learn Penetration Testing
대여 기간 : 일
결제 금액 : 원
결제 가능한 리디캐시, 포인트가 없습니다.
리디캐시를 충전하시면 자동으로 결제됩니다.
최대 9% 리디포인트 적립 혜택도 놓치지 마세요!
이미 구매한 작품입니다.
원하는 결제 방법을 선택해주세요.
대여 기간이 만료되었습니다.