Penetration testing bootcamp: quickly get up and running with pentesting techniques
Cover -- Copyright -- Credits -- About the Author -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Planning and Preparation -- Why does penetration testing take place? -- Understanding the engagement -- Defining objectives with stakeholder...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Birmingham ; Mumbai
Packt
June 2017
|
| Schlagworte: | |
| Online-Zugang: | FUBA1 UBY01 |
| Zusammenfassung: | Cover -- Copyright -- Credits -- About the Author -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Planning and Preparation -- Why does penetration testing take place? -- Understanding the engagement -- Defining objectives with stakeholder questionnaires -- Scoping criteria -- Documentation -- Understanding the network diagram - onshore IT example -- Data flow diagram -- Organization chart -- Building the systems for the penetration test -- Penetration system software setup -- Summary -- Chapter 2: Information Gathering -- Understanding the current environment -- Where to look for information - checking out the toolbox! -- Search engines as an information source -- Utilizing whois for information gathering -- Enumerating DNS with dnsmap -- DNS reconnaissance with DNSRecon -- Checking for a DNS BIND version -- Probing the network with Nmap -- Checking for DNS recursion with NSE -- Fingerprinting systems with P0f -- Firewall reconnaissance with Firewalk -- Detecting a web application firewall -- Protocol fuzzing with DotDotPwn -- Using Netdiscover to find undocumented IPs -- Enumerating your findings -- Summary -- Chapter 3: Setting up and maintaining the Command and Control Server -- Command and control servers -- Setting up secure connectivity -- Inside server SSH setup -- Command and control server SSH setup -- Setting up a reverse SSH tunnel -- stunnel to the rescue -- stunnel setup on the client - Raspberry Pi -- Verifying automation -- Automating evidence collection -- File utilities -- Playing with tar -- Split utility -- Summary -- Chapter 4: Vulnerability Scanning and Metasploit -- Vulnerability scanning tools -- Scanning techniques -- OpenVAS -- Getting started with OpenVAS -- Performing scans against the environment -- Getting started with Metasploit Exploiting our targets with Metasploit -- Understanding client-side attacks -- Using BeEF for browser-based exploitation -- Using SET for client-side exploitation -- Summary -- Chapter 5: Traffic Sniffing and Spoofing -- Traffic sniffing tools and techniques -- Sniffing tools -- Tcpdump -- WinDump -- Wireshark -- Understanding spoofing attacks -- ARP spoofing -- Ettercap -- SSLStrip -- Intercepting SSL traffic with SSLsplit -- Summary -- Chapter 6: Password-based Attacks -- Generating rainbow tables and wordlists -- Creating rainbows with RainbowCrack -- Crunching wordlists -- Online locations -- Cracking utilities -- John the Ripper -- THC-Hydra -- Ncrack -- Medusa -- Social engineering experiments -- Impersonation to get the goods -- Scenario 1 -- Scenario 2 -- Dumpster diving -- Free USB drives for all!! -- Summary -- Chapter 7: Attacks on the Network Infrastructure -- Wired-based attacks -- snmp-check -- Rogue DHCP server -- Denial-of-service checks -- Various attacks with hping3 -- Land attacks with hping3 -- Smurf attacks using hping3 -- MAC flooding with Macof -- Wireless-based attacks -- Cracking WPA2 with aircrack-ng -- Monitoring the airway with Kismet -- Attacking WEP with wifite -- Bluetooth probing -- Bluelog -- Btscanner -- Blueranger -- Scanning with Hcitool -- Physical security considerations -- Secure access -- Employee/vendor identification -- Summary -- Chapter 8: Web Application Attacks -- Manipulation by client-side testing -- Cross-site scripting attacks -- Reflected XSS attack -- Stored XSS attack -- Using OWASP ZAP to find session issues -- Infrastructure and design weaknesses -- Uniscan -- Using Skipfish for web application recon -- Identity-based testing -- Role based access control -- Apache-users -- Wfuzz -- Validating data, error handling, and logic -- SQL Injection fun with Sqlmap -- Error handling issues Session management -- Burp suite with intercept -- Using XSS for cookie retrieval -- Summary -- Chapter 9: Cleaning Up and Getting Out -- Cleaning up any trails left behind -- Covering your tracks -- Clearev with Metasploit -- Shredding files with shred -- CLI tips for hiding your tracks -- ClearLogs for Windows -- Using DD and mkfs to clear drives -- LUKS Nuke blowing up partition -- Destroying equipment -- Stakeholder-sponsored destruction -- Destruction by the penetration tester -- Summary -- Chapter 10: Writing Up the Penetration Testing Report -- Gathering all your data -- Importance of defining risk -- Structure of a penetration test report -- Cover sheet -- Table of contents -- Executive summary -- The scope of the project -- Objectives of the penetration test -- Description of risk rating scale -- Summary of findings -- Detailed findings -- Conclusion -- Appendix A - tools used -- Appendix B - attached reports -- Appendix C - attached diagrams -- About your company -- Building the report -- Delivering the report -- Summary -- Index |
| Beschreibung: | 1 Online-Ressource (v, 239 Seiten) |
| ISBN: | 9781787281073 |
Internformat
MARC
| LEADER | 00000nmm a2200000 c 4500 | ||
|---|---|---|---|
| 001 | BV046655947 | ||
| 003 | DE-604 | ||
| 005 | 20220329 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 200403s2017 |||| o||u| ||||||eng d | ||
| 020 | |a 9781787281073 |c Online |9 978-1-78728-107-3 | ||
| 035 | |a (OCoLC)1030375084 | ||
| 035 | |a (DE-599)GBV893361658 | ||
| 040 | |a DE-604 |b ger |e rda | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-706 |a DE-188 | ||
| 100 | 1 | |a Beltrame, Jason |e Verfasser |0 (DE-588)1191800741 |4 aut | |
| 245 | 1 | 0 | |a Penetration testing bootcamp |b quickly get up and running with pentesting techniques |c Jason Beltrame |
| 264 | 1 | |a Birmingham ; Mumbai |b Packt |c June 2017 | |
| 300 | |a 1 Online-Ressource (v, 239 Seiten) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 520 | 3 | |a Cover -- Copyright -- Credits -- About the Author -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Planning and Preparation -- Why does penetration testing take place? -- Understanding the engagement -- Defining objectives with stakeholder questionnaires -- Scoping criteria -- Documentation -- Understanding the network diagram - onshore IT example -- Data flow diagram -- Organization chart -- Building the systems for the penetration test -- Penetration system software setup -- Summary -- Chapter 2: Information Gathering -- Understanding the current environment -- Where to look for information - checking out the toolbox! -- Search engines as an information source -- Utilizing whois for information gathering -- Enumerating DNS with dnsmap -- DNS reconnaissance with DNSRecon -- Checking for a DNS BIND version -- Probing the network with Nmap -- Checking for DNS recursion with NSE -- Fingerprinting systems with P0f -- Firewall reconnaissance with Firewalk -- Detecting a web application firewall -- Protocol fuzzing with DotDotPwn -- Using Netdiscover to find undocumented IPs -- Enumerating your findings -- Summary -- Chapter 3: Setting up and maintaining the Command and Control Server -- Command and control servers -- Setting up secure connectivity -- Inside server SSH setup -- Command and control server SSH setup -- Setting up a reverse SSH tunnel -- stunnel to the rescue -- stunnel setup on the client - Raspberry Pi -- Verifying automation -- Automating evidence collection -- File utilities -- Playing with tar -- Split utility -- Summary -- Chapter 4: Vulnerability Scanning and Metasploit -- Vulnerability scanning tools -- Scanning techniques -- OpenVAS -- Getting started with OpenVAS -- Performing scans against the environment -- Getting started with Metasploit | |
| 520 | 3 | |a Exploiting our targets with Metasploit -- Understanding client-side attacks -- Using BeEF for browser-based exploitation -- Using SET for client-side exploitation -- Summary -- Chapter 5: Traffic Sniffing and Spoofing -- Traffic sniffing tools and techniques -- Sniffing tools -- Tcpdump -- WinDump -- Wireshark -- Understanding spoofing attacks -- ARP spoofing -- Ettercap -- SSLStrip -- Intercepting SSL traffic with SSLsplit -- Summary -- Chapter 6: Password-based Attacks -- Generating rainbow tables and wordlists -- Creating rainbows with RainbowCrack -- Crunching wordlists -- Online locations -- Cracking utilities -- John the Ripper -- THC-Hydra -- Ncrack -- Medusa -- Social engineering experiments -- Impersonation to get the goods -- Scenario 1 -- Scenario 2 -- Dumpster diving -- Free USB drives for all!! -- Summary -- Chapter 7: Attacks on the Network Infrastructure -- Wired-based attacks -- snmp-check -- Rogue DHCP server -- Denial-of-service checks -- Various attacks with hping3 -- Land attacks with hping3 -- Smurf attacks using hping3 -- MAC flooding with Macof -- Wireless-based attacks -- Cracking WPA2 with aircrack-ng -- Monitoring the airway with Kismet -- Attacking WEP with wifite -- Bluetooth probing -- Bluelog -- Btscanner -- Blueranger -- Scanning with Hcitool -- Physical security considerations -- Secure access -- Employee/vendor identification -- Summary -- Chapter 8: Web Application Attacks -- Manipulation by client-side testing -- Cross-site scripting attacks -- Reflected XSS attack -- Stored XSS attack -- Using OWASP ZAP to find session issues -- Infrastructure and design weaknesses -- Uniscan -- Using Skipfish for web application recon -- Identity-based testing -- Role based access control -- Apache-users -- Wfuzz -- Validating data, error handling, and logic -- SQL Injection fun with Sqlmap -- Error handling issues | |
| 520 | 3 | |a Session management -- Burp suite with intercept -- Using XSS for cookie retrieval -- Summary -- Chapter 9: Cleaning Up and Getting Out -- Cleaning up any trails left behind -- Covering your tracks -- Clearev with Metasploit -- Shredding files with shred -- CLI tips for hiding your tracks -- ClearLogs for Windows -- Using DD and mkfs to clear drives -- LUKS Nuke blowing up partition -- Destroying equipment -- Stakeholder-sponsored destruction -- Destruction by the penetration tester -- Summary -- Chapter 10: Writing Up the Penetration Testing Report -- Gathering all your data -- Importance of defining risk -- Structure of a penetration test report -- Cover sheet -- Table of contents -- Executive summary -- The scope of the project -- Objectives of the penetration test -- Description of risk rating scale -- Summary of findings -- Detailed findings -- Conclusion -- Appendix A - tools used -- Appendix B - attached reports -- Appendix C - attached diagrams -- About your company -- Building the report -- Delivering the report -- Summary -- Index | |
| 650 | 0 | 7 | |a Computersicherheit |0 (DE-588)4274324-2 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Raspberry Pi |0 (DE-588)1027903738 |2 gnd |9 rswk-swf |
| 650 | 0 | 7 | |a Penetrationstest |0 (DE-588)4825817-9 |2 gnd |9 rswk-swf |
| 653 | 0 | |a Penetration testing (Computer security) | |
| 653 | 0 | |a Computer networks / Security measures | |
| 653 | 0 | |a Raspberry Pi (Computer) | |
| 653 | 0 | |a Electronic books | |
| 689 | 0 | 0 | |a Computersicherheit |0 (DE-588)4274324-2 |D s |
| 689 | 0 | 1 | |a Penetrationstest |0 (DE-588)4825817-9 |D s |
| 689 | 0 | 2 | |a Raspberry Pi |0 (DE-588)1027903738 |D s |
| 689 | 0 | |5 DE-604 | |
| 776 | 0 | 8 | |i Erscheint auch als |n Druck-Ausgabe |z 978-1-78728-874-4 |
| 912 | |a ZDB-4-NLEBK |a ZDB-4-EBA | ||
| 999 | |a oai:aleph.bib-bvb.de:BVB01-032067109 | ||
| 966 | e | |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=1543837 |l FUBA1 |p ZDB-4-EBA |q ZDB-4-EBA 2021 |x Aggregator |3 Volltext | |
| 966 | e | |u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=1543837 |l UBY01 |p ZDB-4-NLEBK |q UBY01_DDA20 |x Aggregator |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1804181360853647360 |
|---|---|
| adam_txt | |
| any_adam_object | |
| any_adam_object_boolean | |
| author | Beltrame, Jason |
| author_GND | (DE-588)1191800741 |
| author_facet | Beltrame, Jason |
| author_role | aut |
| author_sort | Beltrame, Jason |
| author_variant | j b jb |
| building | Verbundindex |
| bvnumber | BV046655947 |
| collection | ZDB-4-NLEBK ZDB-4-EBA |
| ctrlnum | (OCoLC)1030375084 (DE-599)GBV893361658 |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>06648nmm a2200469 c 4500</leader><controlfield tag="001">BV046655947</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20220329 </controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">200403s2017 |||| o||u| ||||||eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781787281073</subfield><subfield code="c">Online</subfield><subfield code="9">978-1-78728-107-3</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1030375084</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)GBV893361658</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-706</subfield><subfield code="a">DE-188</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Beltrame, Jason</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)1191800741</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Penetration testing bootcamp</subfield><subfield code="b">quickly get up and running with pentesting techniques</subfield><subfield code="c">Jason Beltrame</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham ; Mumbai</subfield><subfield code="b">Packt</subfield><subfield code="c">June 2017</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (v, 239 Seiten)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">Cover -- Copyright -- Credits -- About the Author -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Planning and Preparation -- Why does penetration testing take place? -- Understanding the engagement -- Defining objectives with stakeholder questionnaires -- Scoping criteria -- Documentation -- Understanding the network diagram - onshore IT example -- Data flow diagram -- Organization chart -- Building the systems for the penetration test -- Penetration system software setup -- Summary -- Chapter 2: Information Gathering -- Understanding the current environment -- Where to look for information - checking out the toolbox! -- Search engines as an information source -- Utilizing whois for information gathering -- Enumerating DNS with dnsmap -- DNS reconnaissance with DNSRecon -- Checking for a DNS BIND version -- Probing the network with Nmap -- Checking for DNS recursion with NSE -- Fingerprinting systems with P0f -- Firewall reconnaissance with Firewalk -- Detecting a web application firewall -- Protocol fuzzing with DotDotPwn -- Using Netdiscover to find undocumented IPs -- Enumerating your findings -- Summary -- Chapter 3: Setting up and maintaining the Command and Control Server -- Command and control servers -- Setting up secure connectivity -- Inside server SSH setup -- Command and control server SSH setup -- Setting up a reverse SSH tunnel -- stunnel to the rescue -- stunnel setup on the client - Raspberry Pi -- Verifying automation -- Automating evidence collection -- File utilities -- Playing with tar -- Split utility -- Summary -- Chapter 4: Vulnerability Scanning and Metasploit -- Vulnerability scanning tools -- Scanning techniques -- OpenVAS -- Getting started with OpenVAS -- Performing scans against the environment -- Getting started with Metasploit</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">Exploiting our targets with Metasploit -- Understanding client-side attacks -- Using BeEF for browser-based exploitation -- Using SET for client-side exploitation -- Summary -- Chapter 5: Traffic Sniffing and Spoofing -- Traffic sniffing tools and techniques -- Sniffing tools -- Tcpdump -- WinDump -- Wireshark -- Understanding spoofing attacks -- ARP spoofing -- Ettercap -- SSLStrip -- Intercepting SSL traffic with SSLsplit -- Summary -- Chapter 6: Password-based Attacks -- Generating rainbow tables and wordlists -- Creating rainbows with RainbowCrack -- Crunching wordlists -- Online locations -- Cracking utilities -- John the Ripper -- THC-Hydra -- Ncrack -- Medusa -- Social engineering experiments -- Impersonation to get the goods -- Scenario 1 -- Scenario 2 -- Dumpster diving -- Free USB drives for all!! -- Summary -- Chapter 7: Attacks on the Network Infrastructure -- Wired-based attacks -- snmp-check -- Rogue DHCP server -- Denial-of-service checks -- Various attacks with hping3 -- Land attacks with hping3 -- Smurf attacks using hping3 -- MAC flooding with Macof -- Wireless-based attacks -- Cracking WPA2 with aircrack-ng -- Monitoring the airway with Kismet -- Attacking WEP with wifite -- Bluetooth probing -- Bluelog -- Btscanner -- Blueranger -- Scanning with Hcitool -- Physical security considerations -- Secure access -- Employee/vendor identification -- Summary -- Chapter 8: Web Application Attacks -- Manipulation by client-side testing -- Cross-site scripting attacks -- Reflected XSS attack -- Stored XSS attack -- Using OWASP ZAP to find session issues -- Infrastructure and design weaknesses -- Uniscan -- Using Skipfish for web application recon -- Identity-based testing -- Role based access control -- Apache-users -- Wfuzz -- Validating data, error handling, and logic -- SQL Injection fun with Sqlmap -- Error handling issues</subfield></datafield><datafield tag="520" ind1="3" ind2=" "><subfield code="a">Session management -- Burp suite with intercept -- Using XSS for cookie retrieval -- Summary -- Chapter 9: Cleaning Up and Getting Out -- Cleaning up any trails left behind -- Covering your tracks -- Clearev with Metasploit -- Shredding files with shred -- CLI tips for hiding your tracks -- ClearLogs for Windows -- Using DD and mkfs to clear drives -- LUKS Nuke blowing up partition -- Destroying equipment -- Stakeholder-sponsored destruction -- Destruction by the penetration tester -- Summary -- Chapter 10: Writing Up the Penetration Testing Report -- Gathering all your data -- Importance of defining risk -- Structure of a penetration test report -- Cover sheet -- Table of contents -- Executive summary -- The scope of the project -- Objectives of the penetration test -- Description of risk rating scale -- Summary of findings -- Detailed findings -- Conclusion -- Appendix A - tools used -- Appendix B - attached reports -- Appendix C - attached diagrams -- About your company -- Building the report -- Delivering the report -- Summary -- Index</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Raspberry Pi</subfield><subfield code="0">(DE-588)1027903738</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Penetrationstest</subfield><subfield code="0">(DE-588)4825817-9</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Penetration testing (Computer security)</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer networks / Security measures</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Raspberry Pi (Computer)</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Electronic books</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="1"><subfield code="a">Penetrationstest</subfield><subfield code="0">(DE-588)4825817-9</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2="2"><subfield code="a">Raspberry Pi</subfield><subfield code="0">(DE-588)1027903738</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Erscheint auch als</subfield><subfield code="n">Druck-Ausgabe</subfield><subfield code="z">978-1-78728-874-4</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-NLEBK</subfield><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-032067109</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=1543837</subfield><subfield code="l">FUBA1</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">ZDB-4-EBA 2021</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=1543837</subfield><subfield code="l">UBY01</subfield><subfield code="p">ZDB-4-NLEBK</subfield><subfield code="q">UBY01_DDA20</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV046655947 |
| illustrated | Not Illustrated |
| index_date | 2024-07-03T14:18:00Z |
| indexdate | 2024-07-10T08:50:25Z |
| institution | BVB |
| isbn | 9781787281073 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-032067109 |
| oclc_num | 1030375084 |
| open_access_boolean | |
| owner | DE-706 DE-188 |
| owner_facet | DE-706 DE-188 |
| physical | 1 Online-Ressource (v, 239 Seiten) |
| psigel | ZDB-4-NLEBK ZDB-4-EBA ZDB-4-EBA ZDB-4-EBA 2021 ZDB-4-NLEBK UBY01_DDA20 |
| publishDate | 2017 |
| publishDateSearch | 2017 |
| publishDateSort | 2017 |
| publisher | Packt |
| record_format | marc |
| spelling | Beltrame, Jason Verfasser (DE-588)1191800741 aut Penetration testing bootcamp quickly get up and running with pentesting techniques Jason Beltrame Birmingham ; Mumbai Packt June 2017 1 Online-Ressource (v, 239 Seiten) txt rdacontent c rdamedia cr rdacarrier Cover -- Copyright -- Credits -- About the Author -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Planning and Preparation -- Why does penetration testing take place? -- Understanding the engagement -- Defining objectives with stakeholder questionnaires -- Scoping criteria -- Documentation -- Understanding the network diagram - onshore IT example -- Data flow diagram -- Organization chart -- Building the systems for the penetration test -- Penetration system software setup -- Summary -- Chapter 2: Information Gathering -- Understanding the current environment -- Where to look for information - checking out the toolbox! -- Search engines as an information source -- Utilizing whois for information gathering -- Enumerating DNS with dnsmap -- DNS reconnaissance with DNSRecon -- Checking for a DNS BIND version -- Probing the network with Nmap -- Checking for DNS recursion with NSE -- Fingerprinting systems with P0f -- Firewall reconnaissance with Firewalk -- Detecting a web application firewall -- Protocol fuzzing with DotDotPwn -- Using Netdiscover to find undocumented IPs -- Enumerating your findings -- Summary -- Chapter 3: Setting up and maintaining the Command and Control Server -- Command and control servers -- Setting up secure connectivity -- Inside server SSH setup -- Command and control server SSH setup -- Setting up a reverse SSH tunnel -- stunnel to the rescue -- stunnel setup on the client - Raspberry Pi -- Verifying automation -- Automating evidence collection -- File utilities -- Playing with tar -- Split utility -- Summary -- Chapter 4: Vulnerability Scanning and Metasploit -- Vulnerability scanning tools -- Scanning techniques -- OpenVAS -- Getting started with OpenVAS -- Performing scans against the environment -- Getting started with Metasploit Exploiting our targets with Metasploit -- Understanding client-side attacks -- Using BeEF for browser-based exploitation -- Using SET for client-side exploitation -- Summary -- Chapter 5: Traffic Sniffing and Spoofing -- Traffic sniffing tools and techniques -- Sniffing tools -- Tcpdump -- WinDump -- Wireshark -- Understanding spoofing attacks -- ARP spoofing -- Ettercap -- SSLStrip -- Intercepting SSL traffic with SSLsplit -- Summary -- Chapter 6: Password-based Attacks -- Generating rainbow tables and wordlists -- Creating rainbows with RainbowCrack -- Crunching wordlists -- Online locations -- Cracking utilities -- John the Ripper -- THC-Hydra -- Ncrack -- Medusa -- Social engineering experiments -- Impersonation to get the goods -- Scenario 1 -- Scenario 2 -- Dumpster diving -- Free USB drives for all!! -- Summary -- Chapter 7: Attacks on the Network Infrastructure -- Wired-based attacks -- snmp-check -- Rogue DHCP server -- Denial-of-service checks -- Various attacks with hping3 -- Land attacks with hping3 -- Smurf attacks using hping3 -- MAC flooding with Macof -- Wireless-based attacks -- Cracking WPA2 with aircrack-ng -- Monitoring the airway with Kismet -- Attacking WEP with wifite -- Bluetooth probing -- Bluelog -- Btscanner -- Blueranger -- Scanning with Hcitool -- Physical security considerations -- Secure access -- Employee/vendor identification -- Summary -- Chapter 8: Web Application Attacks -- Manipulation by client-side testing -- Cross-site scripting attacks -- Reflected XSS attack -- Stored XSS attack -- Using OWASP ZAP to find session issues -- Infrastructure and design weaknesses -- Uniscan -- Using Skipfish for web application recon -- Identity-based testing -- Role based access control -- Apache-users -- Wfuzz -- Validating data, error handling, and logic -- SQL Injection fun with Sqlmap -- Error handling issues Session management -- Burp suite with intercept -- Using XSS for cookie retrieval -- Summary -- Chapter 9: Cleaning Up and Getting Out -- Cleaning up any trails left behind -- Covering your tracks -- Clearev with Metasploit -- Shredding files with shred -- CLI tips for hiding your tracks -- ClearLogs for Windows -- Using DD and mkfs to clear drives -- LUKS Nuke blowing up partition -- Destroying equipment -- Stakeholder-sponsored destruction -- Destruction by the penetration tester -- Summary -- Chapter 10: Writing Up the Penetration Testing Report -- Gathering all your data -- Importance of defining risk -- Structure of a penetration test report -- Cover sheet -- Table of contents -- Executive summary -- The scope of the project -- Objectives of the penetration test -- Description of risk rating scale -- Summary of findings -- Detailed findings -- Conclusion -- Appendix A - tools used -- Appendix B - attached reports -- Appendix C - attached diagrams -- About your company -- Building the report -- Delivering the report -- Summary -- Index Computersicherheit (DE-588)4274324-2 gnd rswk-swf Raspberry Pi (DE-588)1027903738 gnd rswk-swf Penetrationstest (DE-588)4825817-9 gnd rswk-swf Penetration testing (Computer security) Computer networks / Security measures Raspberry Pi (Computer) Electronic books Computersicherheit (DE-588)4274324-2 s Penetrationstest (DE-588)4825817-9 s Raspberry Pi (DE-588)1027903738 s DE-604 Erscheint auch als Druck-Ausgabe 978-1-78728-874-4 |
| spellingShingle | Beltrame, Jason Penetration testing bootcamp quickly get up and running with pentesting techniques Computersicherheit (DE-588)4274324-2 gnd Raspberry Pi (DE-588)1027903738 gnd Penetrationstest (DE-588)4825817-9 gnd |
| subject_GND | (DE-588)4274324-2 (DE-588)1027903738 (DE-588)4825817-9 |
| title | Penetration testing bootcamp quickly get up and running with pentesting techniques |
| title_auth | Penetration testing bootcamp quickly get up and running with pentesting techniques |
| title_exact_search | Penetration testing bootcamp quickly get up and running with pentesting techniques |
| title_exact_search_txtP | Penetration testing bootcamp quickly get up and running with pentesting techniques |
| title_full | Penetration testing bootcamp quickly get up and running with pentesting techniques Jason Beltrame |
| title_fullStr | Penetration testing bootcamp quickly get up and running with pentesting techniques Jason Beltrame |
| title_full_unstemmed | Penetration testing bootcamp quickly get up and running with pentesting techniques Jason Beltrame |
| title_short | Penetration testing bootcamp |
| title_sort | penetration testing bootcamp quickly get up and running with pentesting techniques |
| title_sub | quickly get up and running with pentesting techniques |
| topic | Computersicherheit (DE-588)4274324-2 gnd Raspberry Pi (DE-588)1027903738 gnd Penetrationstest (DE-588)4825817-9 gnd |
| topic_facet | Computersicherheit Raspberry Pi Penetrationstest |
| work_keys_str_mv | AT beltramejason penetrationtestingbootcampquicklygetupandrunningwithpentestingtechniques |