1.

Record Nr.

UNINA9910789005503321

Autore

Uygur Stefan Umit

Titolo

Penetration testing with backbox : an introductory guide to performing crucial penetration testing operations using backbox / / Stefan Umit Uygur ; cover image by Aniket Sawant

Pubbl/distr/stampa

Birmingham, England : , : Packt Publishing Ltd, , 2014

©2014

ISBN

1-78328-298-3

Descrizione fisica

1 online resource (130 p.)

Collana

Community experience distilled

Altri autori (Persone)

SawantAniket

Disciplina

005.8

Soggetti

Penetration testing (Computer security)

Lingua di pubblicazione

Inglese

Formato

Materiale a stampa

Livello bibliografico

Monografia

Note generali

Includes index.

Nota di contenuto

Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Starting Out with BackBox Linux; A flexible penetration testing distribution; The organization of tools in BackBox; Information Gathering; Vulnerability Assessment; Exploitation; Privilege Escalation; Maintaining Access; Documentation & Reporting; Reverse Engineering; Social Engineering; Stress Testing; Forensic Analysis; VoIP Analysis; Wireless Analysis; Miscellaneous; Services; Update; Anonymous; Extras; Completeness, accuracy, and support; Links and contacts; Summary

Chapter 2: Information GatheringStarting with an unknown system; Automater; Whatweb; Recon-ng; Proceeding with a known system; Nmap; Summary; Chapter 3: Vulnerability Assessment and Management; Vulnerability scanning; Setting up the environment; Running the scan with OpenVAS; False positives; An example of vulnerability verification; Summary; Chapter 4: Exploitations; Exploitation of a SQL injection on a database; Sqlmap usage and vulnerability exploitation; Finding the encrypted password; Exploiting web applications with W3af; Summary; Chapter 5: Eavesdropping and Privilege Escalation

Sniffing encrypted SSL/TLS trafficAn SSL MITM attack using sslstrip; Password cracking; Offline password cracking using John the Ripper; Remote password cracking with Hydra and xHydra; Summary; Chapter



6: Maintaining Access; Backdoor Weevely; Weevely in URL; Performing system commands; Enumerate config files; Getting access credentials; File editing; Gathering full system information; Summary; Chapter 7: Penetration Testing Methodologies with BackBox; Information gathering; Scanning; Exploitation; Summary; Chapter 8: Documentation and Reporting; MagicTree - the auditing productivity tool

SummaryIndex

Sommario/riassunto

BackBox is an amazing Linux security distribution designed to keep in mind the needs of security and system administration specialists. It has been developed to perform penetration tests and security assessments. Designed to be fast and easy to use while providing a minimal yet complete desktop environment, Backbox comes with its own software repositories and is continually updated to the latest stable version of the most widely used and best-known ethical hacking tools. This book provides an exciting introduction to BackBox Linux in order give you familiarity with and understanding of this am