04122nam 2200589 450 991081556490332120200520144314.01-78328-298-3(CKB)3710000000089791(EBL)1611819(SSID)ssj0001165522(PQKBManifestationID)11776996(PQKBTitleCode)TC0001165522(PQKBWorkID)11199179(PQKB)11088991(MiAaPQ)EBC1611819(Au-PeEL)EBL1611819(CaPaEBR)ebr10839994(CaONFJC)MIL577431(OCoLC)871189824(PPN)22803924X(EXLCZ)99371000000008979120140306h20142014 uy 0engur|n|---|||||txtccrPenetration testing with backbox an introductory guide to performing crucial penetration testing operations using backbox /Stefan Umit Uygur ; cover image by Aniket SawantBirmingham, England :Packt Publishing Ltd,2014.©20141 online resource (130 p.)Community experience distilledIncludes index.1-78328-297-5 Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Starting Out with BackBox Linux; A flexible penetration testing distribution; The organization of tools in BackBox; Information Gathering; Vulnerability Assessment; Exploitation; Privilege Escalation; Maintaining Access; Documentation & Reporting; Reverse Engineering; Social Engineering; Stress Testing; Forensic Analysis; VoIP Analysis; Wireless Analysis; Miscellaneous; Services; Update; Anonymous; Extras; Completeness, accuracy, and support; Links and contacts; SummaryChapter 2: Information GatheringStarting with an unknown system; Automater; Whatweb; Recon-ng; Proceeding with a known system; Nmap; Summary; Chapter 3: Vulnerability Assessment and Management; Vulnerability scanning; Setting up the environment; Running the scan with OpenVAS; False positives; An example of vulnerability verification; Summary; Chapter 4: Exploitations; Exploitation of a SQL injection on a database; Sqlmap usage and vulnerability exploitation; Finding the encrypted password; Exploiting web applications with W3af; Summary; Chapter 5: Eavesdropping and Privilege EscalationSniffing encrypted SSL/TLS trafficAn SSL MITM attack using sslstrip; Password cracking; Offline password cracking using John the Ripper; Remote password cracking with Hydra and xHydra; Summary; Chapter 6: Maintaining Access; Backdoor Weevely; Weevely in URL; Performing system commands; Enumerate config files; Getting access credentials; File editing; Gathering full system information; Summary; Chapter 7: Penetration Testing Methodologies with BackBox; Information gathering; Scanning; Exploitation; Summary; Chapter 8: Documentation and Reporting; MagicTree - the auditing productivity toolSummaryIndexBackBox is an amazing Linux security distribution designed to keep in mind the needs of security and system administration specialists. It has been developed to perform penetration tests and security assessments. Designed to be fast and easy to use while providing a minimal yet complete desktop environment, Backbox comes with its own software repositories and is continually updated to the latest stable version of the most widely used and best-known ethical hacking tools. This book provides an exciting introduction to BackBox Linux in order give you familiarity with and understanding of this amPenetration testing (Computer security)Penetration testing (Computer security)005.8Uygur Stefan Umit1614029Sawant Aniket1614030MiAaPQMiAaPQMiAaPQBOOK9910815564903321Penetration testing with backbox3943643UNINA