LEADER 06895nam 2200649 450 001 9910466127703321 005 20211115232453.0 010 $a1-78439-202-2 035 $a(CKB)3710000000635326 035 $a(EBL)4520648 035 $a(MiAaPQ)EBC4520648 035 $a(CaSebORM)9781784395810 035 $a(PPN)192902229 035 $a(Au-PeEL)EBL4520648 035 $a(CaPaEBR)ebr11221711 035 $a(CaONFJC)MIL908928 035 $a(OCoLC)951665756 035 $a(EXLCZ)993710000000635326 100 $a20160701h20162016 uy| 0 101 0 $aeng 135 $aur|n|---||||| 181 $2rdacontent 182 $2rdamedia 183 $2rdacarrier 200 10$aAdvanced penetration testing for highly-secured environments 205 $aSecond edition /$bemploy the most advanced pentesting techniques and tools to build highly-secured systems and environments / Lee Allen, Kevin Cardwell. 210 1$aBirmingham :$cPackt Publishing,$d[2016] 210 4$dİ2016 215 $a1 online resource (428 p.) 225 1 $aCommunity experience distilled 300 $aIncludes index. 311 $a1-78439-581-1 327 $aCover; Copyright; Credits; About the Authors; About the Reviewer; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Penetration Testing Essentials; Chapter 2: Preparing a Test Environment; Chapter 3: Assessment Planning; Chapter 4: Intelligence Gathering; Chapter 5: Network Service Attacks; Chapter 6: Exploitation; Chapter 7: Web Application Attacks; Chapter 8: Exploitation Concepts; Chapter 9: Post-Exploitation; Chapter 10: Stealth Techniques; Chapter 11: Data Gathering and Reporting; Chapter 12: Penetration Testing Challenge; Index; Methodology defined; Example methodologies 327 $aAbstract methodologySummary; Introducing VMware Workstation; Installing VMware Workstation; Network design; Understanding the default architecture; Creating the switches; Putting it all together; Summary; Introducing advanced penetration testing; Before testing begins; Planning for action; Installing LibreOffice; Effectively managing your test results; Introduction to the Dradis framework; Summary; Introducing reconnaissance; DNS recon; Gathering and validating domain and IP information; Using search engines to do your job for you; Creating network baselines with scanPBNJ; Summary 327 $aWeb Application Attack and Audit framework (w3af)Introduction to browser plugin HackBar; Reader challenge; Summary; Buffer overflows - a refresher; 64-bit exploitation; Introducing vulnserver; Fuzzing tools included in Kali; Social Engineering Toolkit; Fast-Track; Reader challenge; Summary; Rules of Engagement; Data gathering, network analysis, and pillaging; Pivoting; Reader challenge; Summary; Lab preparation; Stealth scanning through the firewall; Now you see me, now you don't - avoiding IDS; Blending in; PfSense SSH logs; Looking at traffic patterns; Cleaning up compromised hosts 327 $aMiscellaneous evasion techniquesReader challenge; Summary; Record now - sort later; Old school - the text editor method; Dradis framework for collaboration; The report; Reader challenge; Summary; Firewall lab setup; The scenario; The virtual lab setup; The challenge; The walkthrough; Reporting; Summary; Penetration testing framework; Penetration Testing Execution Standard; Pre-engagement interactions; Intelligence gathering; Threat modeling; Vulnerability analysis; Exploitation; Post exploitation; Reporting; Final thoughts; Why VMware Workstation?; VMnet0; VMnet1; VMnet8; Folders 327 $aInstalling Kali Linux 330 $aEmploy the most advanced pentesting techniques and tools to build highly-secured systems and environments About This Book Learn how to build your own pentesting lab environment to practice advanced techniques Customize your own scripts, and learn methods to exploit 32-bit and 64-bit programs Explore a vast variety of stealth techniques to bypass a number of protections when penetration testing Who This Book Is For This book is for anyone who wants to improve their skills in penetration testing. As it follows a step-by-step approach, anyone from a novice to an experienced security tester can learn effective techniques to deal with highly secured environments. Whether you are brand new or a seasoned expert, this book will provide you with the skills you need to successfully create, customize, and plan an advanced penetration test. What You Will Learn A step-by-step methodology to identify and penetrate secured environments Get to know the process to test network services across enterprise architecture when defences are in place Grasp different web application testing methods and how to identify web application protections that are deployed Understand a variety of concepts to exploit software Gain proven post-exploitation techniques to exfiltrate data from the target Get to grips with various stealth techniques to remain undetected and defeat the latest defences Be the first to find out the latest methods to bypass firewalls Follow proven approaches to record and save the data from tests for analysis In Detail The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes. The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration... 410 0$aCommunity experience distilled. 606 $aPenetration testing (Computer security) 606 $aComputer networks$xSecurity measures 606 $aComputer security$xManagement 606 $aComputer networks 608 $aElectronic books. 615 0$aPenetration testing (Computer security) 615 0$aComputer networks$xSecurity measures. 615 0$aComputer security$xManagement. 615 0$aComputer networks. 700 $aAllen$b Lee$c(Information security specialist),$0944552 702 $aCardwell$b Kevin 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910466127703321 996 $aAdvanced penetration testing for highly-secured environments$92192264 997 $aUNINA