Network Ethical Hacking and Penetration Testing
- Length: 387 pages
- Edition: 2
- Language: English
- Publication Date: 2021-08-09
- ISBN-10: B09CBNT5FJ
- Sales Rank: #573652 (See Top 100 Books)
This book is a comprehensive guide to performing network penetration testing (a.k.a., ethical hacking) according to international standards such as, the Penetration Testing Execution Standard (PTES). The book is highly technical with practical demonstration and tutorials on using different open-source tools.
The first module gives an introduction to penetration testing and explains the different standards available in the industry. Then, there is a small module on pre-engagement preparation – a necessary step in any ethical hacking engagement where you interact with your client and agree upon a scope.
Module three talks about intelligence gathering – a.k.a., reconnaissance and footprinting. We explain different important search engines: Google, Shodan, Pipl, Robtex, Builtwith, and Netcraft. Additionally, there is a great tutorial on Maltego, a multi-purpose intelligence gathering tool.
Module four explains techniques for network traffic manipulation. Those techniques are Sniffing, ARP Poisoning, SSL Stripping, and bind/reverse shell using Netcat. This module is followed by a module on Network and System Scanning containing a detailed tutorial on Nmap.
Module six talks about vulnerability analysis. There is a great explanation of the types and categories of vulnerabilities, in addition to a great tutorial on Nessus vulnerability scanner. The next two modules talk about Exploitation and Post-Exploitation tactics using Metasploit, the most popular exploitation framework, and Meterpreter, which is the most sophisticated payload.
The last two modules in the book are dedicated to Password Attacks and Wireless Attacks.
Chapter 01 Introduction to Network Penetration Testing Definition and Purpose Information Security Vulnerability, Threat, and Exploit Risk Assessment and Impact Analysis Types and Categories of Penetration Testing Methodologies and Standards The Open Source Security Testing Methodology Manual (OSSTMM) Penetration Testing Execution Standard (PTES) Technical Guide to Information Security Testing and Assessment by NIST (National Institute of Standards and Technology) The Penetration Testing Framework Open Web Application Security Project (OWASP) Testing Guide Module 02 Pre-Engagement Preparation The Scope and the Questionnaire Success Criteria Rules of Engagement Module 03 Intelligence Gathering Types of Intelligence Gathering Types of Gathered Information Levels of Intelligence Gathering Practical Techniques Manual Website Analysis Accessing WHOIS Information Regional Internet Registries (RIR) Domain Registries WHOIS Command-Line Tool Online WHOIS DNS Records Querying DNS Records DNS Name Guessing DNS Zone Transfer Public Search Engine Google – Search Engine Shodan – IoT Search Engine Pipl – People Search RobTex – DNS Lookup Engine BuiltWith – Web Technology Mining Netcraft – Web Analyzer How to Find Insecure Sensitive Files of your Target on the Internet Querying Google for Document Files Automatic Document Retrieval and Analysis with “Metagoofil” Maltego Tool Running and Exploring Maltego Getting Information with Transforms Deeper Look into Entities and Transforms Module 04 Network Traffic Manipulation Network Traffic Sniffing Tcpdump Wireshark Network Traffic Interception Hub vs. Switch ARP Poisoning Arpspoof Bind and Reverse Shell with Netcat Overview Enter the Netcat Bind Shell Reverse Shell Summary SSL/TLS Hijacking Using SSLstrip The HTTP 302 Redirect Exploiting the 302 Redirect Running SSLstrip Final Notes Module 05 Network and System Scanning Introduction Host Discovery ICMP-Based Methods TCP-Based Methods UDP-Based Method Port Scanning TCP Port Scanning UDP Port Scanning Service Version Detection Operating System (OS) Fingerprinting Module 06 Vulnerability Analysis Overview Initial Discovery of Vulnerabilities Reverse Engineering Vulnerability Categories Insufficient Input Validation Vulnerabilities Cryptographic Vulnerabilities Configuration Vulnerabilities TCP/IP Protocol Vulnerabilities Authentication Vulnerabilities Authorization Vulnerabilities Availability Vulnerabilities Hardware Vulnerabilities Vulnerability Tracking and Rating Common Vulnerabilities and Exposures (CVE) System Common Vulnerability Scoring System (CVSS) Online Vulnerability Databases Automated Vulnerability Scanners Nessus Security Scanner Installing Nessus Scanning Templates Configuring a New Scan Scanning Metasploitable System Module 07 Exploitation Introduction Impacts of Exploitation Remote Code Execution (RCE) Privilege Escalation Information Disclosure Denial of Service (DoS) The Exploit vs. the Payload Buffer Over Exploitation, an Introductory Demonstration The Instruction Pointer The Buffer and the Stack Input Validation Exploitation Mitigation Techniques Types of Exploitation Remote Exploitation Local Exploitation (Local Privilege Escalation) Types of Shell Direct Shell Bind Shell Reverse Shell The Metasploit Framework Background Exploring Metasploit Running Metasploit Metasploit Exploitation Process Exploiting Metasploitable Vulnerabilities Bind Shall (Rogue Shell) Backdoor Detection NFS Exported Share Information Disclosure “rexecd” Service Detection VNC Server ‘password’ Password Exploiting EternalBlue (MS17-010) Vulnerability Historical Background Exploiting Windows 7 SP0 Exploiting Windows Media Center (WMC): MS15-100 Vulnerability Exploiting OverlayFS in Linux Kernel < 3.19.0 (CVE-2015-1328) Module 08 Post-Exploitation About Meterpreter How to Use Meterpreter First Method: Meterpreter as a Payload Second Method: Meterpreter as an Executable File Post-Exploitation with Meterpreter Gaining Information Privilege Escalation Covering Tracks Operating System Interaction File System Interaction Persistent Backdoor Pivots and Relays for Extreme Post-Exploitation Control Pivoting through the First Victim Relaying through the First Victim Evading Anti-Virus Software with Veil Framework Introduction The Way of Evasion Enter the Veil Installing Veil Framework Running Veil Understanding Veil’s Payloads Generating the Trojan Launching the Attack Anti-Virus Strength Assessment Veil’s Payloads Assessment Module 09 Password Attacks Introduction Tips for Password Attacks Types of Password Attacks Password Guessing Password Cracking Password Guessing with xHydra Windows Password Hashes LM Hash Format NT Hash Format Cracking Windows Hashes with Cain Extracting Domain Password Hashes Copying the NTDS Database Exporting Information from the NTDS Database Extracting Hashes from Data and Link Tables Linux Password Hashes Linux Hashing Algorithms The Use of Salts Hashing Iterations Cracking Linux Hashes with John Module 10 Wireless Attacks Introduction Wireless Technology WLAN Modes of Operations Service Sets and their Identifications Wireless Card Modes Wireless Security Wireless DoS Attacks Wired Equivalent Privacy (WEP) and its Insecurities WiFi Protected Access (WPA 1 & 2) Aircrack-NG Tool Cracking WEP Using aircrack-ng Cracking WPA1&2 Using aircrack-ng
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.