Penetration Testing for Jobseekers: Perform Ethical Hacking across Web Apps, Networks, Mobile Devices using Kali Linux, Burp Suite, MobSF, and Metasploit
- Length: 340 pages
- Edition: 1
- Language: English
- Publisher: BPB Publications
- Publication Date: 2022-04-19
- ISBN-10: 9355511973
- ISBN-13: 9789355511973
- Sales Rank: #752847 (See Top 100 Books)
Understand and Conduct Ethical Hacking and Security Assessments
Key Features
- Practical guidance on discovering, assessing, and mitigating web, network, mobile, and wireless vulnerabilities.
- Experimentation with Kali Linux, Burp Suite, MobSF, Metasploit and Aircrack-suite.
- In-depth explanation of topics focusing on how to crack ethical hacking interviews.
Description
Penetration Testing for Job Seekers is an attempt to discover the way to a spectacular career in cyber security, specifically penetration testing. This book offers a practical approach by discussing several computer and network fundamentals before delving into various penetration testing approaches, tools, and techniques.
Written by a veteran security professional, this book provides a detailed look at the dynamics that form a person’s career as a penetration tester. This book is divided into ten chapters and covers numerous facets of penetration testing, including web application, network, Android application, wireless penetration testing, and creating excellent penetration test reports. This book also shows how to set up an in-house hacking lab from scratch to improve your skills. A penetration tester’s professional path, possibilities, average day, and day-to-day obstacles are all outlined to help readers better grasp what they may anticipate from a cybersecurity career.
Using this book, readers will be able to boost their employability and job market relevance, allowing them to sprint towards a lucrative career as a penetration tester.
What you will learn
- Perform penetration testing on web apps, networks, android apps, and wireless networks.
- Access to the most widely used penetration testing methodologies and standards in the industry.
- Use an artistic approach to find security holes in source code.
- Learn how to put together a high-quality penetration test report.
- Popular technical interview questions on ethical hacker and pen tester job roles.
- Exploration of different career options, paths, and possibilities in cyber security.
Who this book is for
This book is for aspiring security analysts, pen testers, ethical hackers, anyone who wants to learn how to become a successful pen tester. A fundamental understanding of network principles and workings is helpful but not required.
Cover Page Title Page Copyright Page Dedication Page About the Author About the Reviewers Acknowledgement Preface Disclaimer Errata Table of Contents 1. Cybersecurity, Career Path, and Prospects Structure Objectives Introducing cybersecurity Cybersecurity Landscape of cyber threats in the ’20s Classes of cyber threats Importance of cybersecurity Impact of COVID-19 on cybersecurity Transformation of cyber threat landscape due to COVID-19 The effects of remote operations Impact on physical safety of company assets Effects of worldwide layoffs Career scope in cybersecurity Worldwide cybersecurity talent and skill shortage COVID-19 emphasizes more on the need for cybersecurity professionals Working in cybersecurity Types of roles and responsibilities Security specialist Incident responder Security analyst Security administrator Security manager Security auditor Forensic expert Penetration tester Security engineer Security researcher (malware/vulnerability analyst) Career path of a cybersecurity professional Transitioning from general IT to cybersecurity Cybersecurity jobs and compensation in India The ideal cybersecurity (hacker) mindset Conclusion Points to remember Multiple choice questions Answers Questions Key terms 2. Introduction to Penetration Testing Introduction Structure Objective Hackers and cybersecurity Hackers classification White Hat hacker Black Hat hacker Gray Hat hacker State/nation sponsored hackers Hacktivists Elements of cybersecurity Cyber security principles Confidentiality Integrity Availability Introduction to penetration testing The importance of penetration testing Penetration Testing Execution Standard (PTES) Types of penetration testing Black box penetration testing Gray box penetration testing White box penetration testing How to become a pentester? Developing a hacker-like mindset Being creative Push your limits by learning new things every day Enroll in a course or training program Practice in real and simulated lab Honing your social skills Limitations of penetration testing Conclusion Questions 3. Setting Up Your Lab for Penetration Testing Introduction Structure Objectives The importance of having an in-house pentest lab Topology of your pentest lab Setting up lab for web and network pentest Utilizing virtualization technology in your lab Basic elements of pentest labs Vulnerable targets/victim systems Attacker machine Introducing Kali Linux Installing Kali Linux in a virtual machine – VMware Workstation Player Kali Linux tools listing Running Kali from the live USB Kali commands cheat sheet Setting up lab for mobile application pentest Basic elements of a mobile pentest lab Android Debug Bridge (adb) Android emulator Burp Suite proxy Apktool Mobile Security Framework (MobSF) Dex to Java decompiler - Jadx Target/vulnerable Android apps Android pentest lab cheat sheet Some useful Android device paths Conclusion Points to remember Multiple choice questions Answers Questions Key terms 4. Web Application and API Penetration Testing Introduction Structure Objectives Introduction to web applications Standard web application architecture Some important concepts about HTTP protocol HTTP session management Same-origin security policy Authentication versus authorization Authentication Authorization Different types of web application vulnerabilities The Open Web Application Security Project (OWASP) and OWASP Top 10 Introduction to DVWA Injection SQL Injection Error-based SQL Injection SQL Injection cheat sheet Primary defenses against SQL Injection Cross Site Scripting (XSS) Types of XSS DOM-based XSS XSS cheat sheet Stopping XSS attacks Security misconfiguration Finding sensitive information disclosed through misconfiguration DVWA Apache server-info enabled DVWA SVN repository exposure DVWA Apache server status disclosure DVWA directory listing vulnerability Server-side request forgery Example of SSRF Mitigation for SSRF Server Side Request Forgery (SSRF) versus Cross Site Request Forgery (CSRF) Mitigation for CSRF Insecure design Command execution Unrestricted file upload Insecure direct object references (IDOR) Insecure File Inclusion (LFI and RFI) Insecure design mitigation Vulnerable and outdated components Outdated web server in DVWA Mitigation for vulnerable and outdated components Cryptographic failures DVWA insecure transport Less secure hashing mechanism used in DVWA Identification and authentication failures Brute force attack on DVWA Insufficient session expiration in DVWA Broken access control Example 1: An application fails to validate user provided data Example 2: An attacker forces client to access target URLs Software and data integrity failures Security logging and monitoring failures Prevention of security logging and monitoring failures Introduction to API Interacting with web API using Burp Repeater Most common API security problems Injection Broken object level authorization Prevention of broken object level authorization Broken user authentication A brief introduction to JSON Web Token (JWT) Prevention of broken user authentication Lack of resources and rate limiting Prevention of lack of resource and rate limiting Conclusion Key points Multiple choice questions Answers Popular interview questions 5. The Art of Secure Source Code Review Introduction Structure Objectives Introduction to secure source code review Manual secure source code review Automated secure source code review Different stages of an automated source code assessment Automated source code review tools Automated source code review versus manual source code review Examples of different vulnerabilities DVWA cross-site scripting vulnerability DVWA stored cross-site scripting vulnerability DVWA SQL injection vulnerability DVWA blind injection vulnerability DVWA file upload vulnerability DVWA file inclusion Conclusion Points to remember Questions 6. Penetration Testing Android Mobile Applications Introduction Structure Objectives Stages of an Android application penetration test Introduction to Purposefully Insecure and Vulnerable Android Application (PIVAA) Intercepting PIVAA traffic Automated Android mobile application scanning Introducing Mobile Security Framework (MobSF) Installing Mobile Security Framework (MobSF) on Kali/Linux Installing MobSF Running MobSF Running a scan on PIVAA with MobSF OWASP and mobile security Mobile-specific attacks on Android platform Insecure data storage vulnerability Criticality of insecure data storage Attack vectors of insecure data storage Validating insecure data storage vulnerability in PIVAA Mitigation strategies for insecure data storage Improper platform usage vulnerability Criticality of improper platform usage vulnerability Attack vectors of improper platform usage Validating improper platform usage vulnerability in PIVAA Mitigation strategies for improper platform usage Insecure communication vulnerability Criticality of insecure communication Attack vectors of insecure communication Validating insecure communication in PIVAA Mitigation strategies for insecure communication Insufficient cryptography vulnerability Criticality of insufficient cryptography Attack vectors of insufficient cryptography Validating insufficient cryptography in PIVAA Mitigation strategies for insufficient cryptography Client code quality vulnerability Criticality of client code quality vulnerability Attack vectors client code quality vulnerability Validating client code quality-related issues in PIVAA Mitigation strategies for client code quality Code tampering vulnerability Criticality of code tampering vulnerability Attack vectors of code tampering Mitigation strategies for code tampering Reverse engineering vulnerability Criticality of reverse engineering vulnerability Attack vectors of reverse engineering Mitigation strategies for reverse engineering Extraneous functionality vulnerability Criticality of extraneous functionality vulnerability Attack vectors of extraneous functionality vulnerability Validating extraneous functionality in PIVAA Mitigation strategies for extraneous functionality vulnerability Insecure authentication vulnerability Criticality of insecure authentication vulnerability Attack vectors of insecure authentication Mitigation strategies for insecure authentication vulnerability Insecure authorization vulnerability Criticality of insecure authorization vulnerability Attack vectors of insecure authorization Mitigation strategies for insecure authorization Basic reverse engineering of an Android application SSL certificate pinning Bypassing SSL certificate pinning with Frida Conclusion Points to remember Multiple choice questions Answers Questions 7. Network Penetration Testing Introduction Structure Objectives Network vulnerability assessment versus penetration testing Types of network penetration testing External penetration testing versus internal penetration testing Safe test versus unsafe test Different phases of a network penetration test Footprinting and reconnaissance Types of footprinting Pseudonymous/passive footprinting Active footprinting Objectives of footprinting during network penetration test Footprinting methodologies Footprinting through WHOIS WHOIS lookup on Kali Linux Websites that provide Whois information Footprinting using the Onyphe tool Footprinting using Shodan Footprinting through DNS What does DNS do? Utilizing the host command on Kali Using NSLOOKUP for footprinting Footprinting via search engines Google hacking database (GHDB) Scanning networks Introduction to network scanning Network communication Scanning using Nmap TCP SYN (stealth) scan (-sS) TCP connect scan Scanning IP ranges with Nmap Scanning port range with Nmap Scanning UDP port (-sU) Scanning using HPING tool HPING as a port scanner Producing a custom packet using TCP flags Enumeration Service enumeration with Nmap tool OS fingerprinting Vulnerability analysis Vulnerability assessment Kinds of vulnerability assessments Common Vulnerability Scoring Systems (CVSS) Common Vulnerabilities and Exposure (CVE) Vulnerability scanning Nessus vulnerability scanner Exploitation Introduction to Metasploit Framework Privilege escalation Knowing the system you are working on really well Discovering the right exploit Upload the exploits to the target machine Using built-in local exploits in Metasploit framework for escalation Lateral movement Conclusion Points to remember Multiple choice questions Answers Questions 8. Wireless Penetration Testing Introduction Structure Objectives Basic understanding of Wi-Fi networks IEEE 802.11 standards Wi-Fi security protocols Understanding how access points and a client communicates Probe Authentication Association Wireless lab setup Hardware requirements Testing if everything is working fine The art of sniffing wireless packets Wireless mode (managed and monitor mode) Sniffing wireless packets Packet injection Sniffing data packets of the target Wi-Fi network Sniffing our specific target using airodump-ng Common attacks against wireless networks MAC spoofing attacks Preventing MAC spoofing Uncover hidden SSID attacks Attacks against WEP encryption Cracking WPA/WPA2 (weak password) Preventing password attacks against WPA/WPA2 Rogue access point attacks Preventing rogue access point attacks Conclusion Key points Questions 9. Report Preparation and Documentation Introduction Structure Objectives Compliance and regulation standards ISO 27001 General Data Protection Regulation (GDPR) PCI DSS NHS data security and protection toolkit Reserve Bank of India (RBI) cybersecurity guidelines Indian Computer Emergency Response Team (CERT-IN or ICERT) cybersecurity guidelines Making an effective penetration testing report An executive summary Details of the discovered security vulnerabilities Detailed analysis of the business impact Insights into exploitability Technical risks briefing Remediation PeTeReport – An open-source application vulnerability reporting tool Conclusion Points to remember Questions 10. A Day in the Life of a PenTester Introduction Structure Objectives A typical day of a penetration tester Common day-to-day challenges Legal challenges Meet with a client’s expectations Scope or out of scope Health and work-life balance Keeping a hacker-like, problem-solving mindset The importance of effective communication skills Honing your skill on a daily basis Self-learning Certification Free courses available on the internet Bug Bounty participation Competitive learning through CTF competition Giving back to the community Free security projects, labs, and more Conclusion Points to remember Index
Donate to keep this site alive
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.