Cargando…
Penetration Testing with BackBox.
BackBox is an amazing Linux security distribution designed to keep in mind the needs of security and system administration specialists. It has been developed to perform penetration tests and security assessments. Designed to be fast and easy to use while providing a minimal yet complete desktop envi...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Packt Publishing,
2014.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Chapter 1: Starting Out with BackBox Linux; A flexible penetration testing distribution; The organization of tools in BackBox; Information Gathering; Vulnerability Assessment; Exploitation; Privilege Escalation; Maintaining Access; Documentation & Reporting; Reverse Engineering; Social Engineering; Stress Testing; Forensic Analysis; VoIP Analysis; Wireless Analysis; Miscellaneous; Services; Update; Anonymous; Extras; Completeness, accuracy, and support; Links and contacts; Summary
- Chapter 2: Information GatheringStarting with an unknown system; Automater; Whatweb; Recon-ng; Proceeding with a known system; Nmap; Summary; Chapter 3: Vulnerability Assessment and Management; Vulnerability scanning; Setting up the environment; Running the scan with OpenVAS; False positives; An example of vulnerability verification; Summary; Chapter 4: Exploitations; Exploitation of a SQL injection on a database; Sqlmap usage and vulnerability exploitation; Finding the encrypted password; Exploiting web applications with W3af; Summary; Chapter 5: Eavesdropping and Privilege Escalation
- Sniffing encrypted SSL/TLS trafficAn SSL MITM attack using sslstrip; Password cracking; Offline password cracking using John the Ripper; Remote password cracking with Hydra and xHydra; Summary; Chapter 6: Maintaining Access; Backdoor Weevely; Weevely in URL; Performing system commands; Enumerate config files; Getting access credentials; File editing; Gathering full system information; Summary; Chapter 7: Penetration Testing Methodologies with BackBox; Information gathering; Scanning; Exploitation; Summary; Chapter 8: Documentation and Reporting; MagicTree
- the auditing productivity tool