Cargando…
BackTrack 4 : assuring security by penetration testing /
Annotation
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt,
©2011.
|
| Colección: | Community experience distilled.
|
| Temas: | |
| Acceso en línea: | Texto completo Texto completo |
Tabla de Contenidos:
- All-in-one intelligence gatheringMaltego
- Documenting the information
- Dradis
- Summary
- 5. Target Discovery
- Introduction
- Identifying the target machine
- ping
- arping
- arping
- 2.
- fping
- genlist
- hping
- 2.
- hping
- 3.
- lanmap
- nbtscan
- nping
- onesixtyone
- OS fingerprinting
- p
- 0. f
- xprobe
- 2.
- Summary
- 6. Enumerating Target
- Port scanning
- AutoScan
- Netifera
- Nmap
- Nmap target specification
- Nmap TCP scan options
- Nmap UDP scan options
- Nmap port specification
- Nmap output options
- Nmap timing options
- Nmap scripting engine
- Unicornscan
- Zenmap
- Service enumeration
- Amap
- Httprint
- Httsquash.
- BackTrack 4: Assuring Security by Penetration Testing
- BackTrack 4: Assuring Security by Penetration Testing
- Credits
- About the Authors
- About the Reviewers
- www.PacktPub.com
- Support files, eBooks, discount offers and more
- Why Subscribe
- Free Access for Packt account holders
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Errata
- Piracy
- Questions
- I. Lab Preparation and Testing Procedures
- 1. Beginning with BackTrack
- History
- BackTrack purpose
- Getting BackTrack
- Using BackTrack
- Live DVD.
- Installing to hard diskInstallation in real machine
- Installation in VirtualBox
- Portable BackTrack
- Configuring network connection
- Ethernet setup
- Wireless setup
- Starting the network service
- Updating BackTrack
- Updating software applications
- Updating the kernel
- Installing additional weapons
- Nessus vulnerability scanner
- WebSecurify
- Customizing BackTrack
- Summary
- 2. Penetration Testing Methodology
- Types of penetration testing
- Black-box testing
- White-box testing
- Vulnerability assessment versus penetration testing
- Security testing methodologies.
- Open Source Security Testing Methodology Manual (OSSTMM)Key features and benefits
- Information Systems Security Assessment Framework (ISSAF)
- Key features and benefits
- Open Web Application Security Project (OWASP) Top Ten
- Key features and benefits
- Web Application Security Consortium Threat Classification (WASC-TC)
- Key features and benefits
- BackTrack testing methodology
- Target scoping
- Information gathering
- Target discovery
- Enumerating target
- Vulnerability mapping
- Social engineering
- Target exploitation
- Privilege escalation
- Maintaining access
- Documentation and reporting.
- The ethicsSummary
- II. Penetration Testers Armory
- 3. Target Scoping
- Gathering client requirements
- Customer requirements form
- Deliverables assessment form
- Preparing the test plan
- Test plan checklist
- Profiling test boundaries
- Defining business objectives
- Project management and scheduling
- Summary
- 4. Information Gathering
- Public resources
- Document gathering
- Metagoofil
- DNS information
- dnswalk
- dnsenum
- dnsmap
- dnsmap-bulk
- dnsrecon
- fierce
- Route information
- 0. trace
- dmitry
- itrace
- tcpraceroute
- tctrace
- Utilizing search engines
- goorecon
- theharvester.