Penetration testing essentials.

Mostrar otras versiones (1)

IT Security certifications have stringent requirements and demand a complex body of knowledge. This essential guide lays the groundwork for any IT professional hoping to move into a cybersecurity career by developing a robust pen tester skill set. --

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Oriyano, Sean-Philip
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Hoboken, NJ : Sybex, 2017.
Temas:
Computer security.
Hackers.
Hacking.
Computer Security
Sécurité informatique.
Pirates informatiques.
Piratage informatique.
Hacking
Computer security
Computer crimes > Prevention
Hackers
Penetration testing (Computer security)
Acceso en línea:Texto completo
Texto completo
Tabla de Contenidos:
  • Ch. 1 Introduction to Penetration Testing
  • Defining Penetration Testing
  • Preserving Confidentiality, Integrity, and Availability
  • Appreciating the Evolution of Hacking
  • ch. 2 Introduction to Operating Systems and Networking
  • Comparing Common Operating Systems
  • Exploring Networking Concepts
  • ch. 3 Introduction to Cryptography
  • Recognizing the Four Goals of Cryptography
  • The History of Encryption
  • Speaking Intelligently About Cryptography
  • Comparing Symmetric and Asymmetric Cryptography
  • Transforming Data via Hashing
  • A Hybrid System: Using Digital Signatures
  • Working with PKI
  • ch. 4 Outlining the Pen Testing Methodology
  • Determining the Objective and Scope of the Job
  • Choosing the Type of Test to Perform
  • Gaining Permission via a Contract
  • Following the Law While Testing
  • ch. 5 Gathering Intelligence
  • Introduction to Intelligence Gathering
  • Examining a Company's Web Presence
  • Finding Websites That Don't Exist Anymore
  • Gathering Information with Search Engines
  • Targeting Employees with People Searches
  • Discovering Location
  • Do Some Social Networking
  • Looking via Financial Services
  • Investigating Job Boards
  • Searching Email
  • Extracting Technical Information
  • ch. 6 Scanning and Enumeration
  • Introduction to Scanning
  • Checking for Live Systems
  • Performing Port Scanning
  • Identifying an Operating System
  • Scanning for Vulnerabilities
  • Using Proxies (Or Keeping Your Head Down)
  • Performing Enumeration
  • ch. 7 Conducting Vulnerability Scanning
  • Introduction to Vulnerability Scanning
  • Recognizing the Limitations of Vulnerability Scanning
  • Outlining the Vulnerability Scanning Process
  • Types of Scans That Can Be Performed
  • ch. 8 Cracking Passwords
  • Recognizing Strong Passwords
  • Choosing a Password-Cracking Technique
  • Executing a Passive Online Attack
  • Executing an Active Online Attack
  • Executing an Offline Attack
  • Using Nontechnical Methods
  • Escalating Privileges
  • ch. 9 Retaining Access with Backdoors and Malware
  • Deciding How to Attack
  • Installing a Backdoor with PsTools
  • Opening a Shell with LAN Turtle
  • Recognizing Types of Malware
  • Launching Viruses
  • Launching Worms
  • Launching Spyware
  • Inserting Trojans
  • Installing Rootkits
  • ch. 10 Reporting
  • Reporting the Test Parameters
  • Collecting Information
  • Highlighting the Important Information
  • Adding Supporting Documentation
  • Conducting Quality Assurance
  • ch. 11 Working with Defensive and Detection Systems
  • Detecting Intrusions
  • Recognizing the Signs of an Intrusion
  • Evading an IDS
  • Breaching a Firewall
  • Using Honeypots: The Wolf in Sheep's Clothing
  • ch. 12 Covering Your Tracks and Evading Detection
  • Recognizing the Motivations for Evasion
  • Getting Rid of Log Files
  • Hiding Files
  • Evading Antivirus Software
  • Evading Defenses by Entering Through a Backdoor
  • Using Rootkits for Evasion
  • ch. 13 Detecting and Targeting Wireless
  • An Introduction to Wireless
  • Breaking Wireless Encryption Technologies
  • Conducting a Wardriving Attack
  • Conducting Other Types of Attack
  • Choosing Tools to Attack Wireless
  • Knocking Out Bluetooth
  • Hacking the Internet of Things (IoT)
  • ch. 14 Dealing with Mobile Device Security
  • Recognizing Current-Generation Mobile Devices
  • Working with Android OS
  • Working with Apple iOS
  • Finding Security Holes in Mobile Devices
  • Encountering Bring Your Own Device (BYOD)
  • Choosing Tools to Test Mobile Devices
  • ch. 15 Performing Social Engineering
  • Introduction to Social Engineering
  • Exploiting Human Traits
  • Acting Like a Social Engineer
  • Targeting Specific Victims
  • Leveraging Social Networking
  • Conducting Safer Social Networking
  • ch. 16 Hardening a Host System
  • Introduction to Hardening
  • Three Tenets of Defense
  • Creating a Security Baseline
  • Hardening with Group Policy
  • Hardening Desktop Security
  • Backing Up a System
  • ch. 17 Hardening Your Network
  • Introduction to Network Hardening
  • Intrusion Detection Systems
  • Firewalls
  • Physical Security Controls
  • ch. 18 Navigating the Path to Job Success
  • Choosing Your Career Path
  • Build a Library
  • Practice Technical Writing
  • Display Your Skills
  • ch. 19 Building a Test Lab for Penetration Testing
  • Deciding to Build a Lab
  • Considering Virtualization
  • Getting Starting and What You Will Need
  • Installing Software.

Ejemplares similares