Penetration tester's open source toolkit / Aaron W. Bayles, technical editor and contributor ... [et al.].

Format:

Book

Contributor:

Bayles, Aaron W.

Language:

English

Subjects (All):

Computers--Access control.

Computers.

Computer networks--Security measures.

Computer networks.

Physical Description:

1 online resource (588 p.)

Edition:

2nd ed.

Place of Publication:

Burlington, MA : Syngress Publishing, c2007-

Language Note:

English

System Details:

text file

Summary:

Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pen testing applications to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms. It also includes ""BackTrack2"" on CD, a set of pen testing tools that comple

Contents:

Front Cover; Penetration Tester's Open Source Toolkit; Copyright Page; Technical Editor and Contributing Author; Contributing Authors; Contents; Chapter 1: Reconnaissance; Objectives; Approach; A Methodology for Reconnaissance; Intelligence Gathering; Footprinting; Verification; Core Technologies; Intelligence Gathering; Search Engines; WHOIS; RWHOIS; Domain Name Registries and Registrars; Web Site Copiers; Social Networking Services; Footprinting; DNS; SMTP; Verification; Virtual Hosting; IP Subnetting; The Regional Internet Registries; Open Source Tools; Intelligence Gathering Tools

Web ResourcesLinux/UNIX Command-Line Tools; Open Source Windows Tools; Footprinting Tools; Web Resources; Linux/UNIX Console Tools; Open Source Windows Tools; Verification Tools; Web Resources; Linux/UNIX Console Tools; Case Study: The Tools in Action; Intelligence Gathering, Footprinting, and Verification of an Internet-Connected Network; Footprinting; Verification; Chapter 2: Enumeration and Scanning; Introduction; Objectives; Before You Start; Why Do This?; Approach; Scanning; Enumeration; Notes and Documentation; Active versus Passive; Moving On; Core Technology; How Scanning Works

Port ScanningGoing behind the Scenes with Enumeration; Service Identifi cation; RPC Enumeration; Fingerprinting; Being Loud, Quiet, and All That Lies Between; Timing; Bandwidth Issues; Unusual Packet Formation; Open Source Tools; Scanning; Nmap; Netenum: Ping Sweep; Unicornscan: Port Scan and Fuzzing; Scanrand: Port Scan; Enumeration; Nmap: Banner Grabbing; Netcat; P0f: Passive OS Fingerprinting; Xprobe2: OS Fingerprinting; Httprint; Ike-scan: VPN Assessment; Amap: Application Version Detection; Windows Enumeration: Smbgetserverinfo/smbdumpusers/smbclient; Nbtscan

Smb-nat: Windows/Samba SMB Session Brute ForceCase Studies: The Tools in Action; External; Internal; Stealthy; Noisy (IDS) Testing; Further Information; Chapter 3: Hacking Database Services; Introduction; Objectives; Approach; Core Technologies; Basic Terminology; Database Installation; Default Users and New Users; Roles and Privileges; Technical Details; Case Studies: Using Open Source and Closed Source Tools; Microsoft SQL Server; Discovering Microsoft SQL Servers; Identifying Vulnerable Microsoft SQL Server Services; Attacking Microsoft SQL Server Authentication

Microsoft SQL Server Password Creation GuidelinesMicrosoft SQL Default Usernames and Passwords; Creating Username and Dictionary Files; SQL Auditing Tools (SQLAT); Obtaining and Cracking Microsoft SQL Server Password Hashes; Analyzing the Database; Obtaining Access to the Host Operating System; SQLAT: SQLExec (Sqlquery), TFTP, and fgdump.exe; Oracle Database Management System; Identifying and Enumerating Oracle Database with Nmap; Penetration Testing Oracle Services with BackTrack; Cracking Oracle Database Hashes; Privilege Escalation in Oracle from TNS Listener, No Password; SQL Clients

Shell Usage and History

Notes:

Includes index.

ISBN:

9786611096373

9781281096371

1281096377

9780080556079

0080556078

OCLC:

476125621