Professional Penetration Testing : Creating and Learning in a Hacking Lab.

Format:

Book

Author/Creator:

Wilhelm, Thomas.

Language:

English

Subjects (All):

Computer networks--Testing.

Computer networks -- Testing.

Physical Description:

1 online resource (464 pages)

Edition:

2nd ed.

Place of Publication:

San Diego : Elsevier Science & Technology Books, 2013.

Contents:

Front Cover

Professional Penetration Testing: Creating and Learning in a Hacking Lab

Copyright

Contents

Preface

About the Author

About the Technical Editor

Acknowledgments

Family

HackingDojo.com

On the Side

Chapter 1: Introduction

Introduction

About This Edition

Getting Setup

Performing the Penetration Test

Internal Pentesting

Personal Skills

Download Links and Support Files

Virtual Images

Hardware Configuration Files

Summary

Chapter 2: Ethics and Hacking

Getting Permission to Hack

Code of Ethics Canons [(ISC)2]

Why Stay Ethical?

Black Hat Hackers

White Hat Hackers

Gray Hat Hackers

Ethical Standards

Certifications

Contractor

Employer

Educational and Institutional Organizations

Information Systems Security Association

Internet Activities Board

Institute of Electrical and Electronics Engineers

Organization for Economic Cooperation and Development

Computer Crime Laws

Types of Laws

Civil Law

Criminal Law

Administrative/Regulatory Law

Type of Computer Crimes and Attacks

U.S. Federal Laws

U.S. State Laws

International Laws

Canada

United Kingdom

Australia

Malaysia

Singapore

Venezuela

Safe Harbor and Directive 95/46/EC

Confidentiality Agreement

Company Obligations

Contractor Obligations

Auditing and Monitoring

Conflict Management

References

Chapter 3: Setting up Your Lab

Targets in a Pentest Lab

Problems with Learning to Hack

Real-World Scenarios

Turn-Key Scenarios

What Is a LiveCD?

De-ICE

Hackerdemia

Open Web Application Security Project

Virtual Network Pentest Labs

Keeping It Simple

Virtualization Software

Router configuration

Computer configuration

VM.

Downloads for Virtual Network

Starting the Virtual Images

Protecting Penetration Test Data

Encryption Schemas

Data Encryption

Data Hashing

Securing Pentest Systems

Mobile Security Concerns

Wireless Lab Data

Advanced Pentest Labs

Hardware Considerations

Routers

Firewalls

Intrusion Detection System/Intrusion Prevention System

Hardware Configuration

De-ICE Network Challenges

Network Architecture

Operating Systems and Applications

Operating Systems

Applications

Analyzing Malware-Viruses and Worms

Virtual Versus Nonvirtual Labs

Creating a Controlled Environment

Harvesting Malware

Information Analysis

Other Target Ideas

CTF Events

Web-Based Challenges

Vulnerability Announcements

Reference

Chapter 4: Methodologies and Frameworks

Information System Security Assessment Framework

Planning and Preparation-Phase I

Phase I: Planning and Preparation

Assessment-Phase II

Network Security

Host Security

Application Security

Database Security

Social Engineering

Reporting, Clean-up, and Destroy Artifacts-Phase III

Reporting

Clean-up and Destroy Artifacts

Open Source Security Testing Methodology Manual

Rules of Engagement

Channels

Human Security

Physical Security

Wireless Communications

Telecommunications

Data Networks

Modules

Chapter 5: Pentest Project Management

Pentesting Metrics

Quantitative, Qualitative, and Mixed Methods

Quantitative Analysis

Qualitative Analysis

Mixed Method Analysis

Management of a Pentest

Project Management Body of Knowledge

Introduction to PMBOK

Initiating Process Group

Planning Process Group

Executing Process Group

Closing Process Group

Monitoring and Controlling Process Group.

Project Team Members

Roles and Responsibilities

Team Champion

Project Manager

Pentest Engineers

Organizational Structure

Functional Organization

Matrix Organization

Projectized Organization

Project Management

Initiating Stage

Planning Stage

Executing Stage

Monitoring and Controlling

Closing Stage

Formal Project Review

Effort Evaluation

Identification of New Projects

Future Project Priority Identification

Solo Pentesting

Planning Process Stage

Archiving Data

Should You Keep Data?

Legal Issues

E-mail

Findings and Reports

Securing Documentation

Access Controls

Archival Methods

Archival Locations

Destruction Policies

Cleaning Up Your Lab

Archiving Lab Data

Proof of Concepts

Malware Analysis

Creating and Using System Images

License Issues

Virtual Machines

"Ghost" Images

Creating a "Clean Shop"

Sanitization Methods

Using Hashes

Change Management Controls

Planning for Your Next Pentest

Risk Management Register

Creating a Risk Management Register

Prioritization of Risks and Responses

Knowledge Database

Creating a Knowledge Database

Sanitization of Findings

Project Management Knowledge Database

After-Action Review

Project Assessments

Team Assessments

Training Proposals

Chapter 6: Information Gathering

Passive Information Gathering

Web Presence

Corporate Data

Whois and DNS Enumeration

Additional Internet Resources

Requirements:

Active Information Gathering

DNS Interrogation

E-mail Accounts

Perimeter Network Identification

Network Surveying

Chapter 7: Vulnerability Identification

Port Scanning.

Target Verification

Active Scans

Passive Scans

UDP Scanning

TCP Scanning

TCP Connect Scan (-sT)

TCP SYN Stealth Scan (-sS)

Perimeter Avoidance Scanning

Null Scan Attack (-sN)

ACK Scan (-sA)

FIN (-sF) and Xmas Tree (-sX) Scans

System Identification

Active OS Fingerprinting

Passive OS Fingerprinting

Services Identification

Banner Grabbing

Enumerating Unknown Services

Vulnerability Identification

Chapter 8: Vulnerability Exploitation

Automated Tools

Nmap Scripts

Default Login Scans

OpenVAS

JBroFuzz

Metasploit

FTP

Simple Mail Transfer Protocol

Server Message Block

Network File Shares

MySQL

PostgreSQL

VNC

Exploit Code

Internet Sites

Chapter 9: Local System Attacks

System Exploitation

Internal Vulnerabilities

Sensitive Data

Meterpreter

Shells and Reverse Shells

Netcat Shell

Netcat Reverse Shell

Encrypted Tunnels

Adding a Host Firewall (Optional)

Setting Up the SSH Reverse Shell

Setting Up Public/Private Keys

Launch the Encrypted Reverse Shell

Other Encryption and Tunnel Methods

Chapter 10: Privilege Escalation

Password Attacks

Remote Password Attacks

Local Password Attacks

Dictionary Attacks

Network Packet Sniffing

Baiting

Phishing

Pretexting

Manipulating Log Data

User Login

Application Logs

Hiding Files

Hiding Files in Plain Sight

Hiding Files Using the File System

Hiding Files in Windows

Chapter 11: Targeting Support Systems

Database Attacks

Network Shares

Chapter 12: Targeting the Network

Wireless Network Protocols

Wi-Fi Protected Access Attack

WEP Attack.

Simple Network Management Protocol

Chapter 13: Web Application Attack Techniques

SQL Injection

Cross-Site Scripting

Web Application Vulnerabilities

Chapter 14: Reporting Results

What Should You Report?

Out of Scope Issues

Findings

Solutions

Manuscript Preparation

Title Page

Abstract

Text

Appendices

Initial Report

Peer Reviews

Fact Checking

Metrics

Nessus

Core Impact

Final Report

Documentation

Chapter 15: Hacking as a Career

Career Paths

System Administration

Applications and Databases

High-Level Certifications

(ISC)2

About (ISC)2

Our Mission

The (ISC)2 CBK

Certification Programs

Associate of (ISC)2

SSCP [(ISC)2. SSCP-Systems Security Certified Practitioner (2013)]

SSCP domains:

Certification and Accreditation Professional (CAP)

CAP domains [(ISC)2. CAP-Certification and accreditation professional (2013)]:

Certified Secure Software Lifecycle Professional (CSSLP) [(ISC)2. CSSLP-Certified Secure Software Lifecycle Professional ...

CSSLP domains:

CISSP [(ISC)2. CISSP-Certified Information Systems Security Professional (2013)]

CISSP domains:

CISSP-ISSAP [(ISC)2. ISSAP: Information Systems Security Architecture Professional (2013)]

ISSAP domains:

CISSP-ISSEP [(ISC)2. ISSEP: Information Systems Security Engineering Professional (2013)]

Cissp-Issmp [(Isc)2]

ISSMP domains:

Information Systems Audit and Control Association

Certified Information Systems Auditor

CISA job practice domains (ISACA. CISA certification overview (2013)):

Certified Information Security Manager.

CISM job practice domains (ISACA. CISM certification job practice (2013)):.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Wilhelm, Thomas Professional Penetration Testing

ISBN:

9780124046184

OCLC:

851970521