Hacking for Dummies.

Format:

Book

Author/Creator:

Beaver, Kevin.

Language:

English

Subjects (All):

Computer security.

Computer networks--Security measures.

Computer networks.

Hackers.

Physical Description:

1 online resource (418 pages)

Edition:

8th ed.

Place of Publication:

Newark : John Wiley & Sons, Incorporated, 2025.

Summary:

Think like a hacker to protect your sensitive information To safeguard your private data from prying eyes, it helps to understand how hackers do what they do.Hacking For Dummies gives you the tools you need to step into a hacker's shoes and discover the best strategies to secure your data.

Contents:

Intro

Title Page

Copyright Page

Table of Contents

Introduction

About This Book

Foolish Assumptions

Icons Used in This Book

Beyond the Book

Where to Go from Here

Part 1 Building the Foundation for Security Testing

Chapter 1 Introduction to Vulnerability and Penetration Testing

Straightening Out the Terminology

Hacker

Malicious user

Recognizing How Malicious Attackers Beget Ethical Hackers

Vulnerability and penetration testing versus auditing

Policy considerations

Compliance and regulatory concerns

Understanding the Need to Hack Your Own Systems

Understanding the Dangers Your Systems Face

Nontechnical attacks

Network infrastructure attacks

Operating system attacks

Application and other specialized attacks

Integrating AI into the testing mix

Following the Security Assessment Principles

Working ethically

Respecting privacy

Not crashing your systems

Using the Vulnerability and Penetration Testing Process

Formulating your plan

Selecting tools

Executing the plan

Evaluating results

Moving on

Chapter 2 Cracking the Hacker Mindset

What You're Up Against

Who Breaks into Computer Systems?

Hacker skill levels

Hacker motivations

Why They Do It

Planning and Performing Attacks

Maintaining Anonymity

Chapter 3 Developing Your Security Testing Plan

Establishing Your Goals

Determining Which Systems to Test

Creating Testing Standards

Timing your tests

Running specific tests

Conducting blind versus knowledge assessments

Picking your location

Responding to vulnerabilities you find

Making silly assumptions

Selecting Security Assessment Tools

Chapter 4 Hacking Methodology

Setting the Stage for Testing

Seeing What Others See

Scanning Systems

Hosts

Open ports.

Determining What's Running on Open Ports

Assessing Vulnerabilities

Penetrating the System

Part 2 Putting Security Testing in Motion

Chapter 5 Information Gathering

Gathering Public Information

Artificial intelligence (AI)

Web search

Dedicated OSINT tools

Social media

Web crawling

Websites

Mapping the Network

AI

WHOIS

Privacy policies

Chapter 6 Social Engineering

Introducing Social Engineering

Starting Your Social Engineering Tests

Knowing Why Attackers Use Social Engineering

Understanding the Implications

Building trust

Exploiting the relationship

Deceit through words and actions

Deceit through technology

Performing Social Engineering Attacks

Determining a goal

Seeking information

Using the internet and AI

Dumpster diving

Phone systems

Phishing emails

Social Engineering Countermeasures

Effective policies

User awareness and training

Chapter 7 Physical Security

Identifying Basic Physical Security Vulnerabilities

Pinpointing Physical Vulnerabilities in Your Office

Building infrastructure

Attack points

Countermeasures

Utilities

Office layout and use

Network components and computers

Chapter 8 Passwords

Understanding Password Vulnerabilities

Organizational password vulnerabilities

Technical password vulnerabilities

OSINT password exposures

Cracking Passwords

Cracking passwords the old-fashioned way

Social engineering

Shoulder surfing

Inference

Weak authentication

Cracking passwords with high-tech tools

Password-cracking software

Dictionary attacks

Brute-force attacks

Rainbow attacks

Cracking Windows passwords with pwdump3 and John the Ripper.

Cracking Unix/Linux passwords with John the Ripper

Cracking password-protected files

Cracking files

Understanding other ways to crack passwords

Keystroke logging

Weak password storage

Network analyzer

Weak BIOS passwords

Weak passwords in limbo

General Password Cracking Countermeasures

Storing passwords

Creating password policies

Taking other countermeasures

Securing Operating Systems

Windows

Linux and Unix

Part 3 Hacking Network Hosts

Chapter 9 Network Infrastructure Systems

Understanding Network Infrastructure Vulnerabilities

Choosing Tools

Scanners and analyzers

Vulnerability assessment

Scanning, Poking, and Prodding the Network

Scanning ports

Ping sweeping

Using port scanning tools

Countermeasures against ping sweeping and port scanning

Scanning SNMP

Vulnerabilities

Countermeasures against SNMP attacks

Grabbing banners

Telnet

Countermeasures against banner-grabbing attacks

Testing firewall rules

Testing

Countermeasures against firewall rulebase vulnerabilities

Analyzing network data

Network analyzer programs

Countermeasures against network protocol vulnerabilities

The MAC-daddy attack

ARP spoofing

Using Cain &amp

Abel for ARP poisoning

MAC address spoofing

Countermeasures against ARP poisoning and MAC address Spoofing attacks

Testing denial of service attacks

DoS attacks

Countermeasures against DoS attacks

Detecting Common Router, Switch, and Firewall Weaknesses

Finding unsecured interfaces

Uncovering issues with SSL and TLS

Putting Up General Network Defenses

Chapter 10 Wireless Networks

Understanding the Implications of Wireless Network Vulnerabilities

Choosing Your Tools

Discovering Wireless Networks

Checking for worldwide recognition.

Scanning your local airwaves

Discovering Wireless Network Attacks and Taking Countermeasures

Encrypted traffic

Countermeasures against encrypted traffic attacks

Wi-Fi Protected Setup

Countermeasures against the WPS PIN flaw

Rogue wireless devices

Countermeasures against rogue wireless devices

MAC spoofing

Countermeasures against MAC spoofing

Physical security problems

Countermeasures against physical security problems

Vulnerable wireless workstations

Countermeasures against vulnerable wireless workstations

Default configuration settings

Countermeasures against default configuration settings exploits

Understanding How AI Can Help with Wireless Network Security

Chapter 11 Mobile Devices

Sizing Up Mobile Vulnerabilities

Cracking Laptop Passwords

Choosing your tools

Applying countermeasures

Cracking Phones and Tablets

Cracking iOS passwords

Taking countermeasures against password cracking

Leaning on AI to help with mobile device security

Part 4 Hacking Operating Systems

Chapter 12 Windows

Introducing Windows Vulnerabilities

Free Microsoft tools

All-in-one assessment tools

Task-specific tools

Gathering Information About Your Windows Vulnerabilities

System scanning

Countermeasures against system scanning

NetBIOS

Hacks

Countermeasures against NetBIOS attacks

Detecting Null Sessions

Mapping

Gleaning information

net view

Countermeasures against null-session hacks

Checking Share Permissions

Windows defaults

Windows 2000 and other legacy versions

Modern versions

Exploiting Missing Patches

Using Metasploit

Countermeasures against missing patch vulnerability exploits

Running Authenticated Scans

Chapter 13 Linux and macOS

Understanding Linux Vulnerabilities.

Choosing Tools

Gathering Information About Your System Vulnerabilities

Finding Unneeded and Unsecured Services

Searches

Tools

Countermeasures against attacks on unneeded services

Disabling unneeded services

Access control

Securing the .rhosts and hosts.equiv Files

Hacks using the hosts.equiv and .rhosts files

hosts.equiv

.rhosts

Countermeasures against .rhosts and hosts.equiv file attacks

Disabling commands

Blocking access

Assessing the Security of NFS

NFS hacks

Countermeasures against NFS attacks

Checking File Permissions

File permission hacks

Countermeasures against file permission attacks

Manual testing

Automatic testing

Finding Buffer Overflow Vulnerabilities

Attacks

Countermeasures against buffer overflow attacks

Checking Physical Security

Physical security hacks

Countermeasures against physical security attacks

Performing General Security Tests

Patching

Distribution updates

Multiplatform patch managers

Part 5 Hacking Applications

Chapter 14 Email Systems

Introducing Email System Vulnerabilities

Recognizing and Countering Email Attacks

Email bombs

Attachments

Connections

Automated email security controls

Banners

Gathering information

Countermeasures against banner attacks

SMTP attacks

Account enumeration

Relay

Email header disclosures

Capturing traffic

Malware

General Best Practices for Minimizing Email Security Risks

Software solutions

Operating guidelines

Chapter 15 Web Applications and Mobile Apps

Choosing Your Web Security Testing Tools

Seeking Out Web Vulnerabilities

Directory traversal

Crawlers

Google

Countermeasures against directory traversals

Input-filtering attacks.

Buffer overflows.

Notes:

Description based upon print version of record.

Building infrastructure

Description based on publisher supplied metadata and other sources.

ISBN:

1-394-34814-2

OCLC:

1535399235