Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Advanced Penetration Testing for Highly-Secured Environments, Second Edition

You're reading from   Advanced Penetration Testing for Highly-Secured Environments, Second Edition Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments

Arrow left icon
Product type Paperback
Published in Mar 2016
Publisher
ISBN-13 9781784395810
Length 428 pages
Edition 2nd Edition
Arrow right icon
Authors (2):
Arrow left icon
Kevin Cardwell Kevin Cardwell
Author Profile Icon Kevin Cardwell
Kevin Cardwell
Lee Allen Lee Allen
Author Profile Icon Lee Allen
Lee Allen
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Penetration Testing Essentials FREE CHAPTER 2. Preparing a Test Environment 3. Assessment Planning 4. Intelligence Gathering 5. Network Service Attacks 6. Exploitation 7. Web Application Attacks 8. Exploitation Concepts 9. Post-Exploitation 10. Stealth Techniques 11. Data Gathering and Reporting 12. Penetration Testing Challenge Index

What this book covers

Chapter 1, Penetration Testing Essentials, discusses why an essential element of penetration testing is planning, and a key component of this is having a methodology that emulates and matches the threat that we are portraying.

Chapter 2, Preparing a Test Environment, deals with the test environment, compares a number of different platforms, and prepares the reader for the foundation of building an advanced range for testing.

Chapter 3, Assessment Planning, talks about the test environment and how to evaluate the different platforms for your environment. The process of documenting and recording your testing results is covered, as well as methods to automate the process.

Chapter 4, Intelligence Gathering, reviews some of the tools and focuses on how to use the information to ensure your penetration tests are efficient, focused, and effective.

Chapter 5, Network Service Attacks, discusses how to successfully penetrate a secured environment and how to analyze what you are facing. The enumeration data gathered will assist in determining target prioritization and how to choose which targets are ideal candidates for your initial attacks.

Chapter 6, Exploitation, reviews the basics of exploitation and then moves on to the more interesting techniques and methods that will let us understand the true security posture of the network environment we are testing. Additionally, you will see the challenges of writing exploits today in 64-bit architectures.

Chapter 7, Web Application Attacks, explores various methods of testing web applications using freely available tools such as your web browser, w3af, WebScarab, and others. Methods of bypassing web application firewalls and IDSs are discussed as well how to determine if your targets are being load balanced or filtered.

Chapter 8, Exploitation Concepts, investigates methods that assist us in testing the effectiveness of a corporation's security awareness training and client-side protection mechanisms. The research performed during the information gathering stages of your testing will finally be used to the fullest extent. Furthermore, we look at some of the techniques and tools used by security researchers and crafty attackers to bypass even those system controls that at first glance seem theoretically sound.

Chapter 9, Post-Exploitation, covers the methods of conducting post-exploitation once you have compromised a machine and established a foothold in the environment. The process of extracting credentials, gathering data, and scraping the environment once access is gained is covered in detail.

Chapter 10, Stealth Techniques, reviews the challenges of penetrating firewalled environments, and methods of evading detection and blocks from the different endpoint protection mechanisms that may encounter during your testing.

Chapter 11, Data Gathering and Reporting, introduces the usage of tools and techniques that can make documenting the testing progress less painful and report writing easier, which is an essential but often overlooked component of penetration testing.

Chapter 12, Penetration Testing Challenge, allows you to put some of the information that has been covered throughout the book to work and bring it into perspective. The chapter provides preparation specifications for the practice environment and presents a challenge to the reader to perform a penetration test of this fictional company.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime