更新时间:2021-04-09 21:21:22
封面
版权信息
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files eBooks discount offers and more
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Part I. Lab Preparation and Testing Procedures
Chapter 1. Beginning with BackTrack
History
BackTrack purpose
Getting BackTrack
Using BackTrack
Configuring network connection
Updating BackTrack
Installing additional weapons
Customizing BackTrack
Summary
Chapter 2. Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
BackTrack testing methodology
The ethics
Part II. Penetration Testers Armory
Chapter 3. Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Chapter 4. Information Gathering
Public resources
Document gathering
DNS information
Route information
Utilizing search engines
All-in-one intelligence gathering
Documenting the information
Chapter 5. Target Discovery
Introduction
Identifying the target machine
OS fingerprinting
Chapter 6. Enumerating Target
Port scanning
Service enumeration
VPN enumeration
Chapter 7. Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
Cisco analysis
Fuzzy analysis
SMB analysis
SNMP analysis
Web application analysis
Chapter 8. Social Engineering
Modeling human psychology
Attack process
Attack methods
Social Engineering Toolkit (SET)
Common User Passwords Profiler (CUPP)
Chapter 9. Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
Chapter 10. Privilege Escalation
Attacking the password
Network sniffers
Network spoofing tools
Chapter 11. Maintaining Access
Protocol tunneling
Proxy
End-to-end connection
Chapter 12. Documentation and Reporting
Documentation and results verification
Types of reports
Presentation
Post testing procedures
Appendix A. Supplementary Tools
Vulnerability scanner
Web application fingerprinter
