Kategorien
E-Books
-
Wirtschaft
- Bitcoin
- Geschäftsfrau
- Coaching
- Controlling
- E-Business
- Ökonomie
- Finanzen
- Börse und Investitionen
- Persönliche Kompetenzen
- Computer im Büro
- Kommunikation und Verhandlungen
- Kleines Unternehmen
- Marketing
- Motivation
- Multimedia-Training
- Immobilien
- Überzeugung und NLP
- Steuern
- Sozialpolitik
- Handbȕcher
- Präsentationen
- Führung
- Public Relation
- Berichte, Analysen
- Geheimnis
- Social Media
- Verkauf
- Start-up
- Ihre Karriere
- Management
- Projektmanagement
- Personal (HR)
-
Für Kinder
-
Für Jugendliche
-
Bildung
-
Enzyklopädien, Wörterbücher
-
E-Presse
- Architektura i wnętrza
- Biznes i Ekonomia
- Haus und Garten
- E-Business
- Finanzen
- Persönliche Finanzen
- Unternehmen
- Fotografie
- Informatik
- HR und Gehaltsabrechnung
- Computer, Excel
- Buchhaltung
- Kultur und Literatur
- Wissenschaftlich und akademisch
- Umweltschutz
- meinungsbildend
- Bildung
- Steuern
- Reisen
- Psychologie
- Religion
- Landwirtschaft
- Buch- und Pressemarkt
- Transport und Spedition
- Gesundheit und Schönheit
-
Geschichte
-
Informatik
- Office-Programme
- Datenbank
- Bioinformatik
- IT Branche
- CAD/CAM
- Digital Lifestyle
- DTP
- Elektronik
- Digitale Fotografie
- Computergrafik
- Spiele
- Hacking
- Hardware
- IT w ekonomii
- Wissenschaftliche Pakete
- Schulbücher
- Computergrundlagen
- Programmierung
- Mobile-Programmierung
- Internet-Server
- Computernetzwerke
- Start-up
- Betriebssysteme
- Künstliche Inteligenz
- Technik für Kinder
- Webmaster
-
Andere
-
Fremdsprachen lernen
-
Kultur und Kunst
-
Lektüre
-
Literatur
- Anthologien
- Ballade
- Biografien und Autobiografien
- Für Erwachsene
- Drama
- Tagebücher, Memoiren, Briefe
- Epos
- Essay
- Science Fiction
- Felietonys
- Fiktion
- Humor, Satire
- Andere
- Klassisch
- Krimi
- Sachbücher
- Belletristik
- Mity i legendy
- Nobelpreisträger
- Kurzgeschichten
- Gesellschaftlich
- Okultyzm i magia
- Erzählung
- Erinnerungen
- Reisen
- Gedicht
- Poesie
- Politik
- Populärwissenschaftlich
- Roman
- Historischer Roman
- Prosa
- Abenteuer
- Journalismus
- Reportage
- Romans i literatura obyczajowa
- Sensation
- Thriller, Horror
- Interviews und Erinnerungen
-
Naturwissenschaften
-
Sozialwissenschaften
-
Schulbücher
-
Populärwissenschaft und akademisch
- Archäologie
- Bibliotekoznawstwo
- Filmwissenschaft
- Philologie
- Polnische Philologie
- Philosophie
- Finanse i bankowość
- Erdkunde
- Wirtschaft
- Handel. Weltwirtschaft
- Geschichte und Archäologie
- Kunst- und Architekturgeschichte
- Kulturwissenschaft
- Linguistik
- Literaturwissenschaft
- Logistik
- Mathematik
- Medizin
- Geisteswissenschaften
- Pädagogik
- Lehrmittel
- Populärwissenschaftlich
- Andere
- Psychologie
- Soziologie
- Theatrologie
- Teologie
- Theorien und Wirtschaftswissenschaften
- Transport i spedycja
- Sportunterricht
- Zarządzanie i marketing
-
Handbȕcher
-
Spielanleitungen
-
Professioneller und fachkundige Leitfaden
-
Jura
- Sicherheit und Gesundheit am Arbeitsplatz
- Geschichte
- Verkehrsregeln. Führerschein
- Rechtswissenschaften
- Gesundheitswesen
- Allgemeines. Wissenskompendium
- akademische Bücher
- Andere
- Bau- und Wohnungsrecht
- Zivilrecht
- Finanzrecht
- Wirtschaftsrecht
- Wirtschafts- und Handelsrecht
- Strafrecht
- Strafrecht. Kriminelle Taten. Kriminologie
- Internationales Recht
- Internationales und ausländisches Recht
- Gesundheitsschutzgesetz
- Bildungsrecht
- Steuerrecht
- Arbeits- und Sozialversicherungsrecht
- Öffentliches, Verfassungs- und Verwaltungsrecht
- Familien- und Vormundschaftsrecht
- Agrarrecht
- Sozialrecht, Arbeitsrecht
- EU-Recht
- Industrie
- Agrar- und Umweltschutz
- Wörterbücher und Enzyklopädien
- Öffentliche Auftragsvergabe
- Management
-
Führer und Reisen
- Afrika
- Alben
- Südamerika
- Mittel- und Nordamerika
- Australien, Neuseeland, Ozeanien
- Österreich
- Asien
- Balkan
- Naher Osten
- Bulgarien
- China
- Kroatien
- Tschechische Republik
- Dänemark
- Ägypten
- Estland
- Europa
- Frankreich
- Berge
- Griechenland
- Spanien
- Niederlande
- Island
- Litauen
- Lettland
- Mapy, Plany miast, Atlasy
- Miniführer
- Deutschland
- Norwegen
- Aktive Reisen
- Polen
- Portugal
- Andere
- Russland
- Rumänien
- Slowakei
- Slowenien
- Schweiz
- Schweden
- Welt
- Türkei
- Ukraine
- Ungarn
- Großbritannien
- Italien
-
Psychologie
- Lebensphilosophien
- Kompetencje psychospołeczne
- zwischenmenschliche Kommunikation
- Mindfulness
- Allgemeines
- Überzeugung und NLP
- Akademische Psychologie
- Psychologie von Seele und Geist
- Arbeitspsychologie
- Relacje i związki
- Elternschafts- und Kinderpsychologie
- Problemlösung
- Intellektuelle Entwicklung
- Geheimnis
- Sexualität
- Verführung
- Aussehen ind Image
- Lebensphilosophien
-
Religion
-
Sport, Fitness, Diäten
-
Technik und Mechanik
Hörbücher
-
Wirtschaft
- Bitcoin
- Geschäftsfrau
- Coaching
- Controlling
- E-Business
- Ökonomie
- Finanzen
- Börse und Investitionen
- Persönliche Kompetenzen
- Kommunikation und Verhandlungen
- Kleines Unternehmen
- Marketing
- Motivation
- Immobilien
- Überzeugung und NLP
- Steuern
- Handbȕcher
- Präsentationen
- Führung
- Public Relation
- Geheimnis
- Social Media
- Verkauf
- Start-up
- Ihre Karriere
- Management
- Projektmanagement
- Personal (HR)
-
Für Kinder
-
Für Jugendliche
-
Bildung
-
Enzyklopädien, Wörterbücher
-
Geschichte
-
Informatik
-
Andere
-
Fremdsprachen lernen
-
Kultur und Kunst
-
Lektüre
-
Literatur
- Anthologien
- Ballade
- Biografien und Autobiografien
- Für Erwachsene
- Drama
- Tagebücher, Memoiren, Briefe
- Epos
- Essay
- Science Fiction
- Felietonys
- Fiktion
- Humor, Satire
- Andere
- Klassisch
- Krimi
- Sachbücher
- Belletristik
- Mity i legendy
- Nobelpreisträger
- Kurzgeschichten
- Gesellschaftlich
- Okultyzm i magia
- Erzählung
- Erinnerungen
- Reisen
- Poesie
- Politik
- Populärwissenschaftlich
- Roman
- Historischer Roman
- Prosa
- Abenteuer
- Journalismus
- Reportage
- Romans i literatura obyczajowa
- Sensation
- Thriller, Horror
- Interviews und Erinnerungen
-
Naturwissenschaften
-
Sozialwissenschaften
-
Populärwissenschaft und akademisch
- Archäologie
- Philosophie
- Wirtschaft
- Handel. Weltwirtschaft
- Geschichte und Archäologie
- Kunst- und Architekturgeschichte
- Kulturwissenschaft
- Literaturwissenschaft
- Mathematik
- Medizin
- Geisteswissenschaften
- Pädagogik
- Lehrmittel
- Populärwissenschaftlich
- Andere
- Psychologie
- Soziologie
- Teologie
- Zarządzanie i marketing
-
Handbȕcher
-
Professioneller und fachkundige Leitfaden
-
Jura
-
Führer und Reisen
-
Psychologie
- Lebensphilosophien
- zwischenmenschliche Kommunikation
- Mindfulness
- Allgemeines
- Überzeugung und NLP
- Akademische Psychologie
- Psychologie von Seele und Geist
- Arbeitspsychologie
- Relacje i związki
- Elternschafts- und Kinderpsychologie
- Problemlösung
- Intellektuelle Entwicklung
- Geheimnis
- Sexualität
- Verführung
- Aussehen ind Image
- Lebensphilosophien
-
Religion
-
Sport, Fitness, Diäten
-
Technik und Mechanik
Videokurse
-
Datenbank
-
Big Data
-
Biznes, ekonomia i marketing
-
Cybersicherheit
-
Data Science
-
DevOps
-
Für Kinder
-
Elektronik
-
Grafik / Video / CAX
-
Spiele
-
Microsoft Office
-
Entwicklungstools
-
Programmierung
-
Persönliche Entwicklung
-
Computernetzwerke
-
Betriebssysteme
-
Softwaretest
-
Mobile Geräte
-
UX/UI
-
Web development
-
Management
Podcasts
Details zum E-Book
Einloggen, wenn Sie am Inhalt des Artikels interessiert sind.
BackTrack 4: Assuring Security by Penetration Testing. Master the art of penetration testing with BackTrack
E-book
BackTrack is a penetration testing and security auditing platform with advanced tools to identify, detect, and exploit any vulnerabilities uncovered in the target network environment. Applying appropriate testing methodology with defined business objectives and a scheduled test plan will result in robust penetration testing of your network.
BackTrack 4: Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating the cutting-edge hacker tools and techniques in a coherent step-by-step strategy. It offers all the essential lab preparation and testing procedures to reflect real-world attack scenarios from your business perspective in today's digital age.
The authors' experience and expertise enables them to reveal the industry's best approach for logical and systematic penetration testing.
The first and so far only book on BackTrack OS starts with lab preparation and testing procedures, explaining the basic installation and configuration set up, discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the BackTrack specific testing process. The authors discuss a number of security assessment tools necessary to conduct penetration testing in their respective categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, maintaining access, and reporting), following the formal testing methodology. Each of these tools is illustrated with real-world examples to highlight their practical usage and proven configuration techniques. The authors also provide extra weaponry treasures and cite key resources that may be crucial to any professional penetration tester.
This book serves as a single professional, practical, and expert guide to developing hardcore penetration testing skills from scratch. You will be trained to make the best use of BackTrack OS either in a commercial environment or an experimental test bed.
BackTrack 4: Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating the cutting-edge hacker tools and techniques in a coherent step-by-step strategy. It offers all the essential lab preparation and testing procedures to reflect real-world attack scenarios from your business perspective in today's digital age.
The authors' experience and expertise enables them to reveal the industry's best approach for logical and systematic penetration testing.
The first and so far only book on BackTrack OS starts with lab preparation and testing procedures, explaining the basic installation and configuration set up, discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the BackTrack specific testing process. The authors discuss a number of security assessment tools necessary to conduct penetration testing in their respective categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, maintaining access, and reporting), following the formal testing methodology. Each of these tools is illustrated with real-world examples to highlight their practical usage and proven configuration techniques. The authors also provide extra weaponry treasures and cite key resources that may be crucial to any professional penetration tester.
This book serves as a single professional, practical, and expert guide to developing hardcore penetration testing skills from scratch. You will be trained to make the best use of BackTrack OS either in a commercial environment or an experimental test bed.
- BackTrack 4: Assuring Security by Penetration Testing
- Table of Contents
- BackTrack 4: Assuring Security by Penetration Testing
- Credits
- About the Authors
- About the Reviewers
- www.PacktPub.com
- Support files, eBooks, discount offers and more
- Why Subscribe?
- Free Access for Packt account holders
- Support files, eBooks, discount offers and more
- Preface
- What this book covers
- What you need for this book
- Who this book is for
- Conventions
- Reader feedback
- Customer support
- Errata
- Piracy
- Questions
- I. Lab Preparation and Testing Procedures
- 1. Beginning with BackTrack
- History
- BackTrack purpose
- Getting BackTrack
- Using BackTrack
- Live DVD
- Installing to hard disk
- Installation in real machine
- Installation in VirtualBox
- Portable BackTrack
- Configuring network connection
- Ethernet setup
- Wireless setup
- Starting the network service
- Updating BackTrack
- Updating software applications
- Updating the kernel
- Installing additional weapons
- Nessus vulnerability scanner
- WebSecurify
- Customizing BackTrack
- Summary
- 2. Penetration Testing Methodology
- Types of penetration testing
- Black-box testing
- White-box testing
- Vulnerability assessment versus penetration testing
- Security testing methodologies
- Open Source Security Testing Methodology Manual (OSSTMM)
- Key features and benefits
- Information Systems Security Assessment Framework (ISSAF)
- Key features and benefits
- Open Web Application Security Project (OWASP) Top Ten
- Key features and benefits
- Web Application Security Consortium Threat Classification (WASC-TC)
- Key features and benefits
- Open Source Security Testing Methodology Manual (OSSTMM)
- BackTrack testing methodology
- Target scoping
- Information gathering
- Target discovery
- Enumerating target
- Vulnerability mapping
- Social engineering
- Target exploitation
- Privilege escalation
- Maintaining access
- Documentation and reporting
- The ethics
- Summary
- Types of penetration testing
- 1. Beginning with BackTrack
- II. Penetration Testers Armory
- 3. Target Scoping
- Gathering client requirements
- Customer requirements form
- Deliverables assessment form
- Preparing the test plan
- Test plan checklist
- Profiling test boundaries
- Defining business objectives
- Project management and scheduling
- Summary
- Gathering client requirements
- 4. Information Gathering
- Public resources
- Document gathering
- Metagoofil
- DNS information
- dnswalk
- dnsenum
- dnsmap
- dnsmap-bulk
- dnsrecon
- fierce
- Route information
- 0trace
- dmitry
- itrace
- tcpraceroute
- tctrace
- Utilizing search engines
- goorecon
- theharvester
- All-in-one intelligence gathering
- Maltego
- Documenting the information
- Dradis
- Summary
- 5. Target Discovery
- Introduction
- Identifying the target machine
- ping
- arping
- arping2
- fping
- genlist
- hping2
- hping3
- lanmap
- nbtscan
- nping
- onesixtyone
- OS fingerprinting
- p0f
- xprobe2
- Summary
- 6. Enumerating Target
- Port scanning
- AutoScan
- Netifera
- Nmap
- Nmap target specification
- Nmap TCP scan options
- Nmap UDP scan options
- Nmap port specification
- Nmap output options
- Nmap timing options
- Nmap scripting engine
- Unicornscan
- Zenmap
- Service enumeration
- Amap
- Httprint
- Httsquash
- VPN enumeration
- ike-scan
- Summary
- Port scanning
- 7. Vulnerability Mapping
- Types of vulnerabilities
- Local vulnerability
- Remote vulnerability
- Vulnerability taxonomy
- Open Vulnerability Assessment System (OpenVAS)
- OpenVAS integrated security tools
- Cisco analysis
- Cisco Auditing Tool
- Cisco Global Exploiter
- Cisco Passwd Scanner
- Fuzzy analysis
- BED
- Bunny
- JBroFuzz
- SMB analysis
- Impacket Samrdump
- Smb4k
- SNMP analysis
- ADMSnmp
- Snmp Enum
- SNMP Walk
- Web application analysis
- Database assessment tools
- DBPwAudit
- Pblind
- SQLbrute
- SQLiX
- SQLMap
- SQL Ninja
- Application assessment tools
- Burp Suite
- Grendel Scan
- LBD
- Nikto2
- Paros Proxy
- Ratproxy
- W3AF
- WAFW00F
- WebScarab
- Database assessment tools
- Summary
- Types of vulnerabilities
- 8. Social Engineering
- Modeling human psychology
- Attack process
- Attack methods
- Impersonation
- Reciprocation
- Influential authority
- Scarcity
- Social relationship
- Social Engineering Toolkit (SET)
- Targeted phishing attack
- Gathering user credentials
- Common User Passwords Profiler (CUPP)
- Summary
- 9. Target Exploitation
- Vulnerability research
- Vulnerability and exploit repositories
- Advanced exploitation toolkit
- MSFConsole
- MSFCLI
- Ninja 101 drills
- Scenario #1
- Scenario #2
- SNMP community scanner
- VNC blank authentication scanner
- IIS6 WebDAV unicode auth bypass
- Scenario #3
- Bind shell
- Reverse shell
- Meterpreter
- Scenario #4
- Scenario #5
- Generating binary backdoor
- Automated browser exploitation
- Writing exploit module
- Summary
- 10. Privilege Escalation
- Attacking the password
- Offline attack tools
- Rainbowcrack
- Samdump2
- John
- Ophcrack
- Crunch
- Wyd
- Online attack tools
- BruteSSH
- Hydra
- Offline attack tools
- Network sniffers
- Dsniff
- Hamster
- Tcpdump
- Tcpick
- Wireshark
- Network spoofing tools
- Arpspoof
- Ettercap
- Summary
- Attacking the password
- 11. Maintaining Access
- Protocol tunneling
- DNS2tcp
- Ptunnel
- Stunnel4
- Proxy
- 3proxy
- Proxychains
- End-to-end connection
- CryptCat
- Sbd
- Socat
- Summary
- Protocol tunneling
- 12. Documentation and Reporting
- Documentation and results verification
- Types of reports
- Executive report
- Management report
- Technical report
- Network penetration testing report (sample contents)
- Table of Contents
- Presentation
- Post testing procedures
- Summary
- 3. Target Scoping
- III. Extra Ammunition
- A. Supplementary Tools
- Vulnerability scanner
- NeXpose community edition
- NeXpose installation
- Starting NeXpose community
- Login to NeXpose community
- Using NeXpose community
- NeXpose community edition
- Web application fingerprinter
- WhatWeb
- BlindElephant
- Network Ballista
- Netcat
- Open connection
- Service banner grabbing
- Simple server
- File transfer
- Portscanning
- Backdoor Shell
- Reverse shell
- Netcat
- Summary
- Vulnerability scanner
- B. Key Resources
- Vulnerability Disclosure and Tracking
- Paid Incentive Programs
- Reverse Engineering Resources
- Network ports
- Vulnerability Disclosure and Tracking
- A. Supplementary Tools
- Index
- Titel: BackTrack 4: Assuring Security by Penetration Testing. Master the art of penetration testing with BackTrack
- Autor: Shakeel Ali, Tedi Heriyanto
- Originaler Titel: BackTrack 4: Assuring Security by Penetration Testing. Master the art of penetration testing with BackTrack
- ISBN: 9781849513951, 9781849513951
- Veröffentlichungsdatum: 2011-04-14
- Format: E-book
- Artikelkennung: e_3cqe
- Verleger: Packt Publishing