Hacking For Dummies, 6th Edition

Book description

Stop hackers before they hack you! 

In order to outsmart a would-be hacker, you need to get into the hacker’s mindset. And with this book, thinking like a bad guy has never been easier. In Hacking For Dummies, expert author Kevin Beaver shares his knowledge on penetration testing, vulnerability assessments, security best practices, and every aspect of ethical hacking that is essential in order to stop a hacker in their tracks.

Whether you’re worried about your laptop, smartphone, or desktop computer being compromised, this no-nonsense book helps you learn how to recognize the vulnerabilities in your systems so you can safeguard them more diligently—with confidence and ease.

  • Get up to speed on Windows 10 hacks  
  • Learn about the latest mobile computing hacks
  • Get free testing tools   
  • Find out about new system updates and improvements

There’s no such thing as being too safe—and this resourceful guide helps ensure you’re protected. 

Table of contents

  1. Cover
  2. Introduction
    1. About This Book
    2. Foolish Assumptions
    3. Icons Used in This Book
    4. Beyond the Book
    5. Where to Go from Here
  3. Part 1: Building the Foundation for Security Testing
    1. Chapter 1: Introduction to Vulnerability and Penetration Testing
      1. Straightening Out the Terminology
      2. Recognizing How Malicious Attackers Beget Ethical Hackers
      3. Understanding the Need to Hack Your Own Systems
      4. Understanding the Dangers Your Systems Face
      5. Following the Security Assessment Principles
      6. Using the Vulnerability and Penetration Testing Process
    2. Chapter 2: Cracking the Hacker Mindset
      1. What You’re Up Against
      2. Who Breaks into Computer Systems
      3. Why They Do It
      4. Planning and Performing Attacks
      5. Maintaining Anonymity
    3. Chapter 3: Developing Your Security Testing Plan
      1. Establishing Your Goals
      2. Determining Which Systems to Test
      3. Creating Testing Standards
      4. Selecting Security Assessment Tools
    4. Chapter 4: Hacking Methodology
      1. Setting the Stage for Testing
      2. Seeing What Others See
      3. Scanning Systems
      4. Determining What’s Running on Open Ports
      5. Assessing Vulnerabilities
      6. Penetrating the System
  4. Part 2: Putting Security Testing in Motion
    1. Chapter 5: Information Gathering
      1. Gathering Public Information
      2. Mapping the Network
    2. Chapter 6: Social Engineering
      1. Introducing Social Engineering
      2. Starting Your Social Engineering Tests
      3. Knowing Why Attackers Use Social Engineering
      4. Understanding the Implications
      5. Performing Social Engineering Attacks
      6. Social Engineering Countermeasures
    3. Chapter 7: Physical Security
      1. Identifying Basic Physical Security Vulnerabilities
      2. Pinpointing Physical Vulnerabilities in Your Office
    4. Chapter 8: Passwords
      1. Understanding Password Vulnerabilities
      2. Cracking Passwords
      3. General Password Cracking Countermeasures
      4. Securing Operating Systems
  5. Part 3: Hacking Network Hosts
    1. Chapter 9: Network Infrastructure Systems
      1. Understanding Network Infrastructure Vulnerabilities
      2. Choosing Tools
      3. Scanning, Poking, and Prodding the Network
      4. Detecting Common Router, Switch, and Firewall Weaknesses
      5. Putting Up General Network Defenses
    2. Chapter 10: Wireless Networks
      1. Understanding the Implications of Wireless Network Vulnerabilities
      2. Choosing Your Tools
      3. Discovering Wireless Networks
      4. Discovering Wireless Network Attacks and Taking Countermeasures
    3. Chapter 11: Mobile Devices
      1. Sizing Up Mobile Vulnerabilities
      2. Cracking Laptop Passwords
      3. Cracking Phones and Tablets
  6. Part 4: Hacking Operating Systems
    1. Chapter 12: Windows
      1. Introducing Windows Vulnerabilities
      2. Choosing Tools
      3. Gathering Information About Your Windows Vulnerabilities
      4. Detecting Null Sessions
      5. Checking Share Permissions
      6. Exploiting Missing Patches
      7. Running Authenticated Scans
    2. Chapter 13: Linux and macOS
      1. Understanding Linux Vulnerabilities
      2. Choosing Tools
      3. Gathering Information About Your System Vulnerabilities
      4. Finding Unneeded and Unsecured Services
      5. Securing the .rhosts and hosts.equiv Files
      6. Assessing the Security of NFS
      7. Checking File Permissions
      8. Finding Buffer Overflow Vulnerabilities
      9. Checking Physical Security
      10. Performing General Security Tests
      11. Patching
  7. Part 5: Hacking Applications
    1. Chapter 14: Communication and Messaging Systems
      1. Introducing Messaging System Vulnerabilities
      2. Recognizing and Countering Email Attacks
      3. Understanding VoIP
    2. Chapter 15: Web Applications and Mobile Apps
      1. Choosing Your Web Security Testing Tools
      2. Seeking Out Web Vulnerabilities
      3. Minimizing Web Security Risks
      4. Uncovering Mobile App Flaws
    3. Chapter 16: Databases and Storage Systems
      1. Diving Into Databases
      2. Following Best Practices for Minimizing Database Security Risks
      3. Opening Up About Storage Systems
      4. Following Best Practices for Minimizing Storage Security Risks
  8. Part 6: Security Testing Aftermath
    1. Chapter 17: Reporting Your Results
      1. Pulling the Results Together
      2. Prioritizing Vulnerabilities
      3. Creating Reports
    2. Chapter 18: Plugging Your Security Holes
      1. Turning Your Reports into Action
      2. Patching for Perfection
      3. Hardening Your Systems
      4. Assessing Your Security Infrastructure
    3. Chapter 19: Managing Security Processes
      1. Automating the Security Assessment Process
      2. Monitoring Malicious Use
      3. Outsourcing Security Assessments
      4. Instilling a Security-Aware Mindset
      5. Keeping Up with Other Security Efforts
  9. Part 7: The Part of Tens
    1. Chapter 20: Ten Tips for Getting Security Buy-In
      1. Cultivate an Ally and a Sponsor
      2. Don’t Be a FUDdy-Duddy
      3. Demonstrate That the Organization Can’t Afford to Be Hacked
      4. Outline the General Benefits of Security Testing
      5. Show How Security Testing Specifically Helps the Organization
      6. Get Involved in the Business
      7. Establish Your Credibility
      8. Speak on Management’s Level
      9. Show Value in Your Efforts
      10. Be Flexible and Adaptable
    2. Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test
      1. The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods
      2. IT Governance and Compliance Are More Than High-Level Checklist Audits
      3. Vulnerability and Penetration Testing Complements Audits and Security Evaluations
      4. Customers and Partners Will Ask How Secure Your Systems Are
      5. The Law of Averages Works Against Businesses
      6. Security Assessments Improve Understanding of Business Threats
      7. If a Breach Occurs, You Have Something to Fall Back On
      8. In-Depth Testing Brings Out the Worst in Your Systems
      9. Combined Vulnerability and Penetration Testing Is What You Need
      10. Proper Testing Can Uncover Overlooked Weaknesses
    3. Chapter 22: Ten Deadly Mistakes
      1. Not Getting Approval
      2. Assuming That You Can Find All Vulnerabilities
      3. Assuming That You Can Eliminate All Vulnerabilities
      4. Performing Tests Only Once
      5. Thinking That You Know It All
      6. Running Your Tests Without Looking at Things from a Hacker’s Viewpoint
      7. Not Testing the Right Systems
      8. Not Using the Right Tools
      9. Pounding Production Systems at the Wrong Time
      10. Outsourcing Testing and Not Staying Involved
  10. Appendix: Tools and Resources
    1. Advanced Malware
    2. Bluetooth
    3. Certifications
    4. Databases
    5. Denial of Service (DoS) Protection
    6. Exploits
    7. General Research Tools
    8. Hacker Stuff
    9. Keyloggers
    10. Laws and Regulations
    11. Linux
    12. Live Toolkits
    13. Log Analysis
    14. Messaging
    15. Miscellaneous
    16. Mobile
    17. Networks
    18. Password Cracking
    19. Patch Management
    20. Security Education and Learning Resources
    21. Security Methods and Models
    22. Social Enginering and Phishing
    23. Source Code Analysis
    24. Statistics
    25. Storage
    26. System Hardening
    27. User Awareness and Training
    28. Voice over Internet Protocol
    29. Vulnerability Databases
    30. Websites and Applications
    31. Windows
    32. Wireless Networks
  11. About the Author
  12. Advertisement Page
  13. Connect with Dummies
  14. Index
  15. End User License Agreement

Product information

  • Title: Hacking For Dummies, 6th Edition
  • Author(s): Kevin Beaver
  • Release date: July 2018
  • Publisher(s): For Dummies
  • ISBN: 9781119485476