Penetration Tester's Open Source Toolkit, 3rd Edition

Penetration Tester's Open Source Toolkit, 3rd Edition

by Jeremy Faircloth
Released August 2011
Publisher(s): Syngress
ISBN: 9781597496285

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Penetration Tester’s Open Source Toolkit, Third Edition, discusses the open source tools available to penetration testers, the ways to use them, and the situations in which they apply. Great commercial penetration testing tools can be very expensive and sometimes hard to use or of questionable accuracy. This book helps solve both of these problems. The open source, no-cost penetration testing tools presented do a great job and can be modified by the student for each situation.

This edition offers instruction on how and in which situations the penetration tester can best use them. Real-life scenarios support and expand upon explanations throughout. It also presents core technologies for each type of testing and the best tools for the job. The book consists of 10 chapters that covers a wide range of topics such as reconnaissance; scanning and enumeration; client-side attacks and human weaknesses; hacking database services; Web server and Web application testing; enterprise application testing; wireless penetrating testing; and building penetration test labs. The chapters also include case studies where the tools that are discussed are applied. New to this edition: enterprise application testing, client-side attacks and updates on Metasploit and Backtrack.

This book is for people who are interested in penetration testing or professionals engaged in penetration testing. Those working in the areas of database, network, system, or application administration, as well as architects, can gain insights into how penetration testers perform testing in their specific areas of expertise and learn what to expect from a penetration test. This book can also serve as a reference for security or audit professionals.

  • Details current open source penetration testing tools
  • Presents core technologies for each type of testing and the best tools for the job
  • New to this edition: Enterprise application testing, client-side attacks and updates on Metasploit and Backtrack

Table of contents

  1. Cover image
  2. Table of Contents
  3. Frontmatter
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. Introduction
  8. About the Author
  9. About the Technical Editor
  10. Chapter 1. Tools of the trade
  11. 1.1. Objectives
  12. 1.2. Approach
  13. 1.3. Core technologies
  14. 1.4. Open source tools
  15. 1.5. Case study: the tools in action
  16. 1.6. Hands-on challenge
  17. Chapter 2. Reconnaissance
  18. 2.1. Objective
  19. 2.2. A methodology for reconnaissance
  20. 2.3. Intelligence gathering
  21. 2.4. Footprinting
  22. 2.5. Human recon
  23. 2.6. Verification
  24. 2.7. Case study: the tools in action
  25. 2.8. Hands-on challenge
  26. Chapter 3. Scanning and enumeration
  27. 3.1. Objectives
  28. 3.2. Scanning
  29. 3.3. Enumeration
  30. 3.4. Case studies: the tools in action
  31. 3.5. Hands-on challenge
  32. Chapter 4. Client-side attacks and human weaknesses
  33. 4.1. Objective
  34. 4.2. Phishing
  35. 4.3. Social network attacks
  36. 4.4. Custom malware
  37. 4.5. Case study: the tools in action
  38. 4.6. Hands-on challenge
  39. Chapter 5. Hacking database services
  40. 5.1. Objective
  41. 5.2. Core technologies
  42. 5.3. Microsoft SQL Server
  43. 5.4. Oracle database management system
  44. 5.5. Case study: the tools in action
  45. 5.6. Hands-on challenge
  46. Chapter 6. Web server and web application testing
  47. 6.1. Objective
  48. 6.2. Approach
  49. 6.3. Core technologies
  50. 6.4. Open source tools
  51. 6.5. Case study: the tools in action
  52. 6.6. Hands-on challenge
  53. Chapter 7. Network devices
  54. 7.1. Objectives
  55. 7.2. Approach
  56. 7.3. Core technologies
  57. 7.4. Open source tools
  58. 7.5. Case study: the tools in action
  59. 7.6. Hands-on challenge
  60. Chapter 8. Enterprise application testing
  61. 8.1. Objective
  62. 8.2. Core technologies
  63. 8.3. Approach
  64. 8.4. Open source tools
  65. 8.5. Case study: the tools in action
  66. 8.6. Hands-on challenge
  67. Chapter 9. Wireless penetration testing
  68. 9.1. Objective
  69. 9.2. Approach
  70. 9.3. Core technologies
  71. 9.4. Open source tools
  72. 9.5. Case study: the tools in action
  73. 9.6. Hands-on challenge
  74. Chapter 10. Building penetration test labs
  75. 10.1. Objectives
  76. 10.2. Approach
  77. 10.3. Core technologies
  78. 10.4. Open source tools
  79. 10.5. Case study: the tools in action
  80. 10.6. Hands-on challenge
  81. Index

Product information

  • Title: Penetration Tester's Open Source Toolkit, 3rd Edition
  • Author(s): Jeremy Faircloth
  • Release date: August 2011
  • Publisher(s): Syngress
  • ISBN: 9781597496285