book

Penetration Testing Essentials

by Sean-Philip Oriyano

December 2016

Beginner

360 pages

English

Sybex

Read now

Unlock full access

Defining Penetration TestingPreserving Confidentiality, Integrity, and AvailabilityAppreciating the Evolution of Hacking
Comparing Common Operating SystemsExploring Networking Concepts
Recognizing the Four Goals of CryptographyThe History of EncryptionSpeaking Intelligently About CryptographyComparing Symmetric and Asymmetric CryptographyTransforming Data via HashingA Hybrid System: Using Digital SignaturesWorking with PKI
Determining the Objective and Scope of the JobChoosing the Type of Test to PerformGaining Permission via a ContractFollowing the Law While Testing
Introduction to Intelligence GatheringExamining a Company’s Web PresenceFinding Websites That Don’t Exist AnymoreGathering Information with Search EnginesTargeting Employees with People SearchesDiscovering LocationDo Some Social NetworkingLooking via Financial ServicesInvestigating Job BoardsSearching EmailExtracting Technical Information
Introduction to ScanningChecking for Live SystemsPerforming Port ScanningIdentifying an Operating SystemScanning for VulnerabilitiesUsing Proxies (Or Keeping Your Head Down)Performing Enumeration
Introduction to Vulnerability ScanningRecognizing the Limitations of Vulnerability ScanningOutlining the Vulnerability Scanning ProcessTypes of Scans That Can Be Performed

Recognizing Strong PasswordsChoosing a Password-Cracking TechniqueExecuting a Passive Online AttackExecuting an Active Online AttackExecuting an Offline AttackUsing Nontechnical MethodsEscalating Privileges
Deciding How to AttackInstalling a Backdoor with PsToolsOpening a Shell with LAN TurtleRecognizing Types of MalwareLaunching VirusesLaunching WormsLaunching SpywareInserting TrojansInstalling Rootkits
Reporting the Test ParametersCollecting InformationHighlighting the Important InformationAdding Supporting DocumentationConducting Quality Assurance
Detecting IntrusionsRecognizing the Signs of an IntrusionEvading an IDSBreaching a FirewallUsing Honeypots: The Wolf in Sheep’s Clothing
Recognizing the Motivations for EvasionGetting Rid of Log FilesHiding FilesEvading Antivirus SoftwareEvading Defenses by Entering Through a BackdoorUsing Rootkits for Evasion
An Introduction to WirelessBreaking Wireless Encryption TechnologiesConducting a Wardriving AttackConducting Other Types of AttackChoosing Tools to Attack WirelessKnocking Out BluetoothHacking the Internet of Things (IoT)
Recognizing Current-Generation Mobile DevicesWorking with Android OSWorking with Apple iOSFinding Security Holes in Mobile DevicesEncountering Bring Your Own Device (BYOD)Choosing Tools to Test Mobile Devices
Introduction to Social EngineeringExploiting Human TraitsActing Like a Social EngineerTargeting Specific VictimsLeveraging Social NetworkingConducting Safer Social Networking
Introduction to HardeningThree Tenets of DefenseCreating a Security BaselineHardening with Group PolicyHardening Desktop SecurityBacking Up a System
Introduction to Network HardeningIntrusion Detection SystemsFirewallsPhysical Security Controls
Choosing Your Career PathBuild a LibraryPractice Technical WritingDisplay Your Skills
Deciding to Build a LabConsidering VirtualizationGetting Starting and What You Will NeedInstalling Software
Chapter 1: Introduction to Penetration TestingChapter 2: Introduction to Operating Systems and NetworkingChapter 3: Introduction to CryptographyChapter 4: Outlining the Pentesting MethodologyChapter 5: Gathering IntelligenceChapter 6: Scanning and EnumerationChapter 7: Conducting Vulnerability ScanningChapter 8: Cracking PasswordsChapter 9: Retaining Access with Backdoors and MalwareChapter 10: ReportingChapter 11: Working with Defensive and Detection SystemsChapter 12: Covering Your Tracks and Evading DetectionChapter 13: Detecting and Targeting WirelessChapter 14: Dealing with Mobile Device SecurityChapter 15: Performing Social EngineeringChapter 16: Hardening a Host SystemChapter 17: Hardening Your NetworkChapter 18: Navigating the Path to Job SuccessChapter 19: Building a Test Lab for Penetration Testing

Content preview from Penetration Testing Essentials

CHAPTER 6 Scanning and Enumeration

Once you have gathered information about your target, it is time to move on to scanning and enumeration. Scanning includes ping sweeping, port scanning, and vulnerability scanning. Enumeration is the process of extracting meaningful information from the openings and information you found during scanning, such as usernames, share data, group information, and much more.

In this chapter, you’ll learn to:

Do a ping sweep
Perform port scanning
Identify an operating system
Look for vulnerabilities
Use a proxy
Perform enumeration

Introduction to Scanning

Scanning is a pretty broad term; it’s a sort of catchall term covering many different techniques, all of which are some form of scan type.

A ping sweep checks ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781119235309Purchase Link

Penetration Testing Essentials

by Sean-Philip Oriyano

CHAPTER 6 Scanning and Enumeration

Introduction to Scanning

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like