book

Penetration Testing Essentials

by Sean-Philip Oriyano

December 2016

Beginner

360 pages

English

Sybex

Read now

Unlock full access

Defining Penetration TestingPreserving Confidentiality, Integrity, and AvailabilityAppreciating the Evolution of Hacking
Comparing Common Operating SystemsExploring Networking Concepts
Recognizing the Four Goals of CryptographyThe History of EncryptionSpeaking Intelligently About CryptographyComparing Symmetric and Asymmetric CryptographyTransforming Data via HashingA Hybrid System: Using Digital SignaturesWorking with PKI
Determining the Objective and Scope of the JobChoosing the Type of Test to PerformGaining Permission via a ContractFollowing the Law While Testing
Introduction to Intelligence GatheringExamining a Company’s Web PresenceFinding Websites That Don’t Exist AnymoreGathering Information with Search EnginesTargeting Employees with People SearchesDiscovering LocationDo Some Social NetworkingLooking via Financial ServicesInvestigating Job BoardsSearching EmailExtracting Technical Information
Introduction to ScanningChecking for Live SystemsPerforming Port ScanningIdentifying an Operating SystemScanning for VulnerabilitiesUsing Proxies (Or Keeping Your Head Down)Performing Enumeration
Introduction to Vulnerability ScanningRecognizing the Limitations of Vulnerability ScanningOutlining the Vulnerability Scanning ProcessTypes of Scans That Can Be Performed

Recognizing Strong PasswordsChoosing a Password-Cracking TechniqueExecuting a Passive Online AttackExecuting an Active Online AttackExecuting an Offline AttackUsing Nontechnical MethodsEscalating Privileges
Deciding How to AttackInstalling a Backdoor with PsToolsOpening a Shell with LAN TurtleRecognizing Types of MalwareLaunching VirusesLaunching WormsLaunching SpywareInserting TrojansInstalling Rootkits
Reporting the Test ParametersCollecting InformationHighlighting the Important InformationAdding Supporting DocumentationConducting Quality Assurance
Detecting IntrusionsRecognizing the Signs of an IntrusionEvading an IDSBreaching a FirewallUsing Honeypots: The Wolf in Sheep’s Clothing
Recognizing the Motivations for EvasionGetting Rid of Log FilesHiding FilesEvading Antivirus SoftwareEvading Defenses by Entering Through a BackdoorUsing Rootkits for Evasion
An Introduction to WirelessBreaking Wireless Encryption TechnologiesConducting a Wardriving AttackConducting Other Types of AttackChoosing Tools to Attack WirelessKnocking Out BluetoothHacking the Internet of Things (IoT)
Recognizing Current-Generation Mobile DevicesWorking with Android OSWorking with Apple iOSFinding Security Holes in Mobile DevicesEncountering Bring Your Own Device (BYOD)Choosing Tools to Test Mobile Devices
Introduction to Social EngineeringExploiting Human TraitsActing Like a Social EngineerTargeting Specific VictimsLeveraging Social NetworkingConducting Safer Social Networking
Introduction to HardeningThree Tenets of DefenseCreating a Security BaselineHardening with Group PolicyHardening Desktop SecurityBacking Up a System
Introduction to Network HardeningIntrusion Detection SystemsFirewallsPhysical Security Controls
Choosing Your Career PathBuild a LibraryPractice Technical WritingDisplay Your Skills
Deciding to Build a LabConsidering VirtualizationGetting Starting and What You Will NeedInstalling Software
Chapter 1: Introduction to Penetration TestingChapter 2: Introduction to Operating Systems and NetworkingChapter 3: Introduction to CryptographyChapter 4: Outlining the Pentesting MethodologyChapter 5: Gathering IntelligenceChapter 6: Scanning and EnumerationChapter 7: Conducting Vulnerability ScanningChapter 8: Cracking PasswordsChapter 9: Retaining Access with Backdoors and MalwareChapter 10: ReportingChapter 11: Working with Defensive and Detection SystemsChapter 12: Covering Your Tracks and Evading DetectionChapter 13: Detecting and Targeting WirelessChapter 14: Dealing with Mobile Device SecurityChapter 15: Performing Social EngineeringChapter 16: Hardening a Host SystemChapter 17: Hardening Your NetworkChapter 18: Navigating the Path to Job SuccessChapter 19: Building a Test Lab for Penetration Testing

Content preview from Penetration Testing Essentials

CHAPTER 9 Retaining Access with Backdoors and Malware

Once you have gained access to the system, the next step is carrying out the main part of your attack. This stage can involve running applications, modifying the system, or even jumping onto other systems as well as mapping and moving around the network. You’ll also need to retain access by installing backdoors and malware.

In this chapter, you’ll learn how to:

Pick an attack
Install a backdoor
Open a shell
Launch a virus, worms, and spyware
Insert Trojans
Install a rootkit

Deciding How to Attack

Once you have the opportunity to execute applications or do anything on the compromised system, the decision is up to you what you will do. Backdoors are meant to open up an alternative means ...