book

Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits

by Chuck Easttom

March 2018

Beginner

448 pages

11h 51m

English

Pearson IT Certification

Read now

Unlock full access

What Is Penetration Testing?AuditsVulnerability ScansPenetration TestsThe Hybrid TestTerminologyMethodologiesNature of the TestApproachesEthical IssuesEverything Is ConfidentialKeep in Your LaneIf You Break It, You Bought ItLegal IssuesComputer Fraud and Abuse Act (CFAA): 18 U.S. Code § 1030Unlawful Access to Stored Communications: 18 U.S. Code § 2701Identity Theft Enforcement and Restitution ActFraud and Related Activity in Connection with Access Devices: 18 U.S. Code § 1029State LawsInternational LawsCertificationsCEHGPENOSCPMile2CISSPPPTThis Book and CertificationsCareers in Penetration TestingSecurity AdministratorsCommercial Penetration TestingGovernment/National DefenseLaw EnforcementBuilding Your SkillsetSummaryTest Your Skills
PCI DSSThe Actual TestNIST 800-115PlanningExecutionPost-ExecutionNational Security Agency InfoSec Assessment Methodology (NSA-IAM)PTESCREST (UK)A Synthesis (Putting Standards Together into a Single Unified Approach)Pre-EngagementThe Actual TestReportingRelated StandardsOWASPOther StandardsISO 27002NIST 800-12, Revision 1NIST 800-14SummaryTest Your Skills
Cryptography BasicsHistory of EncryptionThe Caesar CipherAtbashMulti-Alphabet SubstitutionRail FenceModern MethodsSymmetric EncryptionModification of Symmetric MethodsPractical ApplicationsPublic Key (Asymmetric) EncryptionDigital SignaturesHashingMD5SHARIPEMDWindows HashingMAC and HMACRainbow TablesPass the HashPassword CrackersSteganographyHistorical SteganographyMethods and ToolsCryptanalysisFrequency AnalysisModern MethodsPractical ApplicationLearning MoreSummaryTest Your Skills
Passive Scanning TechniquesNetcraftBuiltWithArchive.orgShodanSocial MediaGoogle SearchingActive Scanning TechniquesPort ScanningEnumerationWiresharkMaltegoOther OSINT ToolsOSINT WebsiteAlexaWeb Master TipsSummaryTest Your Skills
VirusesHow a Virus SpreadsTypes of VirusesVirus ExamplesTrojan HorsesOther Forms of MalwareRootkitMalicious Web-Based CodeLogic BombsCreating MalwareLevels of Malware Writing SkillGUI ToolsSimple Script VirusesCreating a Trojan HorseAltering Existing VirusesSummaryTest Your Skills
Windows DetailsWindows HistoryThe Boot ProcessImportant Windows FilesWindows LogsThe RegistryVolume Shadow CopyWindows Password HashingWindows Hacking TechniquesPass the HashchntpwNet User ScriptLogin as SystemFind the AdminWindows Scriptingnet usersnet viewnet sharenet servicenetshellWindows Password CrackingOffline NT Registry EditorLCPpwdumpophcrackJohn the RipperDetecting Malware in WindowsCain and AbelSummaryTest Your Skills
Web TechnologySpecific Attacks on WebsitesSQL Script InjectionXSSOther Web AttacksToolsBurp SuiteBeEFSummaryTest Your Skills
VulnerabilitiesCVENISTOWASPPacket CapturetcpdumpWiresharkNetwork ScannersLanHelperWireless Scanners/CrackersAircrackGeneral ScannersMBSANessusNexposeSAINTWeb Application ScannersOWASP ZAPVegaCyber Threat IntelligenceThreatcrowd.orgPhishtankInternet Storm CenterOSINTSummaryTest Your Skills
Linux HistoryLinux Commandsls Commandcd CommandPipe Outputfinger Commandgrep Commandps Commandpstree Commandtop Commandkill CommandBasic File and Directory Commandschown Commandchmod Commandbg Commandfg Commanduseradd Commanduserdel Commandusermod Commandusers Commandwho CommandDirectories/root/bin/sbin/etc/dev/boot/usr/var/procGraphical User InterfaceGNOMEKDESummaryTest Your Skills
More on the Linux OSsysfsCrondShell CommandsLinux FirewallIptablesiptables ConfigurationSyslogSyslogdScriptingLinux PasswordsLinux Hacking TricksBoot HackBackspace HackSummaryTest Your Skills
Kali Linux HistoryKali BasicsKali Toolsrecon-ngDmitrySpartaJohn the RipperHashcatmacchangerGhost PhisherSummaryTest Your Skills
Wi-Fi TestingCreate a HotspotUsing Kali as a HotspotTesting the WAP AdministrationOther Wi-Fi IssuesSocial EngineeringDoSWell-known DoS AttacksToolsSummaryTest Your Skills
Background on MetasploitGetting Started with MetasploitBasic Usage of msfconsoleBasic CommandsSearchingScanning with MetasploitSMB ScannerSQL Server ScanSSH Server ScanAnonymous FTP ServersFTP ServerHow to Use ExploitsExploit ExamplesCascading Style SheetsFile Format ExploitRemote Desktop ExploitMore ExploitsCommon ErrorPost ExploitsGet Logged-on UsersCheck VMEnumerate ApplicationsGoing Deeper into the TargetSummaryTest Your Skills
Meterpreter and Post ExploitsARPNETSTATPSNavigationDownload and UploadDesktopsCamerasKey LoggerOther InformationmsfvenomMore Metasploit AttacksFormatting All DrivesAttacking Windows Server 2008 R2Attacking Windows via OfficeAttacking LinuxAttacking via the WebAnother Linux AttackLinux Post ExploitsSummaryTest Your Skills
Getting StartedBasic Ruby ScriptingA First ScriptSyntaxObject-Oriented ProgrammingSummaryTest Your Skills
The APIGetting StartedExamine an Existing ExploitExtending Existing ExploitsWriting Your First ExploitSummaryTest Your Skills
ConferencesDark WebCertification and TrainingCyber Warfare and TerrorismNation State ActorsSummaryTest Your Skills
Wireless Pen Testing802.11InfraredBluetoothOther Forms of WirelessWi-Fi HackingMainframe and SCADASCADA BasicsMainframesMobile Pen TestingCellular TerminologyBluetooth AttacksBluetooth/Phone ToolsSummaryTest Your Skills
Pen Test OutlinePre-Test ActivitiesExternalInternalOptional ItemsReport OutlineSummary

Content preview from Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits

Appendix A

Answers to Chapter Multiple Choice Questions

Chapter 1

Multiple Choice Questions

1. Answer: A. A black box test is a test wherein the tester gets the absolute minimum information.

Answer B is incorrect because a gray box test would indicate some information was given.Answers C and D are not penetration tests so they are incorrect.

2. Answer: A. 18 USC 2701 is about access devices. The other USC, federal laws, cover other aspects of computer law and are thus not the correct answer.

3. Answer: C. A security audit is primarily about reports, policies, and document review.

Answers A and D are incorrect because they are penetration tests and require actual attempts to breach the system.

Answer B is incorrect because a vulnerability assessment ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Penetration Testing and Network Defense

Andrew Whitaker, Daniel P. Newman

Advanced Infrastructure Penetration Testing

Chiheb Chebbi

Penetration Testing Bootcamp

Jason Beltrame

Practical Web Penetration Testing

Gus Khawaja

Publisher Resources

ISBN: 9780134854564