0915920514 cs@booksvn.com
EN VI JA KO ZH
Log in Sign up
BooksVN
Trang chủeBookPenetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits, 1st edition
Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits, 1st edition

Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits, 1st edition

BRAND: PEARSON
Publisher:
PEARSON
Author:
William Easttom; Omar Santos
Edition:
(July 6, 2021) © 2018
eBook ISBN:
9780137459728
Print ISBN:
9780789759375
Type:
4 Months Subscription. Dành cho Cá nhân
eBook edition. Monthly Subscription. Dành cho Cá nhân | Trường ĐH, Nhóm, Thư Viện: Gọi 0915920514 để báo giá Pearson, Vital Source eBook hoặc mua Sách In
Related Tags

Tổng quan sách

Chuyên gia, nhà nghiên cứu, người hướng dẫn và tác giả bảo mật hàng đầu Chuck Easttom II đã tập hợp tất cả kiến ​​thức cần thiết vào một hướng dẫn toàn diện duy nhất bao gồm toàn bộ vòng đời thử nghiệm thâm nhập. Easttom tích hợp các khái niệm, thuật ngữ, thách thức và lý thuyết, đồng thời hướng dẫn bạn từng bước, từ lập kế hoạch đến báo cáo sau thử nghiệm hiệu quả. Anh ấy trình bày một dự án mẫu từ đầu đến cuối dựa trên các công cụ nguồn mở miễn phí, cũng như các câu hỏi, phòng thí nghiệm và các phần đánh giá xuyên suốt. Nguyên tắc cơ bản về kiểm tra thâm nhập cũng là cuốn sách duy nhất đề cập đến các tiêu chuẩn kiểm tra thâm nhập từ NSA, PCI và NIST.
  1. Introduction
  2. Chapter 1:Introduction to Penetration TestingWhat Is Penetration Testing?AuditsVulnerability ScansPenetration TestsThe Hybrid TestTerminologyMethodologiesNature of the TestApproachesEthical IssuesEverything Is ConfidentialKeep in Your LaneIf You Break It, You Bought ItLegal IssuesComputer Fraud and Abuse Act (CFAA): 18 U.S. Code § 1030Unlawful Access to Stored Communications: 18 U.S. Code § 2701Identity Theft Enforcement and Restitution ActFraud and Related Activity in Connection with Access Devices: 18 U.S. Code § 1029State LawsInternational LawsCertificationsCEHGPENOSCPMile2CISSPPPTThis Book and CertificationsCareers in Penetration TestingSecurity AdministratorsCommercial Penetration TestingGovernment/National DefenseLaw EnforcementBuilding Your SkillsetSummaryTest Your Skills
  3. Chapter 2:StandardsPCI DSSThe Actual TestNIST 800-115PlanningExecutionPost-ExecutionNational Security Agency InfoSec Assessment Methodology (NSA-IAM)PTESCREST (UK)A Synthesis (Putting Standards Together into a Single Unified Approach)Pre-EngagementThe Actual TestReportingRelated StandardsOWASPOther StandardsISO 27002NIST 800-12, Revision 1NIST 800-14SummaryTest Your Skills
  4. Chapter 3:CryptographyCryptography BasicsHistory of EncryptionThe Caesar CipherAtbashMulti-Alphabet SubstitutionRail FenceModern MethodsSymmetric EncryptionModification of Symmetric MethodsPractical ApplicationsPublic Key (Asymmetric) EncryptionDigital SignaturesHashingMD5SHARIPEMDWindows HashingMAC and HMACRainbow TablesPass the HashPassword CrackersSteganographyHistorical SteganographyMethods and ToolsCryptanalysisFrequency AnalysisModern MethodsPractical ApplicationLearning MoreSummaryTest Your Skills
  5. Chapter 4:ReconnaissancePassive Scanning TechniquesNetcraftBuiltWithArchive.orgShodanSocial MediaGoogle SearchingActive Scanning TechniquesPort ScanningEnumerationWiresharkMaltegoOther OSINT ToolsOSINT WebsiteAlexaWeb Master TipsSummaryTest Your Skills
  6. Chapter 5:MalwareVirusesHow a Virus SpreadsTypes of VirusesVirus ExamplesTrojan HorsesOther Forms of MalwareRootkitMalicious Web-Based CodeLogic BombsCreating MalwareLevels of Malware Writing SkillGUI ToolsSimple Script VirusesCreating a Trojan HorseAltering Existing VirusesSummaryTest Your Skills
  7. Chapter 6:Hacking WindowsWindows DetailsWindows HistoryThe Boot ProcessImportant Windows FilesWindows LogsThe RegistryVolume Shadow CopyWindows Password HashingWindows Hacking TechniquesPass the HashchntpwNet User ScriptLogin as SystemFind the AdminWindows Scriptingnet usersnet viewnet sharenet servicenetshellWindows Password CrackingOffline NT Registry EditorLCPpwdumpophcrackJohn the RipperDetecting Malware in WindowsCain and AbelSummaryTest Your Skills
  8. Chapter 7:Web HackingWeb TechnologySpecific Attacks on WebsitesSQL Script InjectionXSSOther Web AttacksToolsBurp SuiteBeEFSummaryTest Your Skills
  9. Chapter 8:Vulnerability ScanningVulnerabilitiesCVENISTOWASPPacket CapturetcpdumpWiresharkNetwork ScannersLanHelperWireless Scanners/CrackersAircrackGeneral ScannersMBSANessusNexposeSAINTWeb Application ScannersOWASP ZAPVegaCyber Threat IntelligenceThreatcrowd.orgPhishtankInternet Storm CenterOSINTSummaryTest Your Skills
  10. Chapter 9:Introduction to LinuxLinux HistoryLinux Commandsls Commandcd CommandPipe Outputfinger Commandgrep Commandps Commandpstree Commandtop Commandkill CommandBasic File and Directory Commandschown Commandchmod Commandbg Commandfg Commanduseradd Commanduserdel Commandusermod Commandusers Commandwho CommandDirectories/root/bin/sbin/etc/dev/boot/usr/var/procGraphical User InterfaceGNOMEKDESummaryTest Your Skills
  11. Chapter 10:Linux HackingMore on the Linux OSsysfsCrondShell CommandsLinux FirewallIptablesiptables ConfigurationSyslogSyslogdScriptingLinux PasswordsLinux Hacking TricksBoot HackBackspace HackSummaryTest Your Skills
  12. Chapter 11:Introduction to Kali LinuxKali Linux HistoryKali BasicsKali Toolsrecon-ngDmitrySpartaJohn the RipperHashcatmacchangerGhost PhisherSummaryTest Your Skills
  13. Chapter 12:General Hacking TechniquesWi-Fi TestingCreate a HotspotUsing Kali as a HotspotTesting the WAP AdministrationOther Wi-Fi IssuesSocial EngineeringDoSWell-known DoS AttacksToolsSummaryTest Your Skills
  14. Chapter 13:Introduction to MetasploitBackground on MetasploitGetting Started with MetasploitBasic Usage of msfconsoleBasic CommandsSearchingScanning with MetasploitSMB ScannerSQL Server ScanSSH Server ScanAnonymous FTP ServersFTP ServerHow to Use ExploitsExploit ExamplesCascading Style SheetsFile Format ExploitRemote Desktop ExploitMore ExploitsCommon ErrorPost ExploitsGet Logged-on UsersCheck VMEnumerate ApplicationsGoing Deeper into the TargetSummaryTest Your Skills
  15. Chapter 14:More with MetasploitMeterpreter and Post ExploitsARPNETSTATPSNavigationDownload and UploadDesktopsCamerasKey LoggerOther InformationmsfvenomMore Metasploit AttacksFormatting All DrivesAttacking Windows Server 2008 R2Attacking Windows via OfficeAttacking LinuxAttacking via the WebAnother Linux AttackLinux Post ExploitsSummaryTest Your Skills
  16. Chapter 15:Introduction to Scripting with RubyGetting StartedBasic Ruby ScriptingA First ScriptSyntaxObject-Oriented ProgrammingSummaryTest Your Skills
  17. Chapter 16:Write Your Own Metasploit Exploits with RubyThe APIGetting StartedExamine an Existing ExploitExtending Existing ExploitsWriting Your First ExploitSummaryTest Your Skills
  18. Chapter 17:General Hacking KnowledgeConferencesDark WebCertification and TrainingCyber Warfare and TerrorismNation State ActorsSummaryTest Your Skills
  19. Chapter 18:Additional Pen Testing TopicsWireless Pen Testing802.11InfraredBluetoothOther Forms of WirelessWi-Fi HackingMainframe and SCADASCADA BasicsMainframesMobile Pen TestingCellular TerminologyBluetooth AttacksBluetooth/Phone ToolsSummaryTest Your Skills
  20. Chapter 19:A Sample Pen Test ProjectPen Test OutlinePre-Test ActivitiesExternalInternalOptional ItemsReport OutlineSummaryAppendix A:Answers to Chapter Multiple Choice Questions9780789759375 TOC 2/13/2018
Chat Zalo