Penetration Tester's Open Source ToolkitBy
- Jeremy Faircloth, Jeremy Faircloth (Security+, CCNA, MCSE, MCP+I, A+) is a Senior Principal IT Technologist for Medtronic, Inc., where he and his team architect and maintain enterprise-wide client/server and Web-based technologies. He is a member of the Society for Technical Communication and frequently acts as a technical resource for other IT professionals through teaching and writing, using his expertise to help others expand their knowledge. As a systems engineer with over 19 years of real-world IT experience, he has become an expert in many areas including Web development, database administration, enterprise security, network design, large enterprise applications and project management. Jeremy is also a contributing author to over a dozen technical books covering a variety of topics.
- Jay Beale, Series Editor of the Jay Beale Open Source Security Series, lead developer of the Bastille project, Seattle, WA
- Roelof Temmingh
- Haroon Meer
- Charl van der Walt
- HD Moore
Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This book provides both the art and the science. The authors of the book are expert penetration testers who have developed many of the leading pen testing tools; such as the Metasploit framework. The authors allow the reader inside their heads to unravel the mysteries of thins like identifying targets, enumerating hosts, application fingerprinting, cracking passwords, and attacking exposed vulnerabilities. Along the way, the authors provide an invaluable reference to the hundreds of tools included on the bootable-Linux CD for penetration testing.
Published: August 2005
- Chapter 1. Know Your Target. Verify that the IP range or domain belongs to the correct target, perform basic reconnaissance and identify possible target user accounts. Chapter 2. Host Detection Chapter 3. Service Detection Chapter 4. Use port scan tool to enumerate open ports Chapter 5. Using "nmap" to perform a portscan Chapter 6. Using "scanrand" to perform a portscan Chapter 7. Results: List of open ports Chapter 8. Application Fingerprinting Chapter 9. Password Attacks Chapter 10. Exploiting Identified Vulnerabilities Chapter 11. Use exploit toolkits Chapter 12. Using "metasploit framework" to verify and exploit vulnerabilities. Chapter 13. "CGE" to exploit vulnerabilities in Cisco devices