Professional Penetration Testing

Volume 1: Creating and Learning in a Hacking Lab

By

  • Thomas Wilhelm, ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University
  • Thomas Wilhelm, ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab examines all aspects of professional penetration testing, from project management to team building, metrics, risk management, training, reporting, information gathering, vulnerability identification, vulnerability exploitation, privilege escalation, and test-data archival methods. It also discusses how to maintain access and cover one's tracks. It includes two video courses to teach readers fundamental and intermediate information-system penetration testing techniques, and to explain how to create and operate a formal hacking lab. The book is divided into three parts. Part 1 focuses on the professionals who are members of a penetration test team, the skills required to be an effective team member, and the ways to create a PenTest lab. Part 2 looks at the activities involved in a penetration test and how to run a PenTest to improve the overall security posture of the client. Part 3 discusses the creation of a final report for the client, cleaning up the lab for the next penetration test, and identifying the training needs of penetration-test team members. This book will benefit both experienced and novice penetration test practitioners.
View full description

Audience

Penetration testers, IT security consultants and practitioners

 

Book information

  • Published: August 2009
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-425-0

Reviews

"Wilhelm has created the ultimate handbook for becoming a pen tester. This is going to help launch many a career." - Richard Stiennon, Chief Research Analyst, IT-Harvest

"Professional Penetration Testing covers everything from ethical concerns, to advance concepts, to setting up your own custom laboratory. It is the most comprehensive and authoritative guide at penetration testing that I have seen. Tom Wilhelm is a true expert in the field who not only is in the trenches on a daily basis, but also takes the time to instruct others on the ways and means of pen testing." –Frank Thornton, Owner, Blackthorn Systems




Table of Contents


Acknowledgments

Foreword

Part 1 Setting Up

Chapter 1 Introduction

Introduction

About the Book

About the DVD

Summary

Solutions Fast Track

Reference

Chapter 2 Ethics and Hacking

Introduction

Why Stay Ethical?

Ethical Standards

Computer Crime Laws

Getting Permission to Hack

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 3 Hacking as a Career

Introduction

Career Paths

Certifications

Associations and Organizations

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 4 Setting Up Your Lab

Introduction

Personal Lab

Corporate Lab

Protecting Penetration Test Data

Additional Network Hardware

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

Reference

Chapter 5 Creating and Using PenTest Targets in Your Lab

Introduction

Turn-Key Scenarios versus Real-World Targets

Turn-Key Scenarios

Using Exploitable Targets

Analyzing Malware - Viruses and Worms

Other Target Ideas

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 6 Methodologies

Introduction

Project Management Body of Knowledge

Information System Security Assessment Framework

Open Source Security Testing Methodology Manual

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 7 PenTest Metrics

Introduction

Quantitative, Qualitative, and Mixed Methods

Current Methodologies

Summary

Solutions Fast Track

Frequently Asked Questions

References

Chapter 8 Management of a PenTest

Introduction

Project Team Members

Project Management

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Part 2 Running a Pentest

Chapter 9 Information Gathering

Introduction

Passive Information Gathering

Active Information Gathering

Project Management

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 10 Vulnerability Identification

Introduction

Port Scanning

System Identification

Services Identification

Vulnerability Identification

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

Reference

Chapter 11 Vulnerability Verification

Introduction

Exploit Codes - Finding and Running

Exploit Codes - Creating Your Own

Web Hacking

Project Management

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 12 Compromising a System and Privilege Escalation

Introduction

System Enumeration

Network Packet Sniffing

Social Engineering

Wireless Attacks

Project Management

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 13 Maintaining Access

Introduction

Shells and Reverse Shells

Encrypted Tunnels

Other Encryption and Tunnel Methods

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

Reference

Chapter 14 Covering Your Tracks

Introduction

Manipulating Log Data

Hiding Files

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

Reference

Part 3 Wrapping Everything UP

Chapter 15 Reporting Results

Introduction

What Should You Report?

Initial Report

Final Report

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

References

Chapter 16 Archiving Data

Introduction

Should You Keep Data?

Securing Documentation

Summary

Solutions Fast Track

Frequently Asked Questions

Reference

Chapter 17 Cleaning Up Your Lab

Introduction

Archiving Lab Data

Creating and Using System Images

Creating a “Clean Shop”

Summary

Solutions Fast Track

Frequently Asked Questions

Reference

Chapter 18 Planning for Your Next PenTest

Introduction

Risk Management Register

Knowledge Database

After-Action Review

Summary

Solutions Fast Track

Frequently Asked Questions

Expand Your Skills

Reference

Appendix A: Acronyms

Appendix B: Definitions

Index