Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.
Save up to 30% on print and eBooks.
The Basics of Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Made Easy
2nd Edition - June 24, 2013
Author: Patrick Engebretson
Language: English
Paperback ISBN:9780124116443
9 7 8 - 0 - 1 2 - 4 1 1 6 4 4 - 3
eBook ISBN:9780124116412
9 7 8 - 0 - 1 2 - 4 1 1 6 4 1 - 2
The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginn…Read more
Purchase options
LIMITED OFFER
Save 50% on book bundles
Immediately download your ebook while waiting for your print delivery. No promo code is needed.
The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. The book teaches students how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. It provides a simple and clean explanation of how to effectively utilize these tools, along with a four-step methodology for conducting a penetration test or hack, thus equipping students with the know-how required to jump start their careers and gain a better understanding of offensive security.
Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class.
This book is an ideal resource for security consultants, beginning InfoSec professionals, and students.
Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases
Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University
Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test
Security Consultants, beginning InfoSec professionals, Students
Dedication Acknowledgments My Wife My Girls My Family Dave Kennedy Jared DeMott To the Syngress Team About the Author Introduction What is New in This Edition? Who is the Intended Audience for This Book? How is This Book Different from Book ‘x’? Why Should I Buy This Book? What Do I Need to Follow Along?
1. What is Penetration Testing? Information in This Chapter: Introduction Setting the Stage Introduction to Kali and Backtrack Linux: Tools. Lots of Tools Working with Your Attack Machine: Starting the Engine The Use and Creation of a Hacking Lab Phases of a Penetration Test Where Do I Go from Here? Summary
2. Reconnaissance Information in This Chapter: Introduction HTTrack: Website Copier Google Directives: Practicing Your Google-Fu The Harvester: Discovering and Leveraging E-mail Addresses Whois Netcraft Host Extracting Information from DNS nslookup Dig Fierce: What to Do When Zone Transfers Fail Extracting Information from E-mail Servers MetaGooFil ThreatAgent: Attack of the Drones Social Engineering Sifting Through the Intel to Find Attackable Targets How Do I Practice This Step? Where Do I Go from Here? Summary
3. Scanning Information in This Chapter: Introduction Pings and Ping Sweeps Port Scanning The Three-Way Handshake Using Nmap to Perform a TCP Connect Scan Using Nmap to Perform an SYN Scan Using Nmap to Perform UDP Scans Using Nmap to Perform an Xmas Scan Using Nmap to Perform Null Scans The Nmap Scripting Engine: From Caterpillar to Butterfly Port Scanning Wrap Up Vulnerability Scanning How Do I Practice This Step? Where Do I Go from Here? Summary
4. Exploitation Information in This Chapter: Introduction Medusa: Gaining Access to Remote Services Metasploit: Hacking, Hugh Jackman Style! JtR: King of the Password Crackers Local Password Cracking Remote Password Cracking Linux Password Cracking and a Quick Example of PrivilegeEscalation Password Resetting: The Building and the Wrecking Ball Wireshark: Sniffing Network Traffic Macof: Making Chicken Salad Out of Chicken Sh∗t Armitage: Introducing Doug Flutie of Hacking Why Learn Five Tools When One Works Just as Well? How Do I Practice This Step? Where Do I Go from Here? Summary
5. Social Engineering Information in This Chapter: Introduction The Basics of SET Website Attack Vectors The Credential Harvester Other Options Within SET Summary
6. Web-Based Exploitation Information in This Chapter: Introduction The Basics of Web Hacking Nikto: Interrogating Web Servers w3af: More than Just a Pretty Face Spidering: Crawling Your Target’s Website Intercepting Requests with Webscarab Code Injection Attacks Cross-Site Scripting: Browsers that Trust Sites ZED Attack Proxy: Bringing It All Together Under One Roof Intercepting in ZAP Spidering in ZAP Scanning in ZAP How Do I Practice This Step? Where Do I Go from Here? Additional Resources Summary
7. Post Exploitation and Maintaining Access with Backdoors, Rootkits, and Meterpreter Information in This Chapter: Introduction Netcat: The Swiss Army Knife Netcat’s Cryptic Cousin: Cryptcat Rootkits Hacker Defender: It is Not What You Think Detecting and Defending Against Rootkits Meterpreter: The Hammer that Turns Everything into a Nail How Do I Practice This Step? Where Do I Go from Here? Summary
8. Wrapping Up the Penetration Test Information in This Chapter: Introduction Writing the Penetration Testing Report Executive Summary Detailed Report Raw Output You Do Not Have to Go Home but You Cannot Stay Here Where Do I Go from Here? Wrap Up The Circle of Life Summary
Index
No. of pages: 225
Language: English
Edition: 2
Published: June 24, 2013
Imprint: Syngress
Paperback ISBN: 9780124116443
eBook ISBN: 9780124116412
PE
Patrick Engebretson
Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years he has published many peer reviewed journal and conference papers in these areas. Dr. Engebretson has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.
Affiliations and expertise
Assistant Professor of Information Assurance; Senior Penetration Tester for security firm in the Midwest
Read The Basics of Hacking and Penetration Testing on ScienceDirect