Penetration Tester's Open Source Toolkit - 2nd Edition - ISBN: 9781597492133, 9780080556079

Penetration Tester's Open Source Toolkit

2nd Edition

Authors: Jeremy Faircloth Chris Hurley
eBook ISBN: 9780080556079
Imprint: Syngress
Published Date: 16th November 2007
Page Count: 592
Tax/VAT will be calculated at check-out Price includes VAT (GST)
47.95
61.95
61.95
37.99
Unavailable
Price includes VAT (GST)
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

Key Features

• Perform Network Reconnaissance Master the objectives, methodology, and tools of the least understood aspect of a penetration test. • Demystify Enumeration and Scanning Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services. • Hack Database Services Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system. • Test Web Servers and Applications Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications. • Test Wireless Networks and Devices Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools. • Examine Vulnerabilities on Network Routers and Switches Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices. • Customize BackTrack 2 Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations. • Perform Forensic Discovery and Analysis with BackTrack 2 Use BackTrack in the field for forensic analysis, image acquisition, and file carving. • Build Your Own PenTesting Lab Everything you need to build your own fully functional attack lab.

Readership

IT Security Professionals and software developers

Table of Contents

Defining the Scope ISSAF and OSSTMM Metasploit v3 BackTrack v2 Kismet IDS Toolkits: WireShark, Snort, Nessus Tools: Bluebugger, Wyd, SIPcrack Fuzzing Tools Testing Web Applications Botnets

Details

No. of pages:
592
Language:
English
Copyright:
© Syngress 2007
Published:
Imprint:
Syngress
eBook ISBN:
9780080556079

About the Author

Jeremy Faircloth

Jeremy Faircloth (CISSP, Security+, CCNA, MCSE, MCP+I, A+) is an IT practitioner with a background in a wide variety of technologies as well as experience managing technical teams at multiple Fortune 50 companies. He is a member of the Society for Technical Communication and frequently acts as a technical resource for other IT professionals through teaching and writing, using his expertise to help others expand their knowledge. Described as a “Renaissance man of IT” with over 20 years of real-world IT experience, he has become an expert in many areas including Web development, database administration, enterprise security, network design, large enterprise applications, and project management. Jeremy is also an author that has contributed to over a dozen technical books covering a variety of topics and teaches courses on many of those topics.

Affiliations and Expertise

(Security+, CCNA, MCSE, MCP+I, A+), Senior Principal IT Technologist, Medtronic, Inc.

Chris Hurley

Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Affiliations and Expertise

Senior Penetration Tester, Washington, DC, USA