Professional Penetration Testing

1st Edition

Volume 1: Creating and Learning in a Hacking Lab

Authors: Thomas Wilhelm Thomas Wilhelm
Paperback ISBN: 9781597494250
eBook ISBN: 9780080960944
Imprint: Syngress
Published Date: 14th August 2009
Page Count: 528
79.95 + applicable tax
48.99 + applicable tax
53.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab examines all aspects of professional penetration testing, from project management to team building, metrics, risk management, training, reporting, information gathering, vulnerability identification, vulnerability exploitation, privilege escalation, and test-data archival methods. It also discusses how to maintain access and cover one's tracks. It includes two video courses to teach readers fundamental and intermediate information-system penetration testing techniques, and to explain how to create and operate a formal hacking lab.
The book is divided into three parts. Part 1 focuses on the professionals who are members of a penetration test team, the skills required to be an effective team member, and the ways to create a PenTest lab. Part 2 looks at the activities involved in a penetration test and how to run a PenTest to improve the overall security posture of the client. Part 3 discusses the creation of a final report for the client, cleaning up the lab for the next penetration test, and identifying the training needs of penetration-test team members.
This book will benefit both experienced and novice penetration test practitioners.

Key Features

  • Find out how to turn hacking and pen testing skills into a professional career

  • Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers

  • Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business

  • Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester

  • Learn through video – the DVD includes instructional videos that replicate classroom instruction and live, real-world vulnerability simulations of complete servers with known and unknown vulnerabilities to practice hacking skills in a controlled lab environment

Readership

Penetration testers, IT security consultants and practitioners

Table of Contents

Acknowledgments Foreword Part 1 Setting Up Chapter 1 Introduction Introduction About the Book About the DVD Summary Solutions Fast Track Reference Chapter 2 Ethics and Hacking Introduction Why Stay Ethical? Ethical Standards Computer Crime Laws Getting Permission to Hack Summary Solutions Fast Track Frequently Asked Questions Expand Your Skills References Chapter 3 Hacking as a Career Introduction Career Paths Certifications Associations and Organizations Summary Solutions Fast Track Frequently Asked Questions Expand Your Skills References Chapter 4 Setting Up Your Lab Introduction Personal Lab Corporate Lab Protecting Penetration Test Data Additional Network Hardware Summary Solutions Fast Track Frequently Asked Questions Expand Your Skills Reference Chapter 5 Creating and Using PenTest Targets in Your Lab Introduction Turn-Key Scenarios versus Real-World Targets Turn-Key Scenarios Using Exploitable Targets Analyzing Malware – Viruses and Worms Other Target Ideas Summary Solutions Fast Track Frequently Asked Questions Expand Your Skills References Chapter 6 Methodologies Introduction Project Management Body of Knowledge Information System Security Assessment Framework Open Source Security Testing Methodology Manual Summary Solutions Fast Track Frequently Asked Questions Expand Your Skills References Chapter 7 PenTest Metrics

Details

No. of pages:
528
Language:
English
Copyright:
© Syngress 2009
Published:
Imprint:
Syngress
eBook ISBN:
9780080960944
Paperback ISBN:
9781597494250

About the Author

Thomas Wilhelm

Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst. A speaker at security conferences across the United States, including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct risk assessments, participate and lead in external and internal penetration testing efforts, and manage Information Systems Security projects.Thomas is also an Information Technology Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he dedicates some of his time as an Associate Professor at Colorado Technical University and has contributed to multiple publications, including both magazines and books. Thomas currently performs security training courses for both civilian and government personnel through Heorot.net, and maintains the following security certifications: ISSMP, CISSP, SCSECA, and SCNA.

Affiliations and Expertise

ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Thomas Wilhelm

Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst. A speaker at security conferences across the United States, including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct risk assessments, participate and lead in external and internal penetration testing efforts, and manage Information Systems Security projects.Thomas is also an Information Technology Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he dedicates some of his time as an Associate Professor at Colorado Technical University and has contributed to multiple publications, including both magazines and books. Thomas currently performs security training courses for both civilian and government personnel through Heorot.net, and maintains the following security certifications: ISSMP, CISSP, SCSECA, and SCNA.

Affiliations and Expertise

ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Reviews

"Wilhelm has created the ultimate handbook for becoming a pen tester. This is going to help launch many a career." - Richard Stiennon, Chief Research Analyst, IT-Harvest

"Professional Penetration Testing covers everything from ethical concerns, to advance concepts, to setting up your own custom laboratory. It is the most comprehensive and authoritative guide at penetration testing that I have seen. Tom Wilhelm is a true expert in the field who not only is in the trenches on a daily basis, but also takes the time to instruct others on the ways and means of pen testing." –Frank Thornton, Owner, Blackthorn Systems