Professional Penetration Testing

2nd Edition

Creating and Learning in a Hacking Lab

Authors: Thomas Wilhelm
Paperback ISBN: 9781597499934
eBook ISBN: 9780124046184
Imprint: Syngress
Published Date: 17th July 2013
Page Count: 464
78.95 + applicable tax
59.95 + applicable tax
48.99 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices.

Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

All disc-based content for this title is now available on the Web.

Key Features

  • Find out how to turn hacking and pen testing skills into a professional career
  • Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers
  • Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business
  • Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester

Readership

Penetration testers, IT security consultants and practitioners

Table of Contents

PART I - Setting Up
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest

PART II - Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks

PART III - Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest

Appendix A - Acronyms
Appendix B - Definitions

Details

No. of pages:
464
Language:
English
Copyright:
© Syngress 2013
Published:
Imprint:
Syngress
eBook ISBN:
9780124046184
Paperback ISBN:
9781597499934

About the Author

Thomas Wilhelm

Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst. A speaker at security conferences across the United States, including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct risk assessments, participate and lead in external and internal penetration testing efforts, and manage Information Systems Security projects.Thomas is also an Information Technology Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he dedicates some of his time as an Associate Professor at Colorado Technical University and has contributed to multiple publications, including both magazines and books. Thomas currently performs security training courses for both civilian and government personnel through Heorot.net, and maintains the following security certifications: ISSMP, CISSP, SCSECA, and SCNA.

Affiliations and Expertise

ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Reviews

"...this is a detailed and thorough examination of both the technicalities and the business of pen-testing, and an excellent starting point for anyone getting into the field." --Network Security, March 2014