Description

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you  to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate.

Key Features

  • Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
  • Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
  • Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test.

Readership

Security Consultants, beginning InfoSec professionals, Students

Table of Contents

Dedication

Acknowledgments

My Wife

My Girls

My Family

Dave Kennedy

Jared DeMott

To the Syngress Team

About the Author

Introduction

What is New in This Edition?

Who is the Intended Audience for This Book?

How is This Book Different from Book ‘x’?

Why Should I Buy This Book?

What Do I Need to Follow Along?

Chapter 1. What is Penetration Testing?

Information in This Chapter:

Introduction

Setting the Stage

Introduction to Kali and Backtrack Linux: Tools. Lots of Tools

Working with Your Attack Machine: Starting the Engine

The Use and Creation of a Hacking Lab

Phases of a Penetration Test

Where Do I Go from Here?

Summary

Chapter 2. Reconnaissance

Information in This Chapter:

Introduction

HTTrack: Website Copier

Google Directives: Practicing Your Google-Fu

The Harvester: Discovering and Leveraging E-mail Addresses

Whois

Netcraft

Host

Extracting Information from DNS

nslookup

Dig

Fierce: What to Do When Zone Transfers Fail

Extracting Information from E-mail Servers

MetaGooFil

ThreatAgent: Attack of the Drones

Social Engineering

Sifting Through the Intel to Find Attackable Targets

How Do I Practice This Step?

Where Do I Go from Here?

Summary

Chapter 3. Scanning

Information in This Chapter:

Introduction

Pings and Ping Sweeps

Port Scanning

The Three-Way Handshake

Using Nmap to Perform a TCP Connect Scan

Using Nmap to Perform an SYN Scan

Using Nmap to Perform UDP Scans

Using Nmap to Perform an Xmas Scan

Using Nmap to Perform Null Scans

The Nmap Scripting Engine: From Caterpillar to Butterfly

Port Scann

Details

No. of pages:
225
Language:
English
Copyright:
© 2013
Published:
Imprint:
Syngress
Print ISBN:
9780124116443
Electronic ISBN:
9780124116412

Reviews

"...this is meant to be a practical book, and it positively encourages you to download, fire up and use the tools mentioned. The first chapter even tells you how to set up your own ‘hacking lab’. So whatever your interest in hacking, you’ll get the most out of the book if you follow along."--Network Security,Aug 1 2013

"For people looking to become pen-testers, this is an excellent first step. For anyone simply curious about what pen-testing involves and who wants to try some of the techniques for themselves, it may be all you need." - Network Security, December 2011