The Basics of Hacking and Penetration Testing
View on ScienceDirect

The Basics of Hacking and Penetration Testing

Ethical Hacking and Penetration Testing Made Easy

1st Edition - July 21, 2011
  • Author: Patrick Engebretson
  • eBook ISBN: 9781597496568

Purchase options

Purchase options
DRM-free (PDF, EPub, Mobi)
eBook Format Help
Sales tax will be calculated at check-out

Institutional Subscription

Support CenterReturns & Refunds
Free Global Shipping
No minimum order

Description

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. This book makes ethical hacking and penetration testing easy – no prior hacking experience is required. It shows how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. With a simple and clean explanation of how to effectively utilize these tools – as well as the introduction to a four-step methodology for conducting a penetration test or hack – the book provides students with the know-how required to jump start their careers and gain a better understanding of offensive security. The book is organized into 7 chapters that cover hacking tools such as Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. PowerPoint slides are available for use in class. This book is an ideal reference for security consultants, beginning InfoSec professionals, and students.

Key Features

  • Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews
  • Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
  • Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
  • Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.

Readership

Security Consultants, beginning InfoSec professionals, Students

Table of Contents

  • Chapter 1: What is Penetration Testing?
    Introduction
    Introduction to Backtrack Linux: Tools. Lots of Tools
    Working with Backtrack: Starting the Engine
    The Use and Creation of a Hacking Lab
    Phases of a Penetration Test
    Chapter Review
    Summary

    Chapter 2: Reconnaissance
    Introduction
    HTTrack: Website Copier
    Google Directives – Practicing your Google-Fu
    The Harvester: Discovering and Leveraging Email Addresses
    Whois
    Netcraft
    Host
    Extracting Information From DNS
    Extracting Information from Email Servers
    MetaGooFil
    Social Engineering
    Sifting through the Intel to Finding Attackable Targets
    How Do I Practice This Step?
    Where Do I Go From Here?
    Summary

    Chapter 3: Scanning
    Introduction
    Pings and Ping Sweeps
    Port Scanning
    Vulnerability Scanning
    How Do I Practice This Step?
    Where Do I Go From Here?
    Summary

    Chapter 4: Exploitation
    Introduction
    Gaining Access to Remote Services with Medusa
    Metasploit: Hacking, Hugh Jackman Style!
    John the Ripper: King of the Password Crackers
    Password Resetting: Kind of Like Driving a Bulldozer through the Side a Building
    Sniffing Network Traffic
    Macof: Making Chicken Salad Out of Chicken Sh*t
    Fast-Track Autopwn: Breaking Out the M-60
    How Do I Practice This Step?
    Where Do I Go From Here?
    Summary

    Chapter 5: Web Based Exploitation
    Introduction
    Interrogating Web Servers: Nikto
    Websecurify: Automated Web Vulnerability Scanning
    Spidering: Crawling Your Target’s Website
    Intercepting Requests with Web Scarab
    Code Injection Attacks
    Cross Site Scripting: Browsers that Trust Sites
    How Do I Practice this Step?
    Where Do I Go From Here?
    Summary

    Chapter 6: Maintaining Access with Backdoors and Rootkits
    Introduction
    Netcat: The Swiss Army Knife
    Netcat’s Cryptic Cousin: Cryptcat
    Rootkits
    Detecting and Defending Against Rootkits
    How Do I Practice This Step?
    Where Do I Go From Here?
    Summary

    Chapter 7: Wrapping Up the Penetration Test
    Introduction
    Writing the Penetration Testing Report
    You Don’t Have to Go Home but You Can’t Stay Here
    Where Do I Go From Here?
    Wrap up
    The Circle of Life
    Summary

     

     

     

     

     

     

Product details

  • No. of pages: 180
  • Language: English
  • Copyright: © Syngress 2011
  • Published: July 21, 2011
  • Imprint: Syngress
  • eBook ISBN: 9781597496568

About the Author

Patrick Engebretson

Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years he has published many peer reviewed journal and conference papers in these areas. Dr. Engebretson has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.

Affiliations and Expertise

Assistant Professor of Information Assurance; Senior Penetration Tester for security firm in the Midwest