The Basics of Hacking and Penetration Testing

1st Edition

Ethical Hacking and Penetration Testing Made Easy

Authors: Patrick Engebretson
Paperback ISBN: 9781597496551
eBook ISBN: 9781597496568
Imprint: Syngress
Published Date: 21st July 2011
Page Count: 180
29.95 + applicable tax
18.99 + applicable tax
23.95 + applicable tax
Unavailable
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Description

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you  to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate.

Key Features

  • Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews
  • Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
  • Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
  • Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.

Readership

Security Consultants, beginning InfoSec professionals, Students

Table of Contents

Chapter 1: What is Penetration Testing?
Introduction
Introduction to Backtrack Linux: Tools. Lots of Tools
Working with Backtrack: Starting the Engine
The Use and Creation of a Hacking Lab
Phases of a Penetration Test
Chapter Review
Summary

Chapter 2: Reconnaissance
Introduction
HTTrack: Website Copier
Google Directives – Practicing your Google-Fu
The Harvester: Discovering and Leveraging Email Addresses
Whois
Netcraft
Host
Extracting Information From DNS
Extracting Information from Email Servers
MetaGooFil
Social Engineering
Sifting through the Intel to Finding Attackable Targets
How Do I Practice This Step?
Where Do I Go From Here?
Summary

Chapter 3: Scanning
Introduction
Pings and Ping Sweeps
Port Scanning
Vulnerability Scanning
How Do I Practice This Step?
Where Do I Go From Here?
Summary

Chapter 4: Exploitation
Introduction
Gaining Access to Remote Services with Medusa
Metasploit: Hacking, Hugh Jackman Style!
John the Ripper: King of the Password Crackers
Password Resetting: Kind of Like Driving a Bulldozer through the Side a Building
Sniffing Network Traffic
Macof: Making Chicken Salad Out of Chicken Sh*t
Fast-Track Autopwn: Breaking Out the M-60
How Do I Practice This Step?
Where Do I Go From Here?
Summary

Chapter 5: Web Based Exploitation
Introduction
Interrogating Web Servers: Nikto
Websecurify: Automated Web Vulnerability Scanning
Spidering: Crawling Your Target’s Website
Intercepting Requests with Web Scarab
Code Injection Attacks
Cross Site Scripting: Browsers that Trust Sites
How Do I Practice this Step?
Where Do I Go From Here?
Summary

Chapter 6: Maintaining Access with Backdoors and Rootkits
Introduction
Netcat: The Swiss Army Knife
Netcat’s Crypt

Details

No. of pages:
180
Language:
English
Copyright:
© Syngress 2011
Published:
Imprint:
Syngress
eBook ISBN:
9781597496568
Paperback ISBN:
9781597496551

About the Author

Patrick Engebretson

Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest.

Affiliations and Expertise

Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years he has published many peer reviewed journal and conference papers in these areas. Dr. Engebretson has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.

Awards

Best Hacking and Pen Testing Books 2011, InfoSec Reviews

Reviews

"...an introduction to what ethical hacking involves, and a primer for more indepth technical volumes...it does get its hands dirty with guides to using the main tools. But each technique or piece of software is only covered to the depth required to give you a good feel for what’s going on..."--Network Security, December 1 2011