Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Editi
图书信息
| 作者 | Kevin Cardwell |
| 出版社 | Packt Publishing |
| ISBN | 9781785884955 |
| 出版时间 | 2016-08-01 |
| 字数 | 277.4万 |
| 分类 | 进口书,外文原版书,电脑,网络 |
读书简介
Learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it About This Book Explore and build intricate architectures that allow you to emulate an enterprise network Test and enhance your security skills against complex and hardened virtual architecture Learn methods to bypass common enterprise defenses and leverage them to test the most secure environments. Who This Book Is For While the book targets advanced penetration testing, the process is systematic and as such will provide even beginners with a solid methodology and approach to testing. You are expected to have network and security knowledge. The book is intended for anyone who wants to build and enhance their existing professional security and penetration testing methods and skills. What You Will Learn Learning proven security testing and penetration testing techniques Building multi-layered complex architectures to test the latest network designs Applying a professional testing methodology Determining whether there are filters between you and the target and how to penetrate them Deploying and finding weaknesses in common firewall architectures. Learning advanced techniques to deploy against hardened environments Learning methods to circumvent endpoint protection controls In Detail Security flaws and new hacking techniques emerge overnight – security professionals need to make sure they always have a way to keep . With this practical guide, learn how to build your own virtual pentesting lab environments to practice and develop your security skills. Create challenging environments to test your abilities, and overcome them with proven processes and methodologies used by global penetration testing teams. Get to grips with the techniques needed to build complete virtual machines perfect for pentest training. Construct and attack layered architectures, and plan specific attacks based on the platforms you’re going up against. Find new vulnerabilities for different kinds of systems and networks, and what these mean for your clients. Driven by a proven penetration testing methodology that has trained thousands of testers, Building Virtual Labs for Advanced Penetration Testing, Second Edition will prepare you for participation in professional security teams. Style and approach The book is written in an easy-to-follow format that provides a step–by-step, process-centric approach. Additionally, there are numerous hands-on examples and additional references for readers who might want to learn even more. The process developed throughout the book has been used to train and build teams all around the world as professional security and penetration testers.
目录
Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition
Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Introducing Penetration Testing
Security testing
Authentication
Authorization
Confidentiality
Integrity
Availability
Non-repudiation
An abstract testing methodology
Planning
Nonintrusive target search
Nslookup
Central Ops
The Wayback Machine
Shodan
Intrusive target search
Find live systems
Discover open ports
Discover services
Enumeration
Identify vulnerabilities
Exploitation
Data analysis
Reporting
Description
Analysis and exposure
Recommendations
References
Myths and misconceptions about pen testing
Summary
2. Choosing the Virtual Environment
Open source and free environments
VMware Workstation Player
VirtualBox
Xen
Hyper-V
vSphere Hypervisor
Commercial environments
vSphere
XenServer
VMware Workstation Pro
Image conversion
Converting from a physical to a virtual environment
Summary
3. Planning a Range
Planning
What are we trying to accomplish?
By when do we have to accomplish it?
Identifying vulnerabilities
Vulnerability sites
Vendor sites
Summary
4. Identifying Range Architectures
Building the machines
Building new machines
Conversion
Cloning a virtual machine
Selecting network connections
The bridged setting
Network Address Translation
The host-only switch
The custom settings
Choosing range components
The attacker machine
Router
Firewall
Web server
Readers' challenge
Summary
5. Identifying a Methodology
The OSSTMM
The Posture Review
Logistics
Active detection verification
Visibility Audit
Access verification
Trust verification
Control verification
Process verification
Configuration verification
Property validation
Segregation review
Exposure verification
Competitive intelligence scouting
Quarantine verification
Privileges audit
Survivability validation
Alert and log review
CHECK
NIST SP-800-115
The information security assessment methodology
Technical assessment techniques
Comparing tests and examinations
Testing viewpoints
Overt and covert
Penetration Testing Execution Standard (PTES)
Offensive Security
Other methodologies
Customization
Readers' challenge
Summary
6. Creating an External Attack Architecture
Configuring firewall architectures and establishing layered architectures
iptables
Testing
Adding a web server
Configuring the second layer
Setting the VLAN
Review pfSense
Deploying IDS
Intrusion Detection System (IDS)
Readers' challenge
Summary
7. Assessment of Devices
Assessing routers
Router machine
Router scanning analysis
Verify our assumptions
Kali 2.0
iptables
Iptables network analysis
Evaluating switches
VLAN hopping attacks
GARP attacks
Layer two attack tool
Attacking the firewall
Tricks to penetrate filters
Readers' challenge
Summary
8. Architecting an IDS/IPS Range
Deploying a network-based IDS
Security Incident and Event Management (SIEM)
Implementing the host-based IDS and endpoint security
Working with virtual switches
Evasion
Determining thresholds
Stress testing
Shell code obfuscation
Readers' challenge
Summary
9. Assessment of Web Servers and Web Applications
OWASP top ten attacks
Analysing web applications with Burp Suite
Input validation example
Integrating web application firewalls
Penetrating web application firewalls
Tools
Readers' challenge
Summary
10. Testing Flat and Internal Networks
The role of vulnerability scanners
Microsoft Baseline Security Analyzer
Scanning without credentials
Nessus
Scanning with credentials
Dealing with host protection
User Account Control
The host firewall
Endpoint protection
Enhanced Mitigation Experience Toolkit
Bypassing EMET
Readers' challenge
Summary
11. Testing Servers
Common protocols and applications for servers
Web
File transfer protocol
Protocol research
Secure Shell
Database assessment
MS SQL
MySQL
Oracle
OS platform specifics
Windows legacy
Windows Server 2008, 2012, and 2016
Unix
Linux
MAC
Readers' challenge
Summary
12. Exploring Client-Side Attack Vectors
Client-side attack methods
Bait
Lure
Pilfering data from the client
Using the client as a pivot point
Pivoting
Proxy exploitation
Leveraging the client configuration
Client-side exploitation
Client-side exploitation using PowerShell
Bypassing antivirus and other protection tools
Readers' challenge
Summary
13. Building a Complete Cyber Range
Creating the layered architecture
Architecting the switching
Segmenting the architecture
A public DMZ
A private DMZ
Decoy DMZ
Building a complete enterprise architecture
Integrating decoys and honeypots
Attacking the cyber range
Recording the attack data for further training and analysis
Readers' challenge
Summary
- 未解之谜(下)(百读)
- 有趣的语文:一个语文教师的“另类”行走(凌宗伟)
- ARM 9嵌入式开发基础与实例进阶(光盘内容另行下载,地址见书封底)(冯新宇)
- Dead Cat Bounce(Green, Norman)
- 欧洲的转折(郭方)
- 谦逊的问讯:以询问开启良好关系的艺术(原书第2版)((美)埃德加·沙因,(美)彼得·沙因)
- 交易圣经((澳)布伦特·奔富)
