Penetration Testing For Dummies. Robert Shimonski
Читать онлайн книгу.
rel="nofollow" href="#ulink_c48c8332-df17-5c8f-9964-1a0aea7a0ba4">Toolkit Fundamentals Understanding Denial of Service (DoS) Attacks Buffer Overflow Attacks Fragmentation Attacks Smurf Attacks Tiny Packet Attacks Xmas Tree Attacks Chapter 7: Destroy (Malware) Toolkit Fundamentals Malware Ransomware Other Types of Destroy Attacks Chapter 8: Subvert (Controls Bypass) Toolkit Fundamentals Attack Vectors Phishing Spoofing Malware
5 Part 3: Diving In: Preparations and Testing Chapter 9: Preparing for the Pen Test Handling the Preliminary Logistics Gathering Requirements Coming Up with a Plan Having a Backout Plan Chapter 10: Conducting a Penetration Test Attack! Looking at the Pen Test from Inside Documenting Your Every Move Other Capture Methods and Vectors Assessment Prevention
6 Part 4: Creating a Pen Test Report Chapter 11: Reporting Structuring the Pen Test Report Creating a Professional and Accurate Report Delivering the Report: Report Out Fundamentals Updating the Risk Register Chapter 12: Making Recommendations Understanding Why Recommendations Are Necessary Seeing How Assessments Fit into Recommendations Networks Systems General Security Recommendations: All Systems More Recommendations Chapter 13: Retesting Looking at the Benefits of Retesting Understanding the Reiterative Nature of Pen Testing and Retesting Determining When to Retest Choosing What to Retest Running a Pen Retest
7
Part 5: The Part of Tens
Chapter 14: Top Ten Myths About Pen Testing
All Forms of Ethical Hacking Are the Same
We Can’t Afford a Pen Tester
We Can’t Trust a Pen Tester
We Don’t Trust the Tools
Pen Tests Are Not Done Often
Pen Tests Are Only for Technical Systems
Contractors Can’t Make Great Pen Testers
Pen Test Tool Kits Must Be Standardized
Pen Testing Itself Is a Myth and Unneeded
Pen Testers Know Enough and Don’t Need to Continue to Learn
Chapter 15: Ten Tips to Refine Your Pen Testing Skills
Continue Your Education
Build Your Toolkit
Think outside the Box
Think Like a Hacker
Get Involved
Use a Lab
Stay Informed
Stay Ahead of New Technologies
Build Your Reputation
Learn about Physical Security
Chapter 16: Ten Sites to Learn More About Pen Testing
SANS Institute
GIAC Certifications
Software Engineering Institute
(Assorted)