Penetration Testing For Dummies. Robert Shimonski
Читать онлайн книгу.rel="nofollow" href="#ulink_5cf252c1-83ea-5853-8d4d-40f442de79e8">Open Web Application Security Project Tenable Nmap Wireshark Dark Reading Offensive Security
8 Index
List of Tables
1 Chapter 2TABLE 2-1 A Risk Register
2 Chapter 13TABLE 13-1 Reviewing the Risk Register for Issues to Retest
List of Illustrations
1 Chapter 1FIGURE 1-1: Adding an IP range to scan.FIGURE 1-2: Examining the OSI model.FIGURE 1-3: Digging into a network packet capture.FIGURE 1-4: Review a firewall log.FIGURE 1-5: Metasploit is one tool for pen testing.FIGURE 1-6: Use Nessus to conduct an assessment.FIGURE 1-7: Examining a Retina CS scan.
2 Chapter 2FIGURE 2-1: Sample output from Nessus.FIGURE 2-2: Nmap is a tool you use to conduct to ping sweeps.FIGURE 2-3: Examples of commonly used AV programs.
3 Chapter 3FIGURE 3-1: Nessus output.FIGURE 3-2: Using Nessus to scan a network router.FIGURE 3-3: Select a scan template type.FIGURE 3-4: Create your first Nessus scan.FIGURE 3-5: Using Wireshark Network Analyzer.FIGURE 3-6: Launching and using Wireshark to analyze traffic.FIGURE 3-7: Drilling down into captured data.FIGURE 3-8: Examining the traffic between host endpoints with Wireshark.FIGURE 3-9: Testing FTP access with Wireshark.FIGURE 3-10: Using tcdump on Kali Linux.FIGURE 3-11: Explore the Kali Linux toolset.FIGURE 3-12: Loading and using Nmap in Kali Linux.FIGURE 3-13: Creating a network map with Nmap.
4 Chapter 4FIGURE 4-1: Accessing the Kali Linux menu to begin a social engineering attack.FIGURE 4-2: From the Toolkit menu, choose Social-Engineering Attacks.FIGURE 4-3: Choose Website Attack Vectors from this list.FIGURE 4-4: Cloning a site re-creates an exact replica of it.FIGURE 4-5: The options I chose to create a clone website.FIGURE 4-6: I set up a clone Google.com — for pen-testing purposes only!FIGURE 4-7: The different areas of attack vectors.FIGURE 4-8: A password crack via Metasploit.FIGURE 4-9: Using Wireshark to capture and expose data protected by SSL.FIGURE 4-10: Metasploit Pro’s Quick PenTest wizard.FIGURE 4-11: Running a quick pen test with Metasploit Pro.
5 Chapter 5FIGURE 5-1: Using Burp Suite for pen testing.FIGURE 5-2: Viewing an N-tier application.FIGURE 5-3: Using Wireshark to pen test.FIGURE 5-4: Using Wireshark to grab packets in a sniffing operation.FIGURE 5-5: A card skimmer on an ATM.
6 Chapter 6FIGURE 6-1: Using Kali for pen testing disruption attacks.FIGURE 6-2: Launching an attack from outside the network.FIGURE 6-3: Using Kali T50 to send a flood attack to a host.FIGURE 6-4: Viewing resources with the Linux top command.FIGURE 6-5: How a distributed denial of service (DDoS) attack works.FIGURE 6-6: How the buffer overflow attack works.FIGURE 6-7: Use Kali’s fragroute and fragmentation6 to determine your level of ...FIGURE 6-8: Sending malformed packets to hosts with Kali’s fragtest.FIGURE 6-9: Using ping to generate a sweep and smurf attack.FIGURE 6-10: Use Wireshark to identify tiny packet attacks.
7 Chapter 7FIGURE 7-1: Nessus offers various scan types for pen testing destroy attacks.FIGURE 7-2: Looking for hosts that are vulnerable to known threats.FIGURE 7-3: A typical external vector attack with the goal of destroying a data...FIGURE 7-4: An example of a ransomware attack.FIGURE 7-5: An example of AV endpoint protection.
8 Chapter 8FIGURE 8-1: Kali’s Information Gathering menu can help you perform subvert and ...FIGURE 8-2: Using Nmap to launch an attack against a router/routing device scan...FIGURE 8-3: Conducting a SYN scan to identify open ports.FIGURE 8-4: Identifying possible hosts and ports.FIGURE 8-5: Learning the MAC address of the scanned device and distance by netw...FIGURE 8-6: Internal and external subvert attacks operate under the same concep...FIGURE 8-7: Host-based AV software indicates there’s an issue requiring attenti...FIGURE 8-8: Updating and fixing your AV.
9 Chapter 9FIGURE 9-1: Use a RACI chart to identify roles and responsibilities.FIGURE 9-2: Consult past results to help with future tests.FIGURE 9-3: Reviewing threats on the risk register.FIGURE 9-4: Reviewing attack vectors to devise a test plan.FIGURE 9-5: Reviewing Nessus scan templates.FIGURE 9-6: Tuning tools with filters for prep.
10 Chapter 10FIGURE 10-1: Doing a WhoIs search to gain intel.FIGURE 10-2: Pinging at a command prompt to get an IP address or range to scan.FIGURE 10-3: Using Kali (Xhydra) to crack a router password.FIGURE 10-4: A network map with IP addressing.FIGURE 10-5: Building a network map with Nessus.FIGURE 10-6: Building a network map with Nmap.
11 Chapter 11FIGURE 11-1: An example executive summary.FIGURE 11-2: Documenting and reporting attack vectors is part of your narrative...FIGURE 11-3: An example of a Tools, Methods, and Vectors section.FIGURE 11-4: Include your main findings in your report.FIGURE 11-5: An example of a report conclusion.
12 Chapter 12FIGURE 12-1: Reviewing Nessus for hardening tips.FIGURE 12-2: A large network map.FIGURE 12-3: Disabling unneeded services, such as telnet services.FIGURE 12-4: Changing a default port to help secure a system.FIGURE 12-5: Using a firewall allows you to monitor access in and out.FIGURE 12-6: Antivirus software is still an effective way to protect devices fr...FIGURE 12-7: Finding SMB issues on the network with Nessus.FIGURE 12-8: Use encryption such as SSL.FIGURE 12-9: Saving copies of logs in case a hacker interferes.
13 Chapter 13FIGURE 13-1: The pen testing and retesting processes are very similar.FIGURE 13-2: Prioritizing retesting tasks with a tier system.FIGURE 13-3: My updated documentation to reference during the retest.FIGURE 13-4: Using Nessus to find ways to reduce risks in web architecture.FIGURE 13-5: Mapping a network and finding new problems.FIGURE 13-6: Using Nmap to exploit NTP.
14 Chapter 14FIGURE 14-1: A sample metric of cyber threats and their growth. FIGURE 14-2: Wireshark’s bug fix list.FIGURE 14-3: A schedule of tests.
15 Chapter 15FIGURE 15-1: Using Kali and VMware virtualization.FIGURE 15-2: Using a plan B alternative.FIGURE 15-3: Creating a viable lab.
16 Chapter 16FIGURE 16-1: SANS.org.FIGURE 16-2: The GIAC GPEN certification.FIGURE 16-3: The top ten application risks on the Open Web Application Security...FIGURE 16-4: Downloading Nessus.FIGURE 16-5: Gain access to Kali.
Guide
1 Cover
2 Table of Contents
Pages
1 iii
2 iv
3 1
4 2