Professional Penetration Testing: Creating and Learning in a Hacking Lab, Third Edition walks the reader through the entire process of setting up and running a pen test lab. Penetration testing-the act of testing a computer network to find security vulnerabilities before they are maliciously exploited-is a crucial component of information security in any organization. Chapters cover planning, metrics, and methodologies, the details of running a pen test, including identifying and verifying vulnerabilities, and archiving, reporting and management practices. The material presented will be useful…mehr
Professional Penetration Testing: Creating and Learning in a Hacking Lab, Third Edition walks the reader through the entire process of setting up and running a pen test lab. Penetration testing-the act of testing a computer network to find security vulnerabilities before they are maliciously exploited-is a crucial component of information security in any organization. Chapters cover planning, metrics, and methodologies, the details of running a pen test, including identifying and verifying vulnerabilities, and archiving, reporting and management practices. The material presented will be useful to beginners through advanced practitioners. Here, author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book, the reader can benefit from his years of experience as a professional penetration tester and educator. After reading this book, the reader will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios. "...this is a detailed and thorough examination of both the technicalities and the business of pen-testing, and an excellent starting point for anyone getting into the field." -Network SecurityHinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst, Russian Linguist, and a Cryptanalyst. His expertise in the field of Information Security has led him to speak at prominent security conferences across the United States, including DefCon, HOPE, and CSI. Thomas has contributed significantly to the field of professional penetration testing and information security. In his capacity as both a practice director and a managing director, he has played a pivotal role in executing offensive and defensive security initiatives for Fortune 100 companies and leading research and tool development that has influenced the security industry. Presently, he serves as a managing director at Redstone Securities and possesses master's degrees in both Computer Science and Management. His influence also extends to education where he formerly held the position of Associate Professor at Colorado Technical University. Thomas has also written various publications, including magazines and books. Through Pentest.TV, he continues to provide advanced security training and has obtained numerous certifications over the years, including the ISSMP, CISSP, CCNP Security, AWS Cloud Solutions Architect, AWS Cloud Security Specialist, and multiple Solaris certifications as well.
Inhaltsangabe
1. Introduction 2. Ethics and Hacking 3. Picking your Pentesting Focus 4. Setting up your Labs 5. The Cyber Kill Chain 6. Reconnaissance 7. Weaponization 8. Delivery 9. Exploitation 10. Installation 11. Command & Control 12. Actions on Objectives 13. Targeting the Network 14. Web Application Attack Techniques 15. Cloud Testing 16. Reporting Results 17. Hacking as a Career
PART I - Setting Up Chapter 1: Introduction Chapter 2: Ethics and Hacking Chapter 3: Hacking as a Career Chapter 4: Setting up Your Lab Chapter 5: Creating and Using PenTest Targets in Your Lab Chapter 6: Methodologies Chapter 7: PenTest Metrics Chapter 8: Management of a PenTest
PART II - Running a PenTest Chapter 9: Information Gathering Chapter 10: Vulnerability Identification Chapter 11: Vulnerability Verification Chapter 12: Compromising a System and Privilege Escalation Chapter 13: Maintaining Access Chapter 14: Covering Your Tracks
PART III - Wrapping Everything Up Chapter 15: Reporting Results Chapter 16: Archiving Data Chapter 17: Cleaning Up Your Lab Chapter 18: Planning for Your Next PenTest
1. Introduction 2. Ethics and Hacking 3. Picking your Pentesting Focus 4. Setting up your Labs 5. The Cyber Kill Chain 6. Reconnaissance 7. Weaponization 8. Delivery 9. Exploitation 10. Installation 11. Command & Control 12. Actions on Objectives 13. Targeting the Network 14. Web Application Attack Techniques 15. Cloud Testing 16. Reporting Results 17. Hacking as a Career
PART I - Setting Up Chapter 1: Introduction Chapter 2: Ethics and Hacking Chapter 3: Hacking as a Career Chapter 4: Setting up Your Lab Chapter 5: Creating and Using PenTest Targets in Your Lab Chapter 6: Methodologies Chapter 7: PenTest Metrics Chapter 8: Management of a PenTest
PART II - Running a PenTest Chapter 9: Information Gathering Chapter 10: Vulnerability Identification Chapter 11: Vulnerability Verification Chapter 12: Compromising a System and Privilege Escalation Chapter 13: Maintaining Access Chapter 14: Covering Your Tracks
PART III - Wrapping Everything Up Chapter 15: Reporting Results Chapter 16: Archiving Data Chapter 17: Cleaning Up Your Lab Chapter 18: Planning for Your Next PenTest
Appendix A - Acronyms Appendix B - Definitions
Rezensionen
"...this is a detailed and thorough examination of both the technicalities and the business of pen-testing, and an excellent starting point for anyone getting into the field." --Network Security, March 2014
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/neu
