Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits (Pearson IT Cybersecurity Curriculum (ITCC))

William (Chuck) Easttom II

買這商品的人也買了...

商品描述

The perfect introduction to pen testing for all IT professionals and students

 

·         Clearly explains key concepts, terminology, challenges, tools, and skills

·         Covers the latest penetration testing standards from NSA, PCI, and NIST

 

Welcome to today’s most useful and practical introduction to penetration testing. Chuck Easttom brings together up-to-the-minute coverage of all the concepts, terminology, challenges, and skills you’ll need to be effective.

 

Drawing on decades of experience in cybersecurity and related IT fields, Easttom integrates theory and practice, covering the entire penetration testing life cycle from planning to reporting.

 

You’ll gain practical experience through a start-to-finish sample project relying on free open source tools. Throughout, quizzes, projects, and review sections deepen your understanding and help you apply what you’ve learned.

 

Including essential pen testing standards from NSA, PCI, and NIST, Penetration Testing Fundamentals will help you protect your assets–and expand your career options.

 

LEARN HOW TO

·         Understand what pen testing is and how it’s used

·         Meet modern standards for comprehensive and effective testing

·         Review cryptography essentials every pen tester must know

·         Perform reconnaissance with Nmap, Google searches, and ShodanHq

·         Use malware as part of your pen testing toolkit

·         Test for vulnerabilities in Windows shares, scripts, WMI, and the Registry

·         Pen test websites and web communication

·         Recognize SQL injection and cross-site scripting attacks

·         Scan for vulnerabilities with OWASP ZAP, Vega, Nessus, and MBSA

·         Identify Linux vulnerabilities and password cracks

·         Use Kali Linux for advanced pen testing

·         Apply general hacking technique ssuch as fake Wi-Fi hotspots and social engineering

·         Systematically test your environment with Metasploit

·         Write or customize sophisticated Metasploit exploits

 

商品描述(中文翻譯)

這是一本針對所有IT專業人員和學生的完美滲透測試入門指南。

清楚解釋了關鍵概念、術語、挑戰、工具和技能。

涵蓋了來自NSA、PCI和NIST的最新滲透測試標準。

歡迎來到今天最有用和實用的滲透測試入門指南。Chuck Easttom匯集了最新的涵蓋所有概念、術語、挑戰和技能的內容,讓您能夠有效地進行滲透測試。

Easttom在資安和相關IT領域擁有數十年的經驗,將理論與實踐相結合,從計劃到報告,涵蓋了整個滲透測試的生命週期。

通過一個從頭到尾的示例項目,您將獲得實際經驗,並依賴於免費開源工具。在整個過程中,測驗、項目和回顧部分將加深您的理解,並幫助您應用所學。

包括來自NSA、PCI和NIST的基本滲透測試標準,《滲透測試基礎》將幫助您保護資產,並擴展您的職業選擇。

學習如何:

- 瞭解滲透測試的定義和用途
- 符合全面和有效測試的現代標準
- 審查每個滲透測試人員必須瞭解的加密基礎知識
- 使用Nmap、Google搜索和ShodanHq進行偵察
- 將惡意軟件作為滲透測試工具的一部分
- 測試Windows共享、腳本、WMI和註冊表的漏洞
- 測試網站和網絡通信的漏洞
- 識別SQL注入和跨站腳本攻擊
- 使用OWASP ZAP、Vega、Nessus和MBSA掃描漏洞
- 識別Linux漏洞和破解密碼
- 使用Kali Linux進行高級滲透測試
- 應用一般的黑客技巧,如假Wi-Fi熱點和社交工程
- 使用Metasploit系統地測試您的環境
- 編寫或自定義複雜的Metasploit攻擊