Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments (Azure 應用程式滲透測試:測試與保護部署的權威指南)
Matt Burrough
- 出版商: No Starch Press
- 出版日期: 2018-07-31
- 定價: $1,500
- 售價: 9.0 折 $1,350
- 語言: 英文
- 頁數: 216
- 裝訂: Paperback
- ISBN: 1593278632
- ISBN-13: 9781593278632
-
相關分類:
Microsoft Azure
-
相關翻譯:
Azure 雲端服務滲透測試攻防實務 (繁中版)
立即出貨
買這商品的人也買了...
相關主題
商品描述
A comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies large and small.
You'll learn how to:
-Find security issues related to multi-factor authentication and management certificates
-Make sense of Azure's services by using PowerShell commands to find IP addresses, administrative users, and firewall rules
-Discover security configuration errors that could lead to exploits against Azure storage and keys
-Uncover weaknesses in virtual machine settings that enable you to and acquire passwords, binaries, code, and settings files
-Penetrate networks by enumerating firewall rules
-Investigate specialized services like Azure Key Vault and Azure Websites
-Know when you might be caught by viewing logs and security events
Packed with real-world examples from the author's experience as a corporate penetration tester, sample scripts from pen-tests and "Defenders Tips" that explain how companies can reduce risk, Pentesting Azure Applications provides a clear overview of how to effectively perform security tests so that you can provide the most accurate assessments possible.
商品描述(中文翻譯)
《Pentesting Azure Applications》是一本全面指南,介紹如何對微軟Azure雲端服務進行滲透測試。Azure是一家廣受大大小小企業使用的熱門雲端運算服務提供商。
本書將教你如何:
- 尋找與多重身份驗證和管理憑證相關的安全問題
- 通過使用PowerShell命令來查找IP地址、管理使用者和防火牆規則,來理解Azure的服務
- 發現可能導致對Azure存儲和金鑰進行攻擊的安全配置錯誤
- 通過破解虛擬機器設置,獲取密碼、二進制文件、代碼和設置文件
- 通過列舉防火牆規則來滲透網絡
- 探索特殊服務,如Azure Key Vault和Azure網站
- 通過查看日誌和安全事件來了解何時可能被發現
本書充滿了作者作為企業滲透測試人員的實際經驗,包含了來自滲透測試的示例腳本和“防守者提示”,解釋了企業如何降低風險。《Pentesting Azure Applications》提供了對如何有效進行安全測試的清晰概述,以便您能夠提供最準確的評估。
目錄大綱
Chapter 1: Preparation
Chapter 2: Access Methods
Chapter 3: Reconnaissance
Chapter 4: Examining Storage
Chapter 5: Targeting Virtual Machines
Chapter 6: Investigating Networks
Chapter 7: Other Azure Services
Chapter 8: Monitoring, Logs, and Alerts
Glossary
目錄大綱(中文翻譯)
第一章:準備工作
第二章:存取方法
第三章:偵察
第四章:檢查儲存
第五章:針對虛擬機器
第六章:調查網路
第七章:其他 Azure 服務
第八章:監控、日誌和警示
詞彙表