Advanced Penetration Testing for HighlySecured Environments 2/e

Lee Allen, Kevin Cardwell

  • 出版商: Packt Publishing
  • 出版日期: 2016-03-31
  • 售價: $2,550
  • 貴賓價: 9.5$2,423
  • 語言: 英文
  • 頁數: 428
  • 裝訂: Paperback
  • ISBN: 1784395811
  • ISBN-13: 9781784395810
  • 相關分類: Penetration-test
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments

About This Book

  • Learn how to build your own pentesting lab environment to practice advanced techniques
  • Customize your own scripts, and learn methods to exploit 32-bit and 64-bit programs
  • Explore a vast variety of stealth techniques to bypass a number of protections when penetration testing

Who This Book Is For

This book is for anyone who wants to improve their skills in penetration testing. As it follows a step-by-step approach, anyone from a novice to an experienced security tester can learn effective techniques to deal with highly secured environments.

Whether you are brand new or a seasoned expert, this book will provide you with the skills you need to successfully create, customize, and plan an advanced penetration test.

What You Will Learn

  • A step-by-step methodology to identify and penetrate secured environments
  • Get to know the process to test network services across enterprise architecture when defences are in place
  • Grasp different web application testing methods and how to identify web application protections that are deployed
  • Understand a variety of concepts to exploit software
  • Gain proven post-exploitation techniques to exfiltrate data from the target
  • Get to grips with various stealth techniques to remain undetected and defeat the latest defences
  • Be the first to find out the latest methods to bypass firewalls
  • Follow proven approaches to record and save the data from tests for analysis

In Detail

The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes.

The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration testing methodologies, and following this you will learn a step-by-step methodology of professional security testing, including stealth, methods of evasion, and obfuscation to perform your tests and not be detected!

The final challenge will allow you to create your own complex layered architecture with defences and protections in place, and provide the ultimate testing range for you to practice the methods shown throughout the book. The challenge is as close to an actual penetration test assignment as you can get!

Style and approach

The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and foot printing

商品描述(中文翻譯)

運用最先進的滲透測試技術和工具來建立高度安全的系統和環境

關於本書
- 學習如何建立自己的滲透測試實驗環境,以練習高級技術
- 自定義自己的腳本,並學習如何利用32位和64位程式
- 探索各種隱蔽技術,以繞過多種保護措施進行滲透測試

本書適合對滲透測試技能有興趣的任何人。由於本書採用逐步方法,無論是初學者還是經驗豐富的安全測試人員都可以學習有效的技術,應對高度安全的環境。

無論您是初學者還是經驗豐富的專家,本書都將為您提供所需的技能,成功地創建、自定義和計劃高級滲透測試。

您將學到什麼
- 一種逐步方法來識別和滲透安全環境
- 瞭解在部署防禦措施時如何測試企業架構中的網絡服務
- 掌握不同的網絡應用測試方法,以及如何識別已部署的網絡應用保護措施
- 理解各種利用軟體的概念
- 掌握證明過的後滲透技術,以從目標中洩漏數據
- 掌握各種隱蔽技術,保持不被檢測並擊敗最新的防禦措施
- 第一時間了解繞過防火牆的最新方法
- 遵循證明過的方法來記錄和保存測試數據以進行分析

詳細內容
防禦措施不斷改進並變得越來越普遍,但本書將為您提供一系列證明過的技術,以擊敗網絡上的最新防禦措施。其中包含的方法和技術將為您提供一套強大的最佳實踐工具,以提高滲透測試的成功率。

本書的過程和方法將為您提供成功的技術,並提供有關目標測試的所需信息的逐步指南。利用和後利用部分將為您提供所需的工具,讓您能夠根據工作範圍的要求進行測試。每章末尾的挑戰旨在考驗您,並提供真實世界的情境,以磨練和完善您的滲透測試技能。您將從回顧幾種廣受尊敬的滲透測試方法開始,然後學習專業安全測試的逐步方法,包括隱蔽、規避方法和混淆,以進行測試而不被檢測!

最後的挑戰將允許您創建自己的複雜分層架構,並設置防禦和保護措施,為您提供實踐本書中所示方法的最終測試範圍。這個挑戰是最接近實際滲透測試任務的!

風格和方法
本書按照標準的滲透測試階段從頭到尾進行,並提供逐步示例。本書全面介紹了滲透測試的期望、適當的範圍和計劃,以及列舉和足跡。