Learn Ethical Hacking from Scratch: Your stepping stone to penetration testing
Zaid Sabih
- 出版商: Packt Publishing
- 出版日期: 2018-07-31
- 定價: $1,520
- 售價: 8.0 折 $1,216
- 語言: 英文
- 頁數: 564
- 裝訂: Paperback
- ISBN: 1788622057
- ISBN-13: 9781788622059
-
相關分類:
Scratch、駭客 Hack
立即出貨 (庫存=1)
相關主題
商品描述
Learn how to hack systems like black hat hackers and secure them like security experts
Key Features
- Understand how computer systems work and their vulnerabilities
- Exploit weaknesses and hack into machines to test their security
- Learn how to secure systems from hackers
Book Description
This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices.
Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections.
The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.
What you will learn
- Understand ethical hacking and the different fields and types of hackers
- Set up a penetration testing lab to practice safe and legal hacking
- Explore Linux basics, commands, and how to interact with the terminal
- Access password-protected networks and spy on connected clients
- Use server and client-side attacks to hack and control remote computers
- Control a hacked system remotely and use it to hack other systems
- Discover, exploit, and prevent a number of web application vulnerabilities such as XSS and SQL injections
Who this book is for
Learning Ethical Hacking from Scratch is for anyone interested in learning how to hack and test the security of systems like professional hackers and security experts.
Table of Contents
- Introduction
- Setting up The Lab
- Linux Basics
- Network Penetration Testing
- Network Penetration Testing - Pre Connection Attacks
- Network Penetration Testing - Gaining Access (WEP/WPA/WPA2 Cracking)
- Post Connection Attacks
- Man-in-the-middle Attacks
- Network Penetration Testing - Detection & Security
- Gaining Access to Computer Devices
- Scanning vulnerabilities using Tools
- Client Side Attacks
- Client Side Attacks - Social Engineering
- Attack and Detect Trojans with BeEF
- Attacks Outside The Local Network
- Post Exploitation
- Website Penetration Testing
- Website Pentesting - Information Gathering
- File Upload, Code Execution & File Inclusion Vulns
- SQL Injection Vulnerabilities
- Cross Site Scripting Vulnerabilities
- Website Pentesting - Discovering Vulnerabilities Automatically Using OWASP ZAP
商品描述(中文翻譯)
學習如何像黑帽駭客一樣入侵系統,並像安全專家一樣保護它們的關鍵特點:
- 瞭解電腦系統的運作方式及其弱點
- 利用弱點入侵機器以測試其安全性
- 學習如何保護系統免受駭客攻擊
書籍描述:
本書從道德駭客的基礎知識開始,教授如何安全合法地進行駭客實踐,以及如何安裝和操作Kali Linux和Linux終端。您將探索網絡駭客技術,了解如何測試有線和無線網絡的安全性。您還將學習如何破解任何Wi-Fi網絡的密碼(無論是使用WEP、WPA還是WPA2),並監視連接的設備。
接下來,您將發現如何使用客戶端和服務器端攻擊來獲取對遠程計算機系統的訪問權限。您還將掌握後期利用技術,包括遠程控制和操作您入侵的系統。在本書的最後,您將能夠學習網絡應用程式駭客技術,並發現、利用和預防多種網站漏洞,如XSS和SQL注入。
本書介紹的攻擊技術是針對真實系統的實用技巧,僅供教育目的使用。在每個章節的結尾,您將學習如何檢測、預防和保護系統免受這些攻擊。
您將學到什麼:
- 瞭解道德駭客和不同領域和類型的駭客
- 建立一個測試安全和合法駭客實驗室
- 探索Linux基礎知識、命令和如何操作終端
- 存取受密碼保護的網絡並監視連接的客戶端
- 使用服務器端和客戶端攻擊來駭入和控制遠程計算機
- 遠程控制被駭入的系統並使用它來駭入其他系統
- 發現、利用和預防多種網絡應用程式漏洞,如XSS和SQL注入
本書適合對學習如何像專業駭客和安全專家一樣駭入和測試系統感興趣的任何人。
目錄:
1. 簡介
2. 設置實驗室
3. Linux基礎知識
4. 網絡滲透測試
5. 網絡滲透測試-連接前攻擊
6. 網絡滲透測試-獲取訪問權限(WEP/WPA/WPA2破解)
7. 連接後攻擊
8. 中間人攻擊
9. 網絡滲透測試-檢測和安全
10. 獲取對計算機設備的訪問權限
11. 使用工具掃描漏洞
12. 客戶端攻擊
13. 客戶端攻擊-社交工程
14. 使用BeEF攻擊和檢測木馬
15. 在本地網絡之外進行攻擊
16. 後期利用
17. 網站滲透測試
18. 網站滲透測試-信息收集
19. 文件上傳、代碼執行和文件包含漏洞
20. SQL注入漏洞
21. 跨站腳本漏洞
22. 網站滲透測試-使用OWASP ZAP自動發現漏洞