PowerShell for Penetration Testing: Explore the capabilities of PowerShell for pentesters across multiple platforms
Blyth, Andrew, Murray, Campbell
- 出版商: Packt Publishing
- 出版日期: 2024-05-24
- 售價: $1,950
- 貴賓價: 9.5 折 $1,853
- 語言: 英文
- 頁數: 298
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1835082459
- ISBN-13: 9781835082454
-
相關分類:
Powershell
立即出貨 (庫存=1)
買這商品的人也買了...
-
$880$695
相關主題
商品描述
A practical guide to vulnerability assessment and mitigation with PowerShell
Key Features
- Leverage PowerShell's unique capabilities at every stage of the Cyber Kill Chain, maximizing your effectiveness
- Perform network enumeration techniques and exploit weaknesses with PowerShell's built-in and custom tools
- Learn how to conduct penetration testing on Microsoft Azure and AWS environments
- Purchase of the print or Kindle book includes a free PDF eBook
Book Description
PowerShell for Penetration Testing is a comprehensive guide designed to equip you with the essential skills you need for conducting effective penetration tests using PowerShell.
You'll start by laying a solid foundation by familiarizing yourself with the core concepts of penetration testing and PowerShell scripting. In this part, you'll get up to speed with the fundamental scripting principles and their applications across various platforms. You'll then explore network enumeration, port scanning, exploitation of web services, databases, and more using PowerShell tools. Hands-on exercises throughout the book will solidify your understanding of concepts and techniques. Extending the scope to cloud computing environments, particularly MS Azure and AWS, this book will guide you through conducting penetration tests in cloud settings, covering governance, reconnaissance, and networking intricacies. In the final part, post-exploitation techniques, including command-and-control structures and privilege escalation using PowerShell, will be explored. This section encompasses post-exploitation activities on both Microsoft Windows and Linux systems.
By the end of this book, you'll have covered concise explanations, real-world examples, and exercises that will help you seamlessly perform penetration testing techniques using PowerShell.
What you will learn
- Get up to speed with basic and intermediate scripting techniques in PowerShell
- Automate penetration tasks, build custom scripts, and conquer multiple platforms
- Explore techniques to identify and exploit vulnerabilities in network services using PowerShell
- Access and manipulate web-based applications and services with PowerShell
- Find out how to leverage PowerShell for Active Directory and LDAP enumeration and exploitation
- Conduct effective pentests on cloud environments using PowerShell's cloud modules
Who this book is for
This book is for aspiring and intermediate pentesters as well as other cybersecurity professionals looking to advance their knowledge. Anyone interested in PowerShell scripting for penetration testing will also find this book helpful. A basic understanding of IT systems and some programming experience will help you get the most out of this book.
Table of Contents
- Introduction to Penetration Testing
- Programming Principles in Power Shell
- Network Services and DNS
- Network Enumeration and Port Scanning
- The WEB, REST and SOAP
- SMB, Active Directory, LDAP, and Kerberos
- Databases: MySQL, PostgreSQL and MSSQL
- Email Services: Exchange, SMTP, IMAP, and POP
- PowerShell and FTP, SFTP, SSH and TFTP
- Brute Forcing in PowerShell
- PowerShell and Remote Control and Administration
- Using PowerShell in Azure
- Using PowerShell in AWS
- Command and Control
- Post-Exploitation in Microsoft Windows
- Post-Exploitation in Microsoft Linux
商品描述(中文翻譯)
《PowerShell漏洞評估與緩解實用指南》
主要特點:
- 充分利用PowerShell在Cyber Kill Chain的每個階段的獨特能力,最大化您的效能
- 使用PowerShell的內建和自定義工具進行網絡枚舉技術和漏洞利用
- 學習如何在Microsoft Azure和AWS環境中進行滲透測試
- 購買印刷版或Kindle電子書,可獲得免費PDF電子書
書籍描述:
《PowerShell滲透測試》是一本全面指南,旨在為您提供使用PowerShell進行有效滲透測試所需的基本技能。
您將首先打下堅實的基礎,熟悉滲透測試和PowerShell腳本編寫的核心概念。在這一部分中,您將快速掌握基本腳本編寫原則及其在各種平台上的應用。然後,您將使用PowerShell工具探索網絡枚舉、端口掃描、Web服務、數據庫等漏洞利用。本書中的實踐練習將鞏固您對概念和技術的理解。將範圍擴展到雲計算環境,特別是MS Azure和AWS,本書將指導您在雲環境中進行滲透測試,涵蓋治理、偵察和網絡細節。在最後一部分中,將探討後期利用技術,包括使用PowerShell進行命令和控制結構以及特權升級。本節涵蓋了對Microsoft Windows和Linux系統的後期利用活動。
通過閱讀本書,您將獲得簡明的解釋、實際案例和練習,幫助您無縫地使用PowerShell進行滲透測試技術。
您將學到:
- 熟悉PowerShell的基本和中級腳本編寫技巧
- 自動化滲透任務,構建自定義腳本,攻克多個平台
- 探索使用PowerShell識別和利用網絡服務的技巧
- 使用PowerShell訪問和操作基於Web的應用程序和服務
- 了解如何利用PowerShell進行Active Directory和LDAP枚舉和利用
- 使用PowerShell的雲模塊在雲環境中進行有效的滲透測試
本書適合對滲透測試有興趣的初學者和中級滲透測試人員,以及其他希望提升其知識的網絡安全專業人員。對PowerShell腳本編寫進行滲透測試感興趣的任何人也會發現本書很有幫助。對IT系統有基本了解和一些編程經驗將有助於您充分利用本書的內容。
目錄:
1. 滲透測試簡介
2. PowerShell編程原則
3. 網絡服務和DNS
4. 網絡枚舉和端口掃描
5. Web、REST和SOAP
6. SMB、Active Directory、LDAP和Kerberos
7. 數據庫:MySQL、PostgreSQL和MSSQL
8. 電子郵件服務:Exchange、SMTP、IMAP和POP
9. PowerShell和FTP、SFTP、SSH和TFTP
10. PowerShell暴力破解
11. PowerShell遠程控制和管理
12. 在Azure中使用PowerShell
13. 在AWS中使用PowerShell
14. 命令和控制
15. Microsoft Windows中的後期利用
16. Microsoft Linux中的後期利用