Advanced Penetration Testing for Highly-Secured Environments - Second Edition

Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments
Preview in Mapt
Code Files

Advanced Penetration Testing for Highly-Secured Environments - Second Edition

Lee Allen, Kevin Cardwell

1 customer reviews
Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments
Mapt Subscription
FREE
$29.99/m after trial
eBook
$33.60
RRP $47.99
Save 29%
Print + eBook
$59.99
RRP $59.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$33.60
$59.99
$29.99p/m after trial
RRP $47.99
RRP $59.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Advanced Penetration Testing for Highly-Secured Environments - Second Edition Book Cover
Advanced Penetration Testing for Highly-Secured Environments - Second Edition
$ 47.99
$ 33.60
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 7.20
Buy 2 for $24.70
Save $59.28
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781784395810
Paperback428 pages

Book Description

The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes.

The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration testing methodologies, and following this you will learn a step-by-step methodology of professional security testing, including stealth, methods of evasion, and obfuscation to perform your tests and not be detected!

The final challenge will allow you to create your own complex layered architecture with defences and protections in place, and provide the ultimate testing range for you to practice the methods shown throughout the book. The challenge is as close to an actual penetration test assignment as you can get!

Table of Contents

Chapter 1: Penetration Testing Essentials
Methodology defined
Example methodologies
Abstract methodology
Summary
Chapter 2: Preparing a Test Environment
Introducing VMware Workstation
Installing VMware Workstation
Network design
Understanding the default architecture
Creating the switches
Putting it all together
Summary
Chapter 3: Assessment Planning
Introducing advanced penetration testing
Before testing begins
Planning for action
Installing LibreOffice
Effectively managing your test results
Introduction to the Dradis framework
Summary
Chapter 4: Intelligence Gathering
Introducing reconnaissance
DNS recon
Gathering and validating domain and IP information
Using search engines to do your job for you
Creating network baselines with scanPBNJ
Summary
Chapter 5: Network Service Attacks
Configuring and testing our lab clients
Angry IP Scanner
Nmap – getting to know you
SNMP – a goldmine of information just waiting to be discovered
Network baselines with scanPBNJ
Enumeration avoidance techniques
Reader challenge
Summary
Chapter 6: Exploitation
Exploitation – why bother?
Manual exploitation
Getting files to and from victim machines
Passwords – something you know…
Metasploit – learn it and love it
Reader challenge
Summary
Chapter 7: Web Application Attacks
Practice makes perfect
Configuring pfSense
Detecting load balancers
Detecting web application firewalls (WAF)
Taking on Level 3 – Kioptrix
Web Application Attack and Audit framework (w3af)
Introduction to browser plugin HackBar
Reader challenge
Summary
Chapter 8: Exploitation Concepts
Buffer overflows – a refresher
64-bit exploitation
Introducing vulnserver
Fuzzing tools included in Kali
Social Engineering Toolkit
Fast-Track
Reader challenge
Summary
Chapter 9: Post-Exploitation
Rules of Engagement
Data gathering, network analysis, and pillaging
Pivoting
Reader challenge
Summary
Chapter 10: Stealth Techniques
Lab preparation
Stealth scanning through the firewall
Now you see me, now you don't – avoiding IDS
Blending in
PfSense SSH logs
Looking at traffic patterns
Cleaning up compromised hosts
Miscellaneous evasion techniques
Reader challenge
Summary
Chapter 11: Data Gathering and Reporting
Record now – sort later
Old school – the text editor method
Dradis framework for collaboration
The report
Reader challenge
Summary
Chapter 12: Penetration Testing Challenge
Firewall lab setup
The scenario
The virtual lab setup
The challenge
The walkthrough
Reporting
Summary

What You Will Learn

  • A step-by-step methodology to identify and penetrate secured environments
  • Get to know the process to test network services across enterprise architecture when defences are in place
  • Grasp different web application testing methods and how to identify web application protections that are deployed
  • Understand a variety of concepts to exploit software
  • Gain proven post-exploitation techniques to exfiltrate data from the target
  • Get to grips with various stealth techniques to remain undetected and defeat the latest defences
  • Be the first to find out the latest methods to bypass firewalls
  • Follow proven approaches to record and save the data from tests for analysis

Authors

Table of Contents

Chapter 1: Penetration Testing Essentials
Methodology defined
Example methodologies
Abstract methodology
Summary
Chapter 2: Preparing a Test Environment
Introducing VMware Workstation
Installing VMware Workstation
Network design
Understanding the default architecture
Creating the switches
Putting it all together
Summary
Chapter 3: Assessment Planning
Introducing advanced penetration testing
Before testing begins
Planning for action
Installing LibreOffice
Effectively managing your test results
Introduction to the Dradis framework
Summary
Chapter 4: Intelligence Gathering
Introducing reconnaissance
DNS recon
Gathering and validating domain and IP information
Using search engines to do your job for you
Creating network baselines with scanPBNJ
Summary
Chapter 5: Network Service Attacks
Configuring and testing our lab clients
Angry IP Scanner
Nmap – getting to know you
SNMP – a goldmine of information just waiting to be discovered
Network baselines with scanPBNJ
Enumeration avoidance techniques
Reader challenge
Summary
Chapter 6: Exploitation
Exploitation – why bother?
Manual exploitation
Getting files to and from victim machines
Passwords – something you know…
Metasploit – learn it and love it
Reader challenge
Summary
Chapter 7: Web Application Attacks
Practice makes perfect
Configuring pfSense
Detecting load balancers
Detecting web application firewalls (WAF)
Taking on Level 3 – Kioptrix
Web Application Attack and Audit framework (w3af)
Introduction to browser plugin HackBar
Reader challenge
Summary
Chapter 8: Exploitation Concepts
Buffer overflows – a refresher
64-bit exploitation
Introducing vulnserver
Fuzzing tools included in Kali
Social Engineering Toolkit
Fast-Track
Reader challenge
Summary
Chapter 9: Post-Exploitation
Rules of Engagement
Data gathering, network analysis, and pillaging
Pivoting
Reader challenge
Summary
Chapter 10: Stealth Techniques
Lab preparation
Stealth scanning through the firewall
Now you see me, now you don't – avoiding IDS
Blending in
PfSense SSH logs
Looking at traffic patterns
Cleaning up compromised hosts
Miscellaneous evasion techniques
Reader challenge
Summary
Chapter 11: Data Gathering and Reporting
Record now – sort later
Old school – the text editor method
Dradis framework for collaboration
The report
Reader challenge
Summary
Chapter 12: Penetration Testing Challenge
Firewall lab setup
The scenario
The virtual lab setup
The challenge
The walkthrough
Reporting
Summary

Book Details

ISBN 139781784395810
Paperback428 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Learning Linux Binary Analysis Book Cover
Learning Linux Binary Analysis
$ 35.99
$ 25.20
Python Machine Learning Book Cover
Python Machine Learning
$ 35.99
$ 25.20
Kali Linux Wireless Penetration Testing: Beginner's Guide Book Cover
Kali Linux Wireless Penetration Testing: Beginner's Guide
$ 35.99
$ 25.20
Learning Penetration Testing with Python Book Cover
Learning Penetration Testing with Python
$ 39.99
$ 28.00
Kali Linux Network Scanning Cookbook Book Cover
Kali Linux Network Scanning Cookbook
$ 30.99
$ 21.70
Practical Linux Security Cookbook Book Cover
Practical Linux Security Cookbook
$ 35.99
$ 25.20