Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide with this book and ebook.
Preview in Mapt
Code Files

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Lee Allen

1 customer reviews
Learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide with this book and ebook.
Mapt Subscription
FREE
$29.99/m after trial
eBook
$7.20
RRP $35.99
Save 79%
Print + eBook
$59.99
RRP $59.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$7.20
$59.99
$29.99 p/m after trial
RRP $35.99
RRP $59.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Book Cover
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
$ 35.99
$ 7.20
Advanced Penetration Testing for Highly-Secured Environments - Second Edition Book Cover
Advanced Penetration Testing for Highly-Secured Environments - Second Edition
$ 47.99
$ 10.00
Buy 2 for $17.20
Save $66.78
Add to Cart

Book Details

ISBN 139781849517744
Paperback414 pages

Book Description

The internet security field has grown by leaps and bounds over the last decade. Everyday more people around the globe gain access to the internet and not all of them with good intentions. The need for penetration testers has grown now that the security industryhas had time to mature. Simply running a vulnerability scanner is a thing of the past and is no longer an effective method of determining a business’s true security posture. Learn effective penetration testing skills so that you can effectively meet and manage the rapidly changing security needs of your company.

Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.

The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You'll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution.

Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more.

Table of Contents

Chapter 1: Planning and Scoping for a Successful Penetration Test
Introduction to advanced penetration testing
Before testing begins
Planning for action
Exploring BackTrack
Installing OpenOffice
Effectively manage your test results
Introduction to the Dradis Framework
Summary
Chapter 2: Advanced Reconnaissance Techniques
Introduction to reconnaissance
DNS recon
Gathering and validating domain and IP information
Using search engines to do your job for you
Summary
Chapter 3: Enumeration: Choosing Your Targets Wisely
Adding another virtual machine to our lab
Nmap — getting to know you
SNMP: A goldmine of information just waiting to be discovered
Creating network baselines with scanPBNJ
Enumeration avoidance techniques
Summary
Chapter 4: Remote Exploitation
Exploitation – Why bother?
Target practice – Adding a Kioptrix virtual machine
Manual exploitation
Getting files to and from victim machines
Passwords: Something you know…
Metasploit — learn it and love it
Summary
Chapter 5: Web Application Exploitation
Practice makes perfect
Detecting load balancers
Detecting Web Application Firewalls (WAF)
Taking on Level 3 – Kioptrix
Web Application Attack and Audit Framework (w3af)
Introduction to Mantra
Summary
Chapter 6: Exploits and Client-Side Attacks
Buffer overflows—A refresher
Introduction to fuzzing
Introducing vulnserver
Fuzzing tools included in BackTrck
Fast-Track
Social Engineering Toolkit
Summary
Chapter 7: Post-Exploitation
Rules of engagement
Data gathering, network analysis, and pillaging
Pivoting
Summary
Chapter 8: Bypassing Firewalls and Avoiding Detection
Lab preparation
Stealth scanning through the firewall
Now you see me, now you don't — Avoiding IDS
Blending in
Looking at traffic patterns
Cleaning up compromised hosts
Miscellaneous evasion techniques
Summary
Chapter 9: Data Collection Tools and Reporting
Record now — Sort later
Old school — The text editor method
Dradis framework for collaboration
The report
Challenge to the reader
Summary
Chapter 10: Setting Up Virtual Test Lab Environments
Why bother with setting up labs?
Keeping it simple
Adding complexity or emulating target environments
Summary
Chapter 11: Take the Challenge – Putting It All Together
The scenario
The setup
The challenge
The walkthrough
Reporting
Summary

What You Will Learn

  • Detailed step-by-step guidance on managing testing results and writing clearly organized and effective penetration testing reports
  • Properly scope your penetration test to avoid catastrophe
  • Understand in detail how the testing process works from start to finish, not just how to use specific tools
  • Use advanced techniques to bypass security controls and remain hidden while testing
  • Create a segmented virtual network with several targets, IDS and firewall
  • Generate testing reports and statistics
  • Advanced web application testing and exploitation
  • Perform an efficient, organized, and effective penetration test from start to finish

Authors

Table of Contents

Chapter 1: Planning and Scoping for a Successful Penetration Test
Introduction to advanced penetration testing
Before testing begins
Planning for action
Exploring BackTrack
Installing OpenOffice
Effectively manage your test results
Introduction to the Dradis Framework
Summary
Chapter 2: Advanced Reconnaissance Techniques
Introduction to reconnaissance
DNS recon
Gathering and validating domain and IP information
Using search engines to do your job for you
Summary
Chapter 3: Enumeration: Choosing Your Targets Wisely
Adding another virtual machine to our lab
Nmap — getting to know you
SNMP: A goldmine of information just waiting to be discovered
Creating network baselines with scanPBNJ
Enumeration avoidance techniques
Summary
Chapter 4: Remote Exploitation
Exploitation – Why bother?
Target practice – Adding a Kioptrix virtual machine
Manual exploitation
Getting files to and from victim machines
Passwords: Something you know…
Metasploit — learn it and love it
Summary
Chapter 5: Web Application Exploitation
Practice makes perfect
Detecting load balancers
Detecting Web Application Firewalls (WAF)
Taking on Level 3 – Kioptrix
Web Application Attack and Audit Framework (w3af)
Introduction to Mantra
Summary
Chapter 6: Exploits and Client-Side Attacks
Buffer overflows—A refresher
Introduction to fuzzing
Introducing vulnserver
Fuzzing tools included in BackTrck
Fast-Track
Social Engineering Toolkit
Summary
Chapter 7: Post-Exploitation
Rules of engagement
Data gathering, network analysis, and pillaging
Pivoting
Summary
Chapter 8: Bypassing Firewalls and Avoiding Detection
Lab preparation
Stealth scanning through the firewall
Now you see me, now you don't — Avoiding IDS
Blending in
Looking at traffic patterns
Cleaning up compromised hosts
Miscellaneous evasion techniques
Summary
Chapter 9: Data Collection Tools and Reporting
Record now — Sort later
Old school — The text editor method
Dradis framework for collaboration
The report
Challenge to the reader
Summary
Chapter 10: Setting Up Virtual Test Lab Environments
Why bother with setting up labs?
Keeping it simple
Adding complexity or emulating target environments
Summary
Chapter 11: Take the Challenge – Putting It All Together
The scenario
The setup
The challenge
The walkthrough
Reporting
Summary

Book Details

ISBN 139781849517744
Paperback414 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Instant Penetration Testing: Setting Up a Test Lab How-to Book Cover
Instant Penetration Testing: Setting Up a Test Lab How-to
$ 14.99
$ 10.00
The Professional ScrumMaster's Handbook Book Cover
The Professional ScrumMaster's Handbook
$ 29.99
$ 10.00
Raspberry Pi Home Automation with Arduino Book Cover
Raspberry Pi Home Automation with Arduino
$ 17.99
$ 3.60
Kali Linux - Assuring Security by Penetration Testing Book Cover
Kali Linux - Assuring Security by Penetration Testing
$ 26.99
$ 10.00
3D Printing Blueprints Book Cover
3D Printing Blueprints
$ 29.99
$ 6.00
HTML5 and CSS3 Responsive Web Design Cookbook Book Cover
HTML5 and CSS3 Responsive Web Design Cookbook
$ 26.99
$ 5.40