BackTrack 4: Assuring Security by Penetration Testing

Master the art of penetration testing with BackTrack
Preview in Mapt
Code Files

BackTrack 4: Assuring Security by Penetration Testing

Shakeel Ali, Tedi Heriyanto

Master the art of penetration testing with BackTrack
Mapt Subscription
FREE
$29.99/m after trial
eBook
$10.00
RRP $29.99
Save 66%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$10.00
$49.99
$29.99 p/m after trial
RRP $29.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


BackTrack 4: Assuring Security by Penetration Testing Book Cover
BackTrack 4: Assuring Security by Penetration Testing
$ 29.99
$ 10.00
Mastering Windows Penetration Testing Book Cover
Mastering Windows Penetration Testing
$ 39.99
$ 10.00
Buy 2 for $20.00
Save $49.98
Add to Cart

Book Details

ISBN 139781849513944
Paperback392 pages

Book Description

BackTrack is a penetration testing and security auditing platform with advanced tools to identify, detect, and exploit any vulnerabilities uncovered in the target network environment. Applying appropriate testing methodology with defined business objectives and a scheduled test plan will result in robust penetration testing of your network.

BackTrack 4: Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating the cutting-edge hacker tools and techniques in a coherent step-by-step strategy. It offers all the essential lab preparation and testing procedures to reflect real-world attack scenarios from your business perspective in today's digital age.

The authors' experience and expertise enables them to reveal the industry's best approach for logical and systematic penetration testing.

The first and so far only book on BackTrack OS starts with lab preparation and testing procedures, explaining the basic installation and configuration set up, discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the BackTrack specific testing process. The authors discuss a number of security assessment tools necessary to conduct penetration testing in their respective categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, maintaining access, and reporting), following the formal testing methodology. Each of these tools is illustrated with real-world examples to highlight their practical usage and proven configuration techniques. The authors also provide extra weaponry treasures and cite key resources that may be crucial to any professional penetration tester.

This book serves as a single professional, practical, and expert guide to developing hardcore penetration testing skills from scratch. You will be trained to make the best use of BackTrack OS either in a commercial environment or an experimental test bed.

Table of Contents

Chapter 1: Beginning with BackTrack
History
BackTrack purpose
Getting BackTrack
Using BackTrack
Configuring network connection
Updating BackTrack
Installing additional weapons
Customizing BackTrack
Summary
Chapter 2: Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
BackTrack testing methodology
The ethics
Summary
Chapter 3: Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
Chapter 4: Information Gathering
Public resources
Document gathering
DNS information
Route information
Utilizing search engines
All-in-one intelligence gathering
Documenting the information
Summary
Chapter 5: Target Discovery
Introduction
Identifying the target machine
OS fingerprinting
Summary
Chapter 6: Enumerating Target
Port scanning
Service enumeration
VPN enumeration
Summary
Chapter 7: Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
Cisco analysis
Fuzzy analysis
SMB analysis
SNMP analysis
Web application analysis
Summary
Chapter 8: Social Engineering
Modeling human psychology
Attack process
Attack methods
Social Engineering Toolkit (SET)
Common User Passwords Profiler (CUPP)
Summary
Chapter 9: Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
Summary
Chapter 10: Privilege Escalation
Attacking the password
Network sniffers
Network spoofing tools
Summary
Chapter 11: Maintaining Access
Protocol tunneling
Proxy
End-to-end connection
Summary
Chapter 12: Documentation and Reporting
Documentation and results verification
Types of reports
Presentation
Post testing procedures
Summary

What You Will Learn

  • Initiate the BackTrack OS environment in your test lab by installing, configuring, running, and updating its core system components
  • Draw a formal BackTrack testing methodology
  • Scope your target with definitive test requirements, limitations, and business objectives, and schedule the test plan
  • Gain practical experience with a number of security tools from BackTrack logically divided into sub-categories of testing methodology
  • Practice the process of reconnaissance, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, and maintaining access to your target for evaluation purposes
  • Document, report, and present your verified test results to the relevant authorities in a formal reporting structure
  • Assess the various technologies comprising your target information system's environment, such as web applications, network administration servers, workstations, Cisco devices, firewalls, load balancers, routers, switches, intrusion detection and prevention devices, and many more
  • Examine and research the vulnerability in greater detail before attempting to exploit it by taking control of the target, thus reducing any false positives
  • Exploit human vulnerability by wrapping yourself with the art of deception to acquire the target

Authors

Table of Contents

Chapter 1: Beginning with BackTrack
History
BackTrack purpose
Getting BackTrack
Using BackTrack
Configuring network connection
Updating BackTrack
Installing additional weapons
Customizing BackTrack
Summary
Chapter 2: Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
BackTrack testing methodology
The ethics
Summary
Chapter 3: Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
Chapter 4: Information Gathering
Public resources
Document gathering
DNS information
Route information
Utilizing search engines
All-in-one intelligence gathering
Documenting the information
Summary
Chapter 5: Target Discovery
Introduction
Identifying the target machine
OS fingerprinting
Summary
Chapter 6: Enumerating Target
Port scanning
Service enumeration
VPN enumeration
Summary
Chapter 7: Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
Cisco analysis
Fuzzy analysis
SMB analysis
SNMP analysis
Web application analysis
Summary
Chapter 8: Social Engineering
Modeling human psychology
Attack process
Attack methods
Social Engineering Toolkit (SET)
Common User Passwords Profiler (CUPP)
Summary
Chapter 9: Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
Summary
Chapter 10: Privilege Escalation
Attacking the password
Network sniffers
Network spoofing tools
Summary
Chapter 11: Maintaining Access
Protocol tunneling
Proxy
End-to-end connection
Summary
Chapter 12: Documentation and Reporting
Documentation and results verification
Types of reports
Presentation
Post testing procedures
Summary

Book Details

ISBN 139781849513944
Paperback392 pages
Read More

Read More Reviews

Recommended for You

Instant Penetration Testing: Setting Up a Test Lab How-to Book Cover
Instant Penetration Testing: Setting Up a Test Lab How-to
$ 14.99
$ 10.00
Mobile First Design with HTML5 and CSS3 Book Cover
Mobile First Design with HTML5 and CSS3
$ 20.99
$ 10.00
Learn HTML5 by Creating Fun Games Book Cover
Learn HTML5 by Creating Fun Games
$ 29.99
$ 10.00
CoffeeScript Programming with jQuery, Rails, and Node.js Book Cover
CoffeeScript Programming with jQuery, Rails, and Node.js
$ 14.99
$ 10.00
HTML5 Boilerplate Web Development Book Cover
HTML5 Boilerplate Web Development
$ 14.99
$ 10.00
Instant PhpStorm Starter Book Cover
Instant PhpStorm Starter
$ 14.99
$ 10.00