Penetration Testing Bootcamp

Sharpen your pentesting skill in a bootcamp
Preview in Mapt
Code Files

Penetration Testing Bootcamp

Jason Beltrame

3 customer reviews
Sharpen your pentesting skill in a bootcamp
Mapt Subscription
FREE
$29.99/m after trial
eBook
$25.20
RRP $35.99
Save 29%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$25.20
$44.99
$29.99 p/m after trial
RRP $35.99
RRP $44.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Penetration Testing Bootcamp Book Cover
Penetration Testing Bootcamp
$ 35.99
$ 25.20
Mastering Windows Penetration Testing Book Cover
Mastering Windows Penetration Testing
$ 39.99
$ 28.00
Buy 2 for $35.00
Save $40.98
Add to Cart

Book Details

ISBN 139781787288744
Paperback258 pages

Book Description

Penetration Testing Bootcamp delivers practical, learning modules in manageable chunks. Each chapter is delivered in a day, and each day builds your competency in Penetration Testing.

This book will begin by taking you through the basics and show you how to set up and maintain the C&C Server. You will also understand how to scan for vulnerabilities and Metasploit, learn how to setup connectivity to a C&C server and maintain that connectivity for your intelligence gathering as well as offsite processing. Using TCPDump filters, you will gain understanding of the sniffing and spoofing traffic. This book will also teach you the importance of clearing up the tracks you leave behind after the penetration test and will show you how to build a report from all the data obtained from the penetration test.

In totality, this book will equip you with instructions through rigorous tasks, practical callouts, and assignments to reinforce your understanding of penetration testing.

Table of Contents

Chapter 1: Planning and Preparation
Why does penetration testing take place?
Defining objectives with stakeholder questionnaires
Building the systems for the penetration test
Summary
Chapter 2: Information Gathering
Understanding the current environment
Where to look for information – checking out the toolbox!
Utilizing whois for information gathering
Enumerating DNS with dnsmap
Checking for a DNS BIND version
Probing the network with Nmap
Checking for DNS recursion with NSE
Fingerprinting systems with P0f
Firewall reconnaissance with Firewalk
Detecting a web application firewall
Protocol fuzzing with DotDotPwn
Using Netdiscover to find undocumented IPs
Enumerating your findings
Summary
Chapter 3: Setting up and maintaining the Command and Control Server
Command and control servers
Setting up secure connectivity
Automating evidence collection
Summary
Chapter 4: Vulnerability Scanning and Metasploit
Vulnerability scanning tools
Scanning techniques
OpenVAS
Getting started with OpenVAS
Performing scans against the environment
Getting started with Metasploit
Exploiting our targets with Metasploit
Understanding client-side attacks
Using BeEF for browser-based exploitation
Using SET for client-side exploitation
Summary
Chapter 5: Traffic Sniffing and Spoofing
Traffic sniffing tools and techniques
Understanding spoofing attacks
Ettercap
Intercepting SSL traffic with SSLsplit
Summary
Chapter 6: Password-based Attacks
Generating rainbow tables and wordlists
Cracking utilities
Social engineering experiments
Summary
Chapter 7: Attacks on the Network Infrastructure
attacks
Wireless-based attacks
Monitoring the airway with Kismet
Attacking WEP with wifite
Bluetooth probing
Physical security considerations
Summary
Chapter 8: Web Application Attacks
Manipulation by client-side testing
Infrastructure and design weaknesses
Identity-based testing
Chapter 9: Cleaning Up and Getting Out
Cleaning up any trails left behind
Summary
Chapter 10: Writing Up the Penetration Testing Report
Gathering all your data
Building the report
Delivering the report
Summary

What You Will Learn

  • Perform different attacks such as MiTM, and bypassing SSL encryption
  • Crack passwords and wireless network keys with brute-forcing and wordlists
  • Test web applications for vulnerabilities
  • Use the Metasploit Framework to launch exploits and write your own Metasploit modules
  • Recover lost files, investigate successful hacks, and discover hidden data
  • Write organized and effective penetration testing reports

Authors

Table of Contents

Chapter 1: Planning and Preparation
Why does penetration testing take place?
Defining objectives with stakeholder questionnaires
Building the systems for the penetration test
Summary
Chapter 2: Information Gathering
Understanding the current environment
Where to look for information – checking out the toolbox!
Utilizing whois for information gathering
Enumerating DNS with dnsmap
Checking for a DNS BIND version
Probing the network with Nmap
Checking for DNS recursion with NSE
Fingerprinting systems with P0f
Firewall reconnaissance with Firewalk
Detecting a web application firewall
Protocol fuzzing with DotDotPwn
Using Netdiscover to find undocumented IPs
Enumerating your findings
Summary
Chapter 3: Setting up and maintaining the Command and Control Server
Command and control servers
Setting up secure connectivity
Automating evidence collection
Summary
Chapter 4: Vulnerability Scanning and Metasploit
Vulnerability scanning tools
Scanning techniques
OpenVAS
Getting started with OpenVAS
Performing scans against the environment
Getting started with Metasploit
Exploiting our targets with Metasploit
Understanding client-side attacks
Using BeEF for browser-based exploitation
Using SET for client-side exploitation
Summary
Chapter 5: Traffic Sniffing and Spoofing
Traffic sniffing tools and techniques
Understanding spoofing attacks
Ettercap
Intercepting SSL traffic with SSLsplit
Summary
Chapter 6: Password-based Attacks
Generating rainbow tables and wordlists
Cracking utilities
Social engineering experiments
Summary
Chapter 7: Attacks on the Network Infrastructure
attacks
Wireless-based attacks
Monitoring the airway with Kismet
Attacking WEP with wifite
Bluetooth probing
Physical security considerations
Summary
Chapter 8: Web Application Attacks
Manipulation by client-side testing
Infrastructure and design weaknesses
Identity-based testing
Chapter 9: Cleaning Up and Getting Out
Cleaning up any trails left behind
Summary
Chapter 10: Writing Up the Penetration Testing Report
Gathering all your data
Building the report
Delivering the report
Summary

Book Details

ISBN 139781787288744
Paperback258 pages
Read More
From 3 reviews

Read More Reviews

Recommended for You

Statistics for Machine Learning Book Cover
Statistics for Machine Learning
$ 39.99
$ 28.00
Linux: Powerful Server Administration Book Cover
Linux: Powerful Server Administration
$ 79.99
$ 56.00
Metasploit for Beginners Book Cover
Metasploit for Beginners
$ 27.99
$ 19.60
Metasploit Bootcamp Book Cover
Metasploit Bootcamp
$ 35.99
$ 25.20
Mastering Windows Penetration Testing Book Cover
Mastering Windows Penetration Testing
$ 39.99
$ 28.00
Metasploit Wireless Penetration Testing Book Cover
Metasploit Wireless Penetration Testing
$ 35.99
$ 25.20