What this book covers_BackTrack 4: Assuring Security by Penetration Testing-QQ阅读男生都市网

上QQ阅读APP看书，第一时间看更新

What this book covers

Chapter 1, Beginning with BackTrack, introduces you to BackTrack, a Live DVD Linux distribution, specially developed to help in the penetration testing process. You will learn a brief history of BackTrack and its manifold functionalities. Next, you will learn about how to get, install, configure, update, and add additional tools in your BackTrack environment. At the end of this chapter, you will discover how to create a customized BackTrack to suit your own needs.

Chapter 2, Penetration Testing Methodology, discusses the basic concepts, rules, practices, methods, and procedures that constitute a defined process for a penetration testing program. You will learn about making a clear distinction between two well-known types of penetration testing, Black-Box and White-Box. The differences between vulnerability assessment and penetration testing will also be analyzed. You will also learn about several security testing methodologies and their core business functions, features, and benefits. These include OSSTMM, ISSAF, OWASP, and WASC-TC. Thereafter, you will learn about an organized BackTrack testing process incorporated with ten consecutive steps to conduct a penetration testing assignment from ethical standpoint.

Chapter 3, Target Scoping, covers a scope process to provide necessary guidelines on formalizing the test requirements. A scope process will introduce and describe each factor that builds a practical roadmap towards test execution. This process integrates several key elements, such as gathering client requirements, preparing a test plan, profiling test boundaries, defining business objectives, and project management and scheduling. You will learn to acquire and manage the information about the target's test environment.

Chapter 4, Information Gathering, lands you in the information gathering phase. You will learn several tools and techniques that can be used to gather metadata from various types of documents, extract DNS information, collect routing information, and moreover perform active and passive intelligence gathering. You will also learn a tool that is very useful in documenting and organizing the information that has been collected about the target.

Chapter 5, Target Discovery, discusses the process of discovering and fingerprinting your target. You will learn the key purpose of discovering the target and the tools that can assist you in identifying the target machines. Before the end of this chapter you will also learn about several tools that can be used to perform OS fingerprinting.

Chapter 6, Enumerating Target, introduces you to the target enumeration process and its purpose. You will learn what port scanning is, various types of port scanning, and the number of tools required to carry out a port scanning operation. You will also learn about mapping the open services to their desired ports.

Chapter 7, Vulnerability Mapping, discusses two generic types of vulnerabilities, local and remote. You will get insights of vulnerability taxonomy, pointing to industry standards that can be used to classify any vulnerability according to its unifying commonality pattern. Additionally, you will learn a number of security tools that can assist in finding and analyzing the security vulnerabilities present in a target environment. These include OpenVAS, Cisco, Fuzzing, SMB, SNMP, and web application analysis tools.

Chapter 8, Social Engineering, covers some core principles and practices adopted by professional social engineers to manipulate humans into divulging information or performing an act. You will learn some of these basic psychological principles that formulate the goals and vision of a social engineer. You will also learn about the attack process and methods of social engineering, followed by real-world examples. In the end of the chapter, you will be given hands-on exercises about two well-known technology-assisted social engineering tools that can assist in evaluating the target's human infrastructure.

Chapter 9, Target Exploitation, highlights the practices and tools that can be used to conduct real-world exploitation. The chapter will explain what areas of vulnerability research are crucial in order to understand, examine, and test the vulnerability. Additionally, it will also point out several exploit repositories that should help to keep you informed about the publicly available exploits and when to use them. You will also learn to use one of the infamous exploitation toolkits from a target evaluation perspective. Moreover, you will discover the steps for writing a simple exploit module for Metasploit Framework.

Chapter 10, Privilege Escalation, covers the tools and techniques for escalating privileges, network sniffing and spoofing. You will learn the tools required to attack password protection in order to elevate the privileges. You will also learn about the tools that can be used to sniff the network traffic. In the last part of this chapter, you will discover several tools that can be handy in launching the spoofing attacks.

Chapter 11, Maintaining Access, introduces the most significant tools for protocol tunneling, proxies, and end-to-end communication. These tools are helpful to create a covert channel between the attacker and the victims machine.

Chapter 12, Documentation and Reporting, covers the penetration testing directives for documentation, report preparation, and presentation. These directives draw a systematic, structured, and consistent way to develop the test report. Furthermore, you will learn about the process of results verification, types of reports, presentation guidelines, and the post testing procedures.

Appendix A, Supplementary Tools, describes several additional tools that can be used for the penetration testing job.

Appendix B, Key Resources, explains the various key resources.