登入選單
返回Google圖書搜尋
The Art of Network Penetration Testing
註釋The Art of Network Penetration Testing is a guide to simulating an internal security breach. You’ll take on the role of the attacker and work through every stage of a professional pentest, from information gathering to seizing control of a system and owning the network.

Summary
Penetration testing is about more than just getting through a perimeter firewall. The biggest security threats are inside the network, where attackers can rampage through sensitive data by exploiting weak access controls and poorly patched software. Designed for up-and-coming security professionals, The Art of Network Penetration Testing teaches you how to take over an enterprise network from the inside. It lays out every stage of an internal security assessment step-by-step, showing you how to identify weaknesses before a malicious invader can do real damage.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the technology
Penetration testers uncover security gaps by attacking networks exactly like malicious intruders do. To become a world-class pentester, you need to master offensive security concepts, leverage a proven methodology, and practice, practice, practice. Th is book delivers insights from security expert Royce Davis, along with a virtual testing environment you can use to hone your skills.

About the book
The Art of Network Penetration Testing is a guide to simulating an internal security breach. You’ll take on the role of the attacker and work through every stage of a professional pentest, from information gathering to seizing control of a system and owning the network. As you brute force passwords, exploit unpatched services, and elevate network level privileges, you’ll learn where the weaknesses are—and how to take advantage of them.

What's inside

Set up a virtual pentest lab
Exploit Windows and Linux network vulnerabilities
Establish persistent re-entry to compromised targets
Detail your findings in an engagement report

About the reader
For tech professionals. No security experience required.

About the author
Royce Davis has orchestrated hundreds of penetration tests, helping to secure many of the largest companies in the world.

Table of Contents

1 Network Penetration Testing

PHASE 1 - INFORMATION GATHERING

2 Discovering network hosts

3 Discovering network services

4 Discovering network vulnerabilities

PHASE 2 - FOCUSED PENETRATION

5 Attacking vulnerable web services

6 Attacking vulnerable database services

7 Attacking unpatched services

PHASE 3 - POST-EXPLOITATION AND PRIVILEGE ESCALATION

8 Windows post-exploitation

9 Linux or UNIX post-exploitation

10 Controlling the entire network

PHASE 4 - DOCUMENTATION

11 Post-engagement cleanup

12 Writing a solid pentest deliverable