Оглавление
Robert Shimonski. Penetration Testing For Dummies
Penetration Testing For Dummies® To view this book's Cheat Sheet, simply go to www.dummies.com and search for “Penetration Testing For Dummies Cheat Sheet” in the Search box. Table of Contents
List of Tables
List of Illustrations
Guide
Pages
Introduction
About This Book
Foolish Assumptions
Icons Used in This Book
What You’re Not to Read
Where to Go from Here
Getting Started with Pen Testing
Understanding the Role Pen Testers Play in Security
Looking at Pen Testing Roles
Crowdsourced pen testers
In-house security pro
Security consultant
Getting Certified
Gaining the Basic Skills to Pen Test
TAKING A HOLISTIC VIEW OF SECURITY
Basic networking
General security technology
Systems infrastructure and applications
Mobile and cloud
Introducing Cybercrime
CROSSING THE LINE INTO CYBERTERRORISM AND CYBERWARFARE
What You Need to Get Started
Deciding How and When to Pen Test
Taking Your First Steps
An Overview Look at Pen Testing
The Goals of Pen Testing
Protecting assets
Identifying risk
Finding vulnerabilities
Scanning and assessing
Securing operations
DEFENSE IN DEPTH
Responding to incidents
Scanning Maintenance
Exclusions and ping sweeps
Patching
MOST SOFTWARE VENDORS RELEASE BUGGY CODE
Antivirus and other technologies
Compliance
Hacker Agenda
Hackivist
Script kiddie to elite
White hat
Grey hat
Black hat
Doing Active Reconnaissance: How Hackers Gather Intelligence
Gathering Your Tools
Considerations for Your Toolkit
Nessus
Wireshark
Kali Linux
Nmap
Understanding the Different Types of Pen Testing
Penetrate and Exploit
Understanding Vectors and the Art of Hacking
Examining Types of Penetration Attacks
Social engineering
Using Kali to combat social engineering
Preventing social engineering the non-tech way
Client-side and server-side attacks
Password cracking
Cryptology and Encryption
SSL/TLS
SSH
IPsec
Using Metasploit Framework and Pro
Assumption (Man in the Middle)
Toolkit Fundamentals
Burp Suite
Wireshark
Listening In to Collect Data
Address spoofing
Eavesdropping
Packet capture and analysis
Key loggers
Card skimmers
USB drives
Overwhelm and Disrupt (DoS/DDoS)
Toolkit Fundamentals
Kali
Kali T50 Mixed Packet Injector tool
Understanding Denial of Service (DoS) Attacks
Buffer Overflow Attacks
Fragmentation Attacks
Smurf Attacks
Tiny Packet Attacks
Xmas Tree Attacks
Destroy (Malware)
Toolkit Fundamentals
Antivirus software and other tools
Nessus
PHYSICAL SAFETY
Malware
Ransomware
Other Types of Destroy Attacks
Subvert (Controls Bypass)
Toolkit Fundamentals
Antivirus software and other tools
Nmap
Using Nmap to simulate subvert attacks
Putting Nmap to work
HOW TCP/IP WORKS
ETHICALLY CONDUCTING SUBVERT ATTACKS
Attack Vectors
Phishing
Spoofing
Malware
Using malware to find a way in
Bypassing AV software
Diving In: Preparations and Testing
Preparing for the Pen Test
Handling the Preliminary Logistics
Holding an initial meeting
Understanding everyone’s role
Setting expectations
Setting scope
BUILDING A TEST PLAN BASED ON GOALS
Gaining permission
Following change control
Keeping backups
Having documentation
Gathering Requirements
Reviewing past test results
Consulting the risk register
Coming Up with a Plan
Selecting a project or scan type
Selecting the tool(s)
CONSIDERATIONS BEFORE PEN TESTING
Having a Backout Plan
Conducting a Penetration Test
Attack!
Infiltration
Penetration
Exploitation
APT
Exfiltration (and success)
Next steps
Looking at the Pen Test from Inside
Documenting Your Every Move
Network mapping
Updating the risk register
Maintaining balance
Other Capture Methods and Vectors
Assessment
Infiltrate
Penetrate
Exploit
Exfiltrate
Prevention
Hardening
Active monitoring
Retesting
Devising best practices from lessons learned
Overwhelm and disrupt
Destroy
Subvert
Creating a Pen Test Report
Reporting
Structuring the Pen Test Report
Executive Summary
Tools, Methods, and Vectors
Detailed findings
Conclusion
Recommendations
Appendix/Appendices
Creating a Professional and Accurate Report
Be professional
Stay focused
Avoid false positives
Classify your data
Encourage staff awareness and training
Delivering the Report: Report Out Fundamentals
Updating the Risk Register
Making Recommendations
Understanding Why Recommendations Are Necessary
Seeing How Assessments Fit into Recommendations
Networks
General network hardening
Network segmentation
Internal network
Wired/wireless
External
Systems
Servers
Client-side
Infrastructure
Mobile
Cloud
General Security Recommendations: All Systems
Ports
Unneeded services
A patch schedule
Firewalls
AV software
Sharing resources
Encryption
More Recommendations
Segmentation and virtualization
Access control
Backups
Securing logs
Awareness and social engineering
Retesting
Looking at the Benefits of Retesting
Understanding the Reiterative Nature of Pen Testing and Retesting
Determining When to Retest
Choosing What to Retest
Consulting your documentation
Reviewing the report
Reviewing the risk register
Running a Pen Retest
The Part of Tens
Top Ten Myths About Pen Testing
All Forms of Ethical Hacking Are the Same
We Can’t Afford a Pen Tester
We Can’t Trust a Pen Tester
We Don’t Trust the Tools
Pen Tests Are Not Done Often
Pen Tests Are Only for Technical Systems
Contractors Can’t Make Great Pen Testers
Pen Test Tool Kits Must Be Standardized
Pen Testing Itself Is a Myth and Unneeded
Pen Testers Know Enough and Don’t Need to Continue to Learn
Ten Tips to Refine Your Pen Testing Skills
Continue Your Education
Build Your Toolkit
Think outside the Box
Think Like a Hacker
Get Involved
Use a Lab
Stay Informed
Stay Ahead of New Technologies
Build Your Reputation
Learn about Physical Security
Ten Sites to Learn More About Pen Testing
SANS Institute
GIAC Certifications
Software Engineering Institute
(Assorted) Legal Penetration Sites
Open Web Application Security Project
Tenable
Nmap
Wireshark
Dark Reading
Offensive Security
Index. A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
About the Author
Dedication
Acknowledgements
WILEY END USER LICENSE AGREEMENT
