Upload
anupam-tiwari
View
115
Download
2
Embed Size (px)
DESCRIPTION
“The Basics Hacking and Penetration Testing” teaches how to scan, test, hack and secure own security systems. Intensive virtual lab demos provide in-depth noesis and practical experience using their existing security system. The book apprises students in foot printing and reconnaissance before swopping gears to the hacking & defense of wireless devices, modems, web servers and web applications. The book is elementary and to the point, written in a really free and comfortable manner, it efficaciously explains all the phases of the pen testing process and introduces a great variety of helpful tools used by the great majority of professionals in this field.The best thing is that each tool discussed in the book is open source and freely available on the internet.
Citation preview
Anupam Tiwari
Book Name
The basics of Hacking & Penetration Testing
Author Patrick Engebretson
Technical Editor James Broad
Publisher Syngress
Pages 169
About the Book
Who is this Author ?
Dr Patrick Engebretson
Doctor of Science Degree with spl in Info Sec
Dakota State University
Asst Professor of Info Assurance
Senior Penetration Tester
Research ON penetration testing, hacking & malware
Why did I choose this Book?Webinar in 2008 Apr conducted by Microsoft
Book published in 2011
Complimentary Copy
My own interest
Very Easy to assimilate and understandMost of IT is Based on Open Source
Who is the Intended Audience?New to HACKING ?
No experience ?
Frustrated ?
Expand Knowledge
Interested in Computer Security
Not sure where to begin?
Zero entry Hacking
How is the Book Different from rest ?
Quality of Text
Will not make you go haywire
Based on Open source
Precise and to the point - 169
Zero Entry
Tools with screen shots
Creates and Solves Challenges
CHAPTERSCHAPTER NAME OF CHAPTER PAGES
CHAPTER 1 What is Penetration Testing? 1
CHAPTER 2 Reconnaissance 15
CHAPTER 3 Scanning 43
CHAPTER 4 Exploitation 65
CHAPTER 5 Web Based Exploitation 107
CHAPTER 6 Maint Access with Back Doors & RootKits 127
CHAPTER 7 Wrapping up 145
What is Penetration Testing ?
Sandboxed Environment
PRACTISE &
INTRO
4 STEP METHODOLGY
RECONNAISSANCE
EXAMPLES & PRACTICALS
EXPLOITATION
RECONNAISSANCE
HTTrackGOOGLE
DIRECTIVES
HARVESTER NETCRAFT HOST METAGooF
I
GOOGLE FU• Strong • Search
Engine Directives
SEAT• Search
Engine Assessment Tool
• SEAT
JOHNNY LONG• Single
Repository• Most
Feared Google Hack
PATREVA’s MALETEGO• Aggregates
info from public data base
SCANNING
BRIEF OVER VIEW OF PINGS &
PING SWEEPS
PORTsVULNERABI
LITY
EXPLOITATION
• Remote services
MEDUSA
• Hugh jackman style
METASPOLIT
• Security Testing
FAST TRACK AUTOPWN
WEB BASED EXPLOITATION
MAINT ACCESS
• Data across Network Connections
• Networking utility
• Remotely Controlling
• Lightweight version of netcat• Rootkit battle
NETCAT NETBUS
CRYPTCATHACKER DEFENDER
WRAPPING UP
WRAPPING UP THE PEN TEST
WRAP UPPEN TEST REPORT
EXEC SUMMAR
Y
RAW OUTPUT
TRUE CRYPT