Advanced Penetration Testing for Highly-Secured Environments: Edition 2

·
· Packt Publishing Ltd
Ebook
428
Pages

About this ebook

Employ the most advanced pentesting techniques and tools to build highly-secured systems and environmentsAbout This BookLearn how to build your own pentesting lab environment to practice advanced techniquesCustomize your own scripts, and learn methods to exploit 32-bit and 64-bit programsExplore a vast variety of stealth techniques to bypass a number of protections when penetration testingWho This Book Is For

This book is for anyone who wants to improve their skills in penetration testing. As it follows a step-by-step approach, anyone from a novice to an experienced security tester can learn effective techniques to deal with highly secured environments.

Whether you are brand new or a seasoned expert, this book will provide you with the skills you need to successfully create, customize, and plan an advanced penetration test.

What You Will LearnA step-by-step methodology to identify and penetrate secured environmentsGet to know the process to test network services across enterprise architecture when defences are in placeGrasp different web application testing methods and how to identify web application protections that are deployedUnderstand a variety of concepts to exploit softwareGain proven post-exploitation techniques to exfiltrate data from the targetGet to grips with various stealth techniques to remain undetected and defeat the latest defencesBe the first to find out the latest methods to bypass firewallsFollow proven approaches to record and save the data from tests for analysisIn Detail

The defences continue to improve and become more and more common, but this book will provide you with a number or proven techniques to defeat the latest defences on the networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing successes.

The processes and methodology will provide you techniques that will enable you to be successful, and the step by step instructions of information gathering and intelligence will allow you to gather the required information on the targets you are testing. The exploitation and post-exploitation sections will supply you with the tools you would need to go as far as the scope of work will allow you. The challenges at the end of each chapter are designed to challenge you and provide real-world situations that will hone and perfect your penetration testing skills. You will start with a review of several well respected penetration testing methodologies, and following this you will learn a step-by-step methodology of professional security testing, including stealth, methods of evasion, and obfuscation to perform your tests and not be detected!

The final challenge will allow you to create your own complex layered architecture with defences and protections in place, and provide the ultimate testing range for you to practice the methods shown throughout the book. The challenge is as close to an actual penetration test assignment as you can get!

Style and approach

The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and foot printing

About the author

Lee Allen is currently the vulnerability management program lead for one of the Fortune 500. Among many other responsibilities, he performs security assessments and penetration testing. Lee is very passionate and driven about the subject of penetration testing and security research. His journey into the exciting world of security began back in the 80s, while visiting BBSs with his trusty Commodore 64 and a room carpeted with 5 -inch floppy disks. Over the years, he has continued his attempts at remaining up to date with the latest and greatest in the security industry and the community. He has several industry certifications, including OSWP, and has been working in the IT industry for over 15 years. His hobbies include validating and reviewing proof-of-concept exploit code, programming, security research, attending security conferences, discussing technology, writing, and skiing. He lives in Ohio with his wife, Kellie, and their 6 children, Heather, Kristina, Natalie, Mason, Alyssa, and Seth.

Kevin Cardwell currently works as a freelance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities in the USA, Middle East, Africa, Asia and the UK. He is an instructor, technical editor, and author for computer forensics and hacking courses. He is the author of the Center for Advanced Security and Training (CAST) Advanced Network Defense and Advanced Penetration Testing courses. He is a technical editor of the Learning Tree course, Penetration Testing Techniques and Computer Forensics. He has presented at the Black Hat USA, Hacker Halted, ISSA, and TakeDownCon conferences, as well as many others. He has chaired the cybercrime and cyber defense summit in Oman and was the executive chairman of the oil and gas cyber defense summit. He is the author of Building Virtual Pentesting Labs for Advanced Penetration Testing and Backtrack – Testing Wireless Network Security. He holds a BS in computer science from National University in California and an MS in software engineering from the Southern Methodist University (SMU) in Texas. He developed the strategy and training development plan for the first Government CERT in the country of Oman, which was recently rated as the top CERT in the Middle East. He serves as a professional training consultant to the Oman Information Technology Authority and developed the team to man the first Commercial Security Operations Center in Oman. He has worked extensively with banks and financial institutions throughout the Middle East, Europe, and the UK in the planning of a robust and secure architecture and implementing requirements to meet compliance. He currently provides consultancy to commercial companies, governments, federal agencies, major banks, and financial institutions throughout the globe. Some of his recent consulting projects include the Muscat Securities Market (MSM), Petroleum Development Oman, and the Central Bank of Oman. He designed and implemented the custom security baseline for the existing Oman Airport Management Company (OAMC) airports and the two new airports opening in 2016. He created custom security baselines for all of the Microsoft Operating Systems, Cisco devices, and other applications as well.

Rate this ebook

Tell us what you think.

Reading information

Smartphones and tablets
Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.
Laptops and computers
You can listen to audiobooks purchased on Google Play using your computer's web browser.
eReaders and other devices
To read on e-ink devices like Kobo eReaders, you'll need to download a file and transfer it to your device. Follow the detailed Help Center instructions to transfer the files to supported eReaders.

More by Lee Allen

Kali Linux – Assuring Security by Penetration Testing
Lee Allen
Computers & technology
4.0
$28.99$17.84
Kali Linux 2018: Assuring Security by Penetration Testing: Unleash the full potential of Kali Linux 2018, now with updated tools, 4th Edition, Edition 4
Shiva V. N. Parasram
Computers & technology
$39.99$31.19

Similar ebooks

Kali Linux – Assuring Security by Penetration Testing
Lee Allen
Computers & technology
4.0
$28.99$17.84
Unmasking the Social Engineer: The Human Element of Security
Christopher Hadnagy
Computers & technology
4.0
$22.00
No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
Johnny Long
Business & investing
3.4
$19.98$18.38
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Wil Allsopp
Computers & technology
3.8
$32.00