Penetration Testing Fundamentals

<p>Introduction</p> <p><strong>Chapter 1:</strong> Introduction to Penetration Testing</p> <p>What Is Penetration Testing?</p> <p> Audits</p> <p> Vulnerability Scans</p> <p> Penetration Tests</p> <p> The Hybrid Test</p> <p>Terminology</p> <p>Methodologies</p> <p> Nature of the Test</p> <p> Approaches</p> <p>Ethical Issues</p> <p> Everything Is Confidential</p> <p> Keep in Your Lane</p> <p> If You Break It, You Bought It</p> <p>Legal Issues</p> <p> Computer Fraud and Abuse Act (CFAA): 18 U.S. Code § 1030</p> <p> Unlawful Access to Stored Communications: 18 U.S. Code § 2701</p> <p> Identity Theft Enforcement and Restitution Act</p> <p> Fraud and Related Activity in Connection with Access Devices: 18 U.S. Code § 1029</p> <p> State Laws</p> <p> International Laws</p> <p>Certifications</p> <p> CEH</p> <p> GPEN</p> <p> OSCP</p> <p> Mile2</p> <p> CISSP</p> <p> PPT</p> <p> This Book and Certifications</p> <p>Careers in Penetration Testing</p> <p> Security Administrators</p> <p> Commercial Penetration Testing</p> <p> Government/National Defense</p> <p> Law Enforcement</p> <p>Building Your Skillset</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 2:</strong> Standards</p> <p>PCI DSS</p> <p> The Actual Test</p> <p>NIST 800-115</p> <p> Planning</p> <p> Execution</p> <p> Post-Execution</p> <p>National Security Agency InfoSec Assessment Methodology (NSA-IAM)</p> <p>PTES</p> <p>CREST (UK)</p> <p>A Synthesis (Putting Standards Together into a Single Unified Approach)</p> <p> Pre-Engagement</p> <p> The Actual Test</p> <p> Reporting</p> <p>Related Standards</p> <p> OWASP</p> <p>Other Standards</p> <p> ISO 27002</p> <p> NIST 800-12, Revision 1</p> <p> NIST 800-14</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 3:</strong> Cryptography</p> <p>Cryptography Basics</p> <p>History of Encryption</p> <p> The Caesar Cipher</p> <p> Atbash</p> <p> Multi-Alphabet Substitution</p> <p> Rail Fence</p> <p>Modern Methods</p> <p> Symmetric Encryption</p> <p> Modification of Symmetric Methods</p> <p> Practical Applications</p> <p>Public Key (Asymmetric) Encryption</p> <p>Digital Signatures</p> <p>Hashing</p> <p> MD5</p> <p> SHA</p> <p> RIPEMD</p> <p> Windows Hashing</p> <p>MAC and HMAC</p> <p> Rainbow Tables</p> <p> Pass the Hash</p> <p>Password Crackers</p> <p>Steganography</p> <p> Historical Steganography</p> <p> Methods and Tools</p> <p>Cryptanalysis</p> <p> Frequency Analysis</p> <p> Modern Methods</p> <p> Practical Application</p> <p>Learning More</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 4:</strong> Reconnaissance</p> <p>Passive Scanning Techniques</p> <p> Netcraft</p> <p> BuiltWith</p> <p> Archive.org</p> <p> Shodan</p> <p> Social Media</p> <p> Google Searching</p> <p>Active Scanning Techniques</p> <p> Port Scanning</p> <p> Enumeration</p> <p>Wireshark</p> <p>Maltego</p> <p>Other OSINT Tools</p> <p> OSINT Website</p> <p> Alexa</p> <p> Web Master Tips</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 5:</strong> Malware</p> <p>Viruses</p> <p> How a Virus Spreads</p> <p> Types of Viruses</p> <p> Virus Examples</p> <p>Trojan Horses</p> <p>Other Forms of Malware</p> <p> Rootkit</p> <p> Malicious Web-Based Code</p> <p> Logic Bombs</p> <p>Creating Malware</p> <p> Levels of Malware Writing Skill</p> <p> GUI Tools</p> <p> Simple Script Viruses</p> <p> Creating a Trojan Horse</p> <p> Altering Existing Viruses</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 6:</strong> Hacking Windows</p> <p>Windows Details</p> <p> Windows History</p> <p> The Boot Process</p> <p> Important Windows Files</p> <p> Windows Logs</p> <p> The Registry</p> <p> Volume Shadow Copy</p> <p>Windows Password Hashing</p> <p>Windows Hacking Techniques</p> <p> Pass the Hash</p> <p> chntpw</p> <p> Net User Script</p> <p> Login as System</p> <p> Find the Admin</p> <p>Windows Scripting</p> <p> net users</p> <p> net view</p> <p> net share</p> <p> net service</p> <p> netshell</p> <p>Windows Password Cracking</p> <p> Offline NT Registry Editor</p> <p> LCP</p> <p> pwdump</p> <p> ophcrack</p> <p> John the Ripper</p> <p>Detecting Malware in Windows</p> <p>Cain and Abel</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 7:</strong> Web Hacking</p> <p>Web Technology</p> <p>Specific Attacks on Websites</p> <p> SQL Script Injection</p> <p> XSS</p> <p> Other Web Attacks</p> <p>Tools</p> <p> Burp Suite</p> <p> BeEF</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 8:</strong> Vulnerability Scanning</p> <p>Vulnerabilities</p> <p> CVE</p> <p> NIST</p> <p> OWASP</p> <p>Packet Capture</p> <p> tcpdump</p> <p> Wireshark</p> <p>Network Scanners</p> <p> LanHelper</p> <p>Wireless Scanners/Crackers</p> <p> Aircrack</p> <p>General Scanners</p> <p> MBSA</p> <p> Nessus</p> <p> Nexpose</p> <p> SAINT</p> <p>Web Application Scanners</p> <p> OWASP ZAP</p> <p> Vega</p> <p>Cyber Threat Intelligence</p> <p> Threatcrowd.org</p> <p> Phishtank</p> <p> Internet Storm Center</p> <p> OSINT</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 9:</strong> Introduction to Linux</p> <p>Linux History</p> <p>Linux Commands</p> <p> ls Command</p> <p> cd Command</p> <p> Pipe Output</p> <p> finger Command</p> <p> grep Command</p> <p> ps Command</p> <p> pstree Command</p> <p> top Command</p> <p> kill Command</p> <p> Basic File and Directory Commands</p> <p> chown Command</p> <p> chmod Command</p> <p> bg Command</p> <p> fg Command</p> <p> useradd Command</p> <p> userdel Command</p> <p> usermod Command</p> <p> users Command</p> <p> who Command</p> <p>Directories</p> <p> /root</p> <p> /bin</p> <p> /sbin</p> <p> /etc</p> <p> /dev</p> <p> /boot</p> <p> /usr</p> <p> /var</p> <p> /proc</p> <p>Graphical User Interface</p> <p> GNOME</p> <p> KDE</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 10:</strong> Linux Hacking</p> <p>More on the Linux OS</p> <p> sysfs</p> <p> Crond</p> <p> Shell Commands</p> <p>Linux Firewall</p> <p> Iptables</p> <p> iptables Configuration</p> <p> Syslog</p> <p>Syslogd</p> <p>Scripting</p> <p>Linux Passwords</p> <p>Linux Hacking Tricks</p> <p> Boot Hack</p> <p> Backspace Hack</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 11:</strong> Introduction to Kali Linux</p> <p>Kali Linux History</p> <p>Kali Basics</p> <p>Kali Tools</p> <p> recon-ng</p> <p> Dmitry</p> <p> Sparta</p> <p> John the Ripper</p> <p> Hashcat</p> <p> macchanger</p> <p> Ghost Phisher</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 12:</strong> General Hacking Techniques</p> <p>Wi-Fi Testing</p> <p> Create a Hotspot</p> <p> Using Kali as a Hotspot</p> <p> Testing the WAP Administration</p> <p> Other Wi-Fi Issues</p> <p>Social Engineering</p> <p>DoS</p> <p> Well-known DoS Attacks</p> <p> Tools</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 13:</strong> Introduction to Metasploit</p> <p>Background on Metasploit</p> <p>Getting Started with Metasploit</p> <p>Basic Usage of msfconsole</p> <p> Basic Commands</p> <p> Searching</p> <p>Scanning with Metasploit</p> <p> SMB Scanner</p> <p> SQL Server Scan</p> <p> SSH Server Scan</p> <p> Anonymous FTP Servers</p> <p> FTP Server</p> <p>How to Use Exploits</p> <p>Exploit Examples</p> <p> Cascading Style Sheets</p> <p> File Format Exploit</p> <p> Remote Desktop Exploit</p> <p> More Exploits</p> <p> Common Error</p> <p>Post Exploits</p> <p> Get Logged-on Users</p> <p> Check VM</p> <p> Enumerate Applications</p> <p> Going Deeper into the Target</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 14:</strong> More with Metasploit</p> <p>Meterpreter and Post Exploits</p> <p> ARP</p> <p> NETSTAT</p> <p> PS</p> <p> Navigation</p> <p> Download and Upload</p> <p> Desktops</p> <p> Cameras</p> <p> Key Logger</p> <p> Other Information</p> <p>msfvenom</p> <p>More Metasploit Attacks</p> <p> Formatting All Drives</p> <p> Attacking Windows Server 2008 R2</p> <p> Attacking Windows via Office</p> <p> Attacking Linux</p> <p> Attacking via the Web</p> <p> Another Linux Attack</p> <p> Linux Post Exploits</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 15:</strong> Introduction to Scripting with Ruby</p> <p>Getting Started</p> <p>Basic Ruby Scripting</p> <p> A First Script</p> <p> Syntax</p> <p> Object-Oriented Programming</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 16:</strong> Write Your Own Metasploit Exploits with Ruby</p> <p>The API</p> <p>Getting Started</p> <p>Examine an Existing Exploit</p> <p>Extending Existing Exploits</p> <p>Writing Your First Exploit</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 17:</strong> General Hacking Knowledge</p> <p>Conferences</p> <p>Dark Web</p> <p>Certification and Training</p> <p>Cyber Warfare and Terrorism</p> <p>Nation State Actors</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 18:</strong> Additional Pen Testing Topics</p> <p>Wireless Pen Testing</p> <p> 802.11</p> <p> Infrared</p> <p> Bluetooth</p> <p> Other Forms of Wireless</p> <p> Wi-Fi Hacking</p> <p>Mainframe and SCADA</p> <p> SCADA Basics</p> <p> Mainframes</p> <p>Mobile Pen Testing</p> <p> Cellular Terminology</p> <p> Bluetooth Attacks</p> <p> Bluetooth/Phone Tools</p> <p>Summary</p> <p>Test Your Skills</p> <p><strong>Chapter 19:</strong> A Sample Pen Test Project</p> <p>Pen Test Outline</p> <p> Pre-Test Activities</p> <p> External</p> <p> Internal</p> <p> Optional Items</p> <p>Report Outline</p> <p>Summary</p> <p><strong>Appendix A:</strong> Answers to Chapter Multiple Choice Questions</p> <p>9780789759375 TOC 2/13/2018</p>