»
The Basics of Hacking and Penetration Testing
 
 

The Basics of Hacking and Penetration Testing, 2nd Edition

Ethical Hacking and Penetration Testing Made Easy

 
The Basics of Hacking and Penetration Testing, 2nd Edition,Patrick Engebretson,ISBN9780124116443
 
 
Up to
30%
off
 

  

Syngress

9780124116443

9780124116412

225

235 X 191

Ethical hacking and penetration testing made easy.

Print Book + eBook

USD 35.94
USD 59.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 20.97
USD 29.95

eBook
eBook Overview

VST (VitalSource Bookshelf) format

DRM-free included formats : EPUB, Mobi (for Kindle), PDF

USD 20.97
USD 29.95
Add to Cart
 
 

Key Features

  • Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
  • Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
  • Utilizes the Kali Linux distribution and focuses on the seminal tools required to complete a penetration test.

Description

The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you  to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate.

Readership

Security Consultants, beginning InfoSec professionals, Students

Patrick Engebretson

Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest.

Affiliations and Expertise

Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in Information Security from Dakota State University. He currently serves as an Assistant Professor of Information Assurance and also works as a Senior Penetration Tester for security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years he has published many peer reviewed journal and conference papers in these areas. Dr. Engebretson has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.

The Basics of Hacking and Penetration Testing, 2nd Edition

Dedication

Acknowledgments

My Wife

My Girls

My Family

Dave Kennedy

Jared DeMott

To the Syngress Team

About the Author

Introduction

What is New in This Edition?

Who is the Intended Audience for This Book?

How is This Book Different from Book ‘x’?

Why Should I Buy This Book?

What Do I Need to Follow Along?

Chapter 1. What is Penetration Testing?

Information in This Chapter:

Introduction

Setting the Stage

Introduction to Kali and Backtrack Linux: Tools. Lots of Tools

Working with Your Attack Machine: Starting the Engine

The Use and Creation of a Hacking Lab

Phases of a Penetration Test

Where Do I Go from Here?

Summary

Chapter 2. Reconnaissance

Information in This Chapter:

Introduction

HTTrack: Website Copier

Google Directives: Practicing Your Google-Fu

The Harvester: Discovering and Leveraging E-mail Addresses

Whois

Netcraft

Host

Extracting Information from DNS

nslookup

Dig

Fierce: What to Do When Zone Transfers Fail

Extracting Information from E-mail Servers

MetaGooFil

ThreatAgent: Attack of the Drones

Social Engineering

Sifting Through the Intel to Find Attackable Targets

How Do I Practice This Step?

Where Do I Go from Here?

Summary

Chapter 3. Scanning

Information in This Chapter:

Introduction

Pings and Ping Sweeps

Port Scanning

The Three-Way Handshake

Using Nmap to Perform a TCP Connect Scan

Using Nmap to Perform an SYN Scan

Using Nmap to Perform UDP Scans

Using Nmap to Perform an Xmas Scan

Using Nmap to Perform Null Scans

The Nmap Scripting Engine: From Caterpillar to Butterfly

Port Scanning Wrap Up

Vulnerability Scanning

How Do I Practice This Step?

Where Do I Go from Here?

Summary

Chapter 4. Exploitation

Information in This Chapter:

Introduction

Medusa: Gaining Access to Remote Services

Metasploit: Hacking, Hugh Jackman Style!

JtR: King of the Password Crackers

Local Password Cracking

Remote Password Cracking

Linux Password Cracking and a Quick Example of Privilege Escalation

Password Resetting: The Building and the Wrecking Ball

Wireshark: Sniffing Network Traffic

Macof: Making Chicken Salad Out of Chicken Sht

Armitage: Introducing Doug Flutie of Hacking

Why Learn Five Tools When One Works Just as Well?

How Do I Practice This Step?

Where Do I Go from Here?

Summary

Chapter 5. Social Engineering

Information in This Chapter:

Introduction

The Basics of SET

Website Attack Vectors

The Credential Harvester

Other Options Within SET

Summary

Chapter 6. Web-Based Exploitation

Information in This Chapter:

Introduction

The Basics of Web Hacking

Nikto: Interrogating Web Servers

w3af: More than Just a Pretty Face

Spidering: Crawling Your Target’s Website

Intercepting Requests with Webscarab

Code Injection Attacks

Cross-Site Scripting: Browsers that Trust Sites

ZED Attack Proxy: Bringing It All Together Under One Roof

Intercepting in ZAP

Spidering in ZAP

Scanning in ZAP

How Do I Practice This Step?

Where Do I Go from Here?

Additional Resources

Summary

Chapter 7. Post Exploitation and Maintaining Access with Backdoors, Rootkits, and Meterpreter

Information in This Chapter:

Introduction

Netcat: The Swiss Army Knife

Netcat’s Cryptic Cousin: Cryptcat

Rootkits

Hacker Defender: It is Not What You Think

Detecting and Defending Against Rootkits

Meterpreter: The Hammer that Turns Everything into a Nail

How Do I Practice This Step?

Where Do I Go from Here?

Summary

Chapter 8. Wrapping Up the Penetration Test

Information in This Chapter:

Introduction

Writing the Penetration Testing Report

Executive Summary

Detailed Report

Raw Output

You Do Not Have to Go Home but You Cannot Stay Here

Where Do I Go from Here?

Wrap Up

The Circle of Life

Summary

Index

Quotes and reviews

"...this is meant to be a practical book, and it positively encourages you to download, fire up and use the tools mentioned. The first chapter even tells you how to set up your own ‘hacking lab’. So whatever your interest in hacking, you’ll get the most out of the book if you follow along."--Network Security,Aug 1 2013

"For people looking to become pen-testers, this is an excellent first step. For anyone simply curious about what pen-testing involves and who wants to try some of the techniques for themselves, it may be all you need." - Network Security, December 2011

 
 
Free Shipping
Shop with Confidence

Free Shipping around the world
▪ Broad range of products
▪ 30 days return policy
FAQ

Contact Us