Muutke küpsiste eelistusi

Penetration Testing Basics: A Quick-Start Guide to Breaking into Systems 1st ed. [Pehme köide]

  • Formaat: Paperback / softback, 115 pages, kõrgus x laius: 235x155 mm, kaal: 2117 g, 34 Illustrations, color; 7 Illustrations, black and white; XV, 115 p. 41 illus., 34 illus. in color., 1 Paperback / softback
  • Ilmumisaeg: 15-Jul-2016
  • Kirjastus: APress
  • ISBN-10: 1484218566
  • ISBN-13: 9781484218563
Teised raamatud teemal:
  • Pehme köide
  • Hind: 44,06 €*
  • * hind on lõplik, st. muud allahindlused enam ei rakendu
  • Tavahind: 51,84 €
  • Säästad 15%
  • Raamatu kohalejõudmiseks kirjastusest kulub orienteeruvalt 2-4 nädalat
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Tellimisaeg 2-4 nädalat
  • Lisa soovinimekirja
Penetration Testing Basics: A Quick-Start Guide to Breaking into Systems 1st ed.Suurem pilt
  • Formaat: Paperback / softback, 115 pages, kõrgus x laius: 235x155 mm, kaal: 2117 g, 34 Illustrations, color; 7 Illustrations, black and white; XV, 115 p. 41 illus., 34 illus. in color., 1 Paperback / softback
  • Ilmumisaeg: 15-Jul-2016
  • Kirjastus: APress
  • ISBN-10: 1484218566
  • ISBN-13: 9781484218563
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781484218563.html
Märksõnad:
This brief book covers the foundations of a simple methodology that can be used to perform penetration testing on systems and networks that you are responsible for. More specifically, the book discusses attempting to break systems, networks and software in order to determine where the bad guys might get in. Once the holes have been determined, it discusses how they can be fixed. Until they have been located, they are exposures to your organization. What You Will Learn·     How to identify security vulnerabilities·     How to use some of the top security tools in order to identify holes·     How to read reports from testing tools·     Common vulnerability types and attacks·     Common Web-based attacks and exposures as well as recommendations for closing those holesAudienceAnyone who has some familiarity with computers and an interest in information security and penetration testing could be the audience for this book. 

Arvustused

This volume is easy to read and quite pedagogical, which is maybe its greatest strength, together with putting together some examples and preparing the reader for them. Therefore, it is strongly recommended to chief information officers and IT operations and network operations directors, to ensure in-house information security processes are comprehensive enough. Next, it is also strongly recommended as a supplementary practice-oriented textbook for students in computer and information security, to guide them along in their perfection of this art. (L.-F. Pau, Computing Reviews, April, 2017)

About the Author xi
About the Technical Reviewers xiii
Introduction xv
Chapter 1 What Is Penetration Testing?
1(12)
Information Security
2(2)
Limitations of Penetration Testing
4(1)
Testing Types
5(2)
Who Does Pen Testing
7(1)
Methodology
8(2)
Summary
10(1)
Exercises
10(3)
Chapter 2 Digging for Information
13(12)
Google Hacking
14(3)
Social Networking
17(3)
Internet Registries
20(3)
Summary
23(1)
Exercises
24(1)
Chapter 3 What's Open?
25(16)
Domain Name System
26(4)
Transport Protocols and Ports
30(7)
Port Scanning
31(2)
TCP Scanning
33(1)
UDP Scanning
34(1)
Operating System and Version Scanning
35(1)
High-Speed Scanning
36(1)
Grabbing Banners
37(2)
Summary
39(1)
Exercises
39(2)
Chapter 4 Vulnerabilities
41(14)
What Is a Vulnerability?
41(2)
Vulnerability Scanners
43(2)
Scanning for Vulnerabilities
45(5)
Fuzzing
50(3)
Summary
53(1)
Exercises
53(2)
Chapter 5 Exploitation
55(24)
Getting Control
56(3)
Finding a Vulnerability
59(2)
Using Metasploit
61(5)
Metasploit Auxiliary Modules
66(2)
Debugging
68(2)
Exploit Database
70(2)
Social Engineer's Toolkit
72(3)
Post-Exploitation
75(2)
Summary
77(1)
Exercises
77(2)
Chapter 6 Breaking Web Sites
79(24)
Web Architecture
80(6)
Business Logic and Data
82(2)
Architecture Protections
84(1)
Asynchronous Javascript and XML (AJAX)
85(1)
Common Web Application Attacks
86(5)
Cross Site Scripting (XSS)
86(1)
SQL Injection
87(1)
Command Injection
88(1)
XML External Entity Attacks
89(1)
Clickjacking Attacks
90(1)
Cross Site Request Forgery
90(1)
Evasion Attacks
91(1)
Testing Strategies
91(8)
Automated Tools
93(5)
Passive Scanning
98(1)
Practice Sites
99(1)
Summary
100(1)
Exercises
101(2)
Chapter 7 Reporting
103(8)
Executive Summary
104(2)
Methodology
106(1)
Findings
107(2)
Finding
108(1)
Recommendation
108(1)
Evidence
109(1)
References
109(1)
Informational
109(1)
Summary
109(2)
Index 111
Ric Messier, MS, GCIH, GSEC, CEH, CISSP is the program director for Cyber Security, Computer Forensics and Digital Investigations and the Economic Crime Investigation bachelors' degree programs, as well as the Digital Forensic Science master's degree program at Champlain College. Messier has been involved in the networking and security arena since the early 1980s. He has worked at large Internet service providers and small software companies developing knowledge and experience about a range of topics related to networking and security. Messier has also been involved on incident response teams and has been consulted on forensic investigations for large companies. An established expert in the field and author, Messier has published several articles for Hackin9 Magazine, has developed number of video training titles with O'Reilly Media and has written a number of books on information security.