Penetration Testing Essentials

Introduction xviiChapter 1 Introduction to Penetration Testing 1Defining Penetration Testing 1Preserving Confidentiality, Integrity, and Availability 4Appreciating the Evolution of Hacking 5Chapter 2 Introduction to Operating Systems and Networking 15Comparing Common Operating Systems 15Exploring Networking Concepts 21Chapter 3 Introduction to Cryptography 37Recognizing the Four Goals of Cryptography 37The History of Encryption 38Speaking Intelligently About Cryptography 39Comparing Symmetric and Asymmetric Cryptography 41Transforming Data via Hashing 47A Hybrid System: Using Digital Signatures 48Working with PKI 50Chapter 4 Outlining the Pen Testing Methodology 55Determining the Objective and Scope of the Job 55Choosing the Type of Test to Perform 58Gaining Permission via a Contract 60Following the Law While Testing68Chapter 5 Gathering Intelligence 71Introduction to Intelligence Gathering 71Examining a Company's Web Presence 73Finding Websites That Don't Exist Anymore 77Gathering Information with Search Engines 78Targeting Employees with People Searches 80Discovering Location 81Do Some Social Networking 82Looking via Financial Services 85Investigating Job Boards 86Searching Email 86Extracting Technical Information 87Chapter 6 Scanning and Enumeration 89Introduction to Scanning89Checking for Live Systems 91Performing Port Scanning 96Identifying an Operating System 107Scanning for Vulnerabilities 110Using Proxies (Or Keeping Your Head Down) 110Performing Enumeration 112Chapter 7 Conducting Vulnerability Scanning 121Introduction to Vulnerability Scanning 122Recognizing the Limitations of Vulnerability Scanning 123Outlining the Vulnerability Scanning Process 124Types of Scans That Can Be Performed 127Chapter 8 Cracking Passwords 129Recognizing Strong Passwords 129Choosing a Password-Cracking Technique 130Executing a Passive Online Attack 131Executing an Active Online Attack 133Executing an Offline Attack 134Using Nontechnical Methods 137Escalating Privileges 140Chapter 9 Retaining Access with Backdoors and Malware 143Deciding How to Attack 143Installing a Backdoor with PsTools 144Opening a Shell with LAN Turtle 145Recognizing Types of Malware 146Launching Viruses 147Launching Worms 153Launching Spyware 153Inserting Trojans154Installing Rootkits 159Chapter 10 Reporting 161Reporting the Test Parameters 161Collecting Information 163Highlighting the Important Information 164Adding Supporting Documentation 168Conducting Quality Assurance 169Chapter 11 Working with Defensive and Detection Systems 171Detecting Intrusions 171Recognizing the Signs of an Intrusion 176Evading an IDS 179Breaching a Firewall 182Using Honeypots: The Wolf in Sheep's Clothing 189Chapter 12 Covering Your Tracks and Evading Detection 193Recognizing the Motivations for Evasion 193Getting Rid of Log Files 194Hiding Files 201Evading Antivirus Software 208Evading Defenses by Entering Through a Backdoor210Using Rootkits for Evasion 211Chapter 13 Detecting and Targeting Wireless 213An Introduction to Wireless 213Breaking Wireless Encryption Technologies 222Conducting a Wardriving Attack 230Conducting Other Types of Attack 232Choosing Tools to Attack Wireless 234Knocking Out Bluetooth 237Hacking the Internet of Things (IoT)240Chapter 14 Dealing with Mobile Device Security 243Recognizing Current-Generation Mobile Devices 243Working with Android OS 248Working with Apple iOS 254Finding Security Holes in Mobile Devices 256Encountering Bring Your Own Device (BYOD) 257Choosing Tools to Test Mobile Devices 258Chapter 15 Performing Social Engineering 261Introduction to Social Engineering 261Exploiting Human Traits 263Acting Like a Social Engineer 264Targeting Specific Victims 265Leveraging Social Networking 267Conducting Safer Social Networking 268Chapter 16 Hardening a Host System 271Introduction to Hardening 271Three Tenets of Defense 273Creating a Security Baseline 276Hardening with Group Policy 279Hardening Desktop Security 279Backing Up a System 289Chapter 17 Hardening Your Network 291Introduction to Network Hardening 291Intrusion Detection Systems 292Firewalls 296Physical Security Controls 302Chapter 18 Navigating the Path to Job Success 305Choosing Your Career Path 305Build a Library 307Practice Technical Writing 309Display Your Skills 309Chapter 19 Building a Test Lab for Penetration Testing 311Deciding to Build a Lab 311Considering Virtualization 313Getting Starting and What You Will Need 316Installing Software 317Appendix Answers to Review Questions 319Index 331