Professional Penetration Testing
Syngress Media,U.S. (Verlag)
978-1-59749-425-0 (ISBN)
- Titel erscheint in neuer Auflage
- Artikel merken
Professional Penetration Testing: Creating and Operating a Formal Hacking Lab examines all aspects of professional penetration testing, from project management to team building, metrics, risk management, training, reporting, information gathering, vulnerability identification, vulnerability exploitation, privilege escalation, and test-data archival methods. It also discusses how to maintain access and cover one's tracks. It includes two video courses to teach readers fundamental and intermediate information-system penetration testing techniques, and to explain how to create and operate a formal hacking lab.
The book is divided into three parts. Part 1 focuses on the professionals who are members of a penetration test team, the skills required to be an effective team member, and the ways to create a PenTest lab. Part 2 looks at the activities involved in a penetration test and how to run a PenTest to improve the overall security posture of the client. Part 3 discusses the creation of a final report for the client, cleaning up the lab for the next penetration test, and identifying the training needs of penetration-test team members. This book will benefit both experienced and novice penetration test practitioners.
Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst, Russian Linguist, and a Cryptanalyst. His expertise in the field of Information Security has led him to speak at prominent security conferences across the United States, including DefCon, HOPE, and CSI. Thomas has contributed significantly to the field of professional penetration testing and information security. In his capacity as both a practice director and a managing director, he has played a pivotal role in executing offensive and defensive security initiatives for Fortune 100 companies and leading research and tool development that has influenced the security industry. Presently, he serves as a managing director at Redstone Securities and possesses master’s degrees in both Computer Science and Management. His influence also extends to education where he formerly held the position of Associate Professor at Colorado Technical University. Thomas has also written various publications, including magazines and books. Through Pentest.TV, he continues to provide advanced security training and has obtained numerous certifications over the years, including the ISSMP, CISSP, CCNP Security, AWS Cloud Solutions Architect, AWS Cloud Security Specialist, and multiple Solaris certifications as well.
PART I - Setting Up
1. Introduction
2. Ethics and Hacking
3. Hacking as a Career
4. Setting up Your Lab
5. Creating and Using PenTest Targets in Your Lab
6. Methodologies
7. PenTest Metrics
8. Management of a PenTest
PART II - Running a PenTest
9. Information Gathering
10. Vulnerability Identification
11. Vulnerability Verification
12. Compromising a System and Privilege Escalation
13. Maintaining Access
14. Covering Your Tracks
PART III - Wrapping Everything Up
15. Reporting Results
16. Archiving Data
17. Cleaning Up Your Lab
18. Planning for Your Next PenTest
Appendix A - Acronyms
Appendix B - Definitions
| Verlagsort | Rockland, MA |
|---|---|
| Sprache | englisch |
| Maße | 191 x 235 mm |
| Gewicht | 916 g |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| ISBN-10 | 1-59749-425-9 / 1597494259 |
| ISBN-13 | 978-1-59749-425-0 / 9781597494250 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
