Other versions by this Author
Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses.
In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine–based lab that includes Kali Linux and vulnerable operating systems, you’ll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you’ll experience the key stages of an actual assessment—including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.
Learn how to:
–Crack passwords and wireless network keys with brute-forcing and wordlists
–Test web applications for vulnerabilities
–Use the Metasploit Framework to launch exploits and write your own Metasploit modules
–Automate social-engineering attacks
–Bypass antivirus software
–Turn access to one machine into total control of the enterprise in the post exploitation phase
You’ll even explore writing your own exploits. Then it’s on to mobile hacking—Weidman’s particular area of research—with her tool, the Smartphone Pentest Framework.
With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.
Penetration Testing A Hands-On Introduction to Hacking
by WEIDMAN, GEORGIAFormat: Paperback
Pub. Date: 2014-06-14
Publisher(s): No Starch Pr
List Price: $49.99
Buy New
Usually Ships in 24-48 Hours
$49.49
Rent Book
Select for Price
Used Book
We're Sorry
Sold Out
eBook
We're Sorry
Not Available
How Marketplace Works:
- This item is offered by an independent seller and not shipped from our warehouse
- Item details like edition and cover design may differ from our description; see seller's comments before ordering.
- Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
- Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
- Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.
Summary
Author Biography
Georgia Weidman is a penetration tester and researcher, as well as the founder of Bulb Security, a security consulting firm. She presents at conferences around the world, including Black Hat, ShmooCon, and DerbyCon, and teaches classes on topics such as penetration testing, mobile hacking, and exploit development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.
Table of Contents
Foreword by Peter Van Eeckhoutte
Acknowledgements
Introduction
Penetration Testing Primer
Part 1: The Basics
Chapter 1: Setting Up Your Virtual Lab
Chapter 2: Using Kali Linux
Chapter 3: Programming
Chapter 4: Using the Metasploit Framework
Part 2: Assessments
Chapter 5: Information Gathering
Chapter 6: Finding Vulnerabilities
Chapter 7: Capturing Traffic
Part 3: Attacks
Chapter 8: Exploitation
Chapter 9: Password Attacks
Chapter 10: Client-Side Exploitation
Chapter 11: Social Engineering
Chapter 12: Bypassing Antivirus Applications
Chapter 13: Post Exploitation
Chapter 14: Web Application Testing
Chapter 15: Wireless Attacks
Part 4: Exploit Development
Chapter 16: A Stack-Based Buffer Overflow in Linux
Chapter 17: A Stack-Based Buffer Overflow in Windows
Chapter 18: Structured Exception Handler Overwrites
Chapter 19: Fuzzing, Porting Exploits, and Metasploit Modules
Part 5: Mobile Hacking
Chapter 20: Using the Smartphone Pentest Framework
Resources
Index
Acknowledgements
Introduction
Penetration Testing Primer
Part 1: The Basics
Chapter 1: Setting Up Your Virtual Lab
Chapter 2: Using Kali Linux
Chapter 3: Programming
Chapter 4: Using the Metasploit Framework
Part 2: Assessments
Chapter 5: Information Gathering
Chapter 6: Finding Vulnerabilities
Chapter 7: Capturing Traffic
Part 3: Attacks
Chapter 8: Exploitation
Chapter 9: Password Attacks
Chapter 10: Client-Side Exploitation
Chapter 11: Social Engineering
Chapter 12: Bypassing Antivirus Applications
Chapter 13: Post Exploitation
Chapter 14: Web Application Testing
Chapter 15: Wireless Attacks
Part 4: Exploit Development
Chapter 16: A Stack-Based Buffer Overflow in Linux
Chapter 17: A Stack-Based Buffer Overflow in Windows
Chapter 18: Structured Exception Handler Overwrites
Chapter 19: Fuzzing, Porting Exploits, and Metasploit Modules
Part 5: Mobile Hacking
Chapter 20: Using the Smartphone Pentest Framework
Resources
Index
An electronic version of this book is available through VitalSource.
This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.
By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.
Digital License
You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.
More details can be found here.
A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.
Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.
Please view the compatibility matrix prior to purchase.