Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

Front Cover
Packt Publishing Ltd, Jan 1, 2012 - Computers - 414 pages
2 Reviews
An intensive hands-on guide to perform professional penetration testing for highly-secured environments from start to finish. You will learn to provide penetration testing services to clients with mature security infrastructure. Understand how to perform each stage of the penetration test by gaining hands-on experience in performing attacks that mimic those seen in the wild. In the end, take the challenge and perform a virtual penetration test against a fictional corporation. If you are looking for guidance and detailed instructions on how to perform a penetration test from start to finish, are looking to build out your own penetration testing lab, or are looking to improve on your existing penetration testing skills, this book is for you. Although the books attempts to accommodate those that are still new to the penetration testing field, experienced testers should be able to gain knowledge and hands-on experience as well. The book does assume that you have some experience in web application testing and as such the chapter regarding this subject may require you to understand the basic concepts of web security. The reader should also be familiar with basic IT concepts, and commonly used protocols such as TCP/IP.
 

What people are saying - Write a review

User Review - Flag as inappropriate

This is a good book for beginning to intermediate penetration testers that want more than just recipes on how to attack a network. It shows you how to perform a professional penetration test including the reporting and other important items that are often overlooked.

Contents

Preface
1
Planning and Scoping for a Successful Penetration Test
7
Advanced Reconnaissance Techniques
43
Enumeration Choosing Your Targets Wisely
79
Remote Exploitation
115
Web Application Exploitation
159
Exploits and ClientSide Attacks
201
PostExploitation
239
Bypassing Firewalls and Avoiding Detection
287
Data Collection Tools and Reporting
313
Setting Up Virtual Test Lab Environments
333
Take the Challenge Putting It All Together
355
Index
379
Copyright

Other editions - View all

Common terms and phrases

About the author (2012)

Lee Allen is currently the Vulnerability Management Program Lead for one of the Fortune 500. Amongst many other responsibilities, he performs security assessments and penetration testing. Lee is very passionate and driven about the subject of penetration testing and security research. His journey into the exciting world of security began back in the 80's while visiting BBS's with his trusty Commodore 64 and a room carpeted with 5 1/4 inch floppy disks. Throughout the years, he has continued his attempts at remaining up to date with the latest and greatest in the security industry and the community. He has several industry certifications including the OSWP and has been working in the IT industry for over 15 years. His hobbies include validating and reviewing proof of concept exploit code, programming, security research, attending security conferences, discussing technology, writing, and skiing. He lives in Ohio with wife Kellie and their 6 children Heather, Kristina, Natalie, Mason, Alyssa, and Seth.

Bibliographic information