Details
| Title | Learn ethical hacking from scratch: your stepping stone to penetration testing |
|---|---|
| Creators | Sabih Zaid |
| Collection | Электронные книги зарубежных издательств ; Общая коллекция |
| Subjects | Penetration testing (Computer security) ; Hacking. ; Computer networks — Security measures. ; Computer security. ; COMPUTERS / Security / General. ; EBSCO eBooks |
| Document type | Other |
| File type | |
| Language | English |
| Rights | Доступ по паролю из сети Интернет (чтение, печать, копирование) |
| Record key | on1050170972 |
| Record create date | 8/29/2018 |
Allowed Actions
| pdf/1862360.pdf | – |
Action 'Read' will be available if you login or access site from another network
Action 'Download' will be available if you login or access site from another network
|
|---|---|---|
| epub/1862360.epub | – |
Action 'Download' will be available if you login or access site from another network
|
| Group | Anonymous |
|---|---|
| Network | Internet |
| Network | User group | Action |
|---|---|---|
| ILC SPbPU Local Network | All |
|
| Internet | Authorized users SPbPU |
|
| Internet | Anonymous |
|
- Cover
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Table of Contents
- Preface
- Chapter 1: Introduction
- What's in this book?
- Preparation
- Penetration testing
- Network penetration testing
- Gaining access
- Post exploitation
- Website penetration testing
- Protecting your system
- What is hacking?
- Why should we learn about hacking?
- A glimpse of hacking
- Browser exploitation framework
- Accessing the target computer's webcam
- Summary
- What's in this book?
- Chapter 2: Setting Up a Lab
- Lab overview
- VirtualBox
- Installation of VirtualBox
- VirtualBox
- Installing Kali Linux
- Installing Metasploitable
- Installing Windows
- Creating and using snapshots
- Summary
- Lab overview
- Chapter 3: Linux Basics
- Overview of Kali Linux
- Status bar icons
- Connecting the wireless card
- Linux commands
- Commands
- The ls command
- The man command
- The help command
- The Tab button
- Commands
- Updating resources
- Summary
- Overview of Kali Linux
- Chapter 4: Network Penetration Testing
- What is a network?
- Network basics
- Connecting to a wireless adapter
- MAC addresses
- Wireless modes – managed and monitor
- Enabling monitor mode manually
- Enabling monitor mode using airmon-ng
- Summary
- Chapter 5: Pre-Connection Attacks
- Packet sniffing basics
- Targeted packet sniffing
- Deauthentication attack
- What is a fake access point?
- Creating fake access points with the MANA Toolkit
- Summary
- Chapter 6: Network Penetration Testing - Gaining Access
- WEP theory
- Basic web cracking
- Fake authentication attack
- ARP request replay
- WPA introduction
- WPS cracking
- Handshake theory
- Capturing the handshake
- Creating a wordlist
- Wordlist cracking
- Securing network from attacks
- Summary
- Chapter 7: Post-Connection Attacks
- Post-connection attacks
- The netdiscover tool
- The AutoScan tool
- Zenmap
- Summary
- Post-connection attacks
- Chapter 8: Man-in-the-Middle Attacks
- Man-in-the–middle attacks
- ARP spoofing using arpspoof
- ARP spoofing using MITMf
- Bypassing HTTPS
- Session hijacking
- DNS spoofing
- MITMf screenshot keylogger
- MITMf code injection
- MITMf against a real network
- Wireshark
- Wireshark basics
- Wireshark filters
- Summary
- Man-in-the–middle attacks
- Chapter 9: Network Penetration Testing, Detection, and Security
- Detecting ARP poisoning
- Detecting suspicious behavior
- Summary
- Chapter 10: Gaining Access to Computer Devices
- Introduction to gaining access
- Server side
- Client side
- Post-exploitation
- Sever-side attacks
- Server-side attack basics
- Server-side attacks – Metasploit basics
- Metasploit remote code execution
- Summary
- Introduction to gaining access
- Chapter 11: Scanning Vulnerabilities Using Tools
- Installing MSFC
- MSFC scan
- MSFC analysis
- Installing Nexpose
- Running Nexpose
- Nexpose analysis
- Summary
- Chapter 12: Client-Side Attacks
- Client-side attacks
- Installing Veil
- Payloads overview
- Generating a Veil backdoor
- Listening for connections
- Testing the backdoor
- Fake bdm1 updates
- Client-side attacks using the bdm2 BDFProxy
- Protection against delivery methods
- Summary
- Chapter 13: Client-Side Attacks - Social Engineering
- Client-side attacks using social engineering
- Maltego overview
- Social engineering – linking accounts
- Social engineering – Twitter
- Social engineering – emails
- Social engineering – summary
- Downloading and executing AutoIt
- Changing the icon and compiling the payload
- Changing extensions
- Client-side attacks – TDM email spoofing
- Summary
- Chapter 14: Attack and Detect Trojans with BeEF
- The BeEF tool
- BeEF – hook using a MITMf
- BeEF – basic commands
- BeEF – Pretty Theft
- BeEF – Meterpreter 1
- Detecting Trojans manually
- Detecting Trojans using a sandbox
- Summary
- Chapter 15: Attacks Outside the Local Network
- Port forwarding
- External backdoors
- IP forwarding
- External BeEF
- Summary
- Chapter 16: Post Exploitation
- An introduction to post exploitation
- Meterpreter basics
- Filesystem commands
- Maintaining access by using simple methods
- Maintaining access by using advanced methods
- Keylogging
- An introduction to pivoting
- Pivoting autoroutes
- Summary
- Chapter 17: Website Penetration Testing
- What is a website?
- Attacking a website
- Summary
- Chapter 18: Website Pentesting - Information Gathering
- Information gathering using tools
- The Whois Lookup
- Netcraft
- Robtex
- Websites on the same server
- Information gathering from target websites
- Finding subdomains
- Information gathering using files
- Analyzing file results
- Summary
- Information gathering using tools
- Chapter 19: File Upload, Code Execution, and File Inclusion Vulnerabilities
- File upload vulnerabilities
- Getting started with Weevely
- Code execution vulnerabilities
- Local file inclusion vulnerabilities
- Remote file inclusion using Metasploitable
- Basic mitigation
- Summary
- File upload vulnerabilities
- Chapter 20: SQL Injection Vulnerabilities
- What is SQL?
- The dangers of SQLi
- Discovering SQLi
- SQLi authorization bypass
- Discovering an SQLi using the GET method
- Basic SELECT statements
- Discovering tables
- Reading columns and their data
- Reading and writing files on the server
- The sqlmap tool
- Preventing SQLi
- Summary
- Chapter 21: Cross-Site Scripting Vulnerabilities
- Introduction to XSS
- Reflected XSS
- Stored XSS
- XSS BeEF exploitation
- XSS protection
- Summary
- Chapter 22: Discovering Vulnerabilities Automatically Using OWASP ZAP
- OWASP ZAP start
- OWASP ZAP results
- Summary
- Other Books You May Enjoy
- Index
