Book Image

Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition

By : Kevin Cardwell
Book Image

Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition

By: Kevin Cardwell

Overview of this book

Security flaws and new hacking techniques emerge overnight – security professionals need to make sure they always have a way to keep . With this practical guide, learn how to build your own virtual pentesting lab environments to practice and develop your security skills. Create challenging environments to test your abilities, and overcome them with proven processes and methodologies used by global penetration testing teams. Get to grips with the techniques needed to build complete virtual machines perfect for pentest training. Construct and attack layered architectures, and plan specific attacks based on the platforms you’re going up against. Find new vulnerabilities for different kinds of systems and networks, and what these mean for your clients. Driven by a proven penetration testing methodology that has trained thousands of testers, Building Virtual Labs for Advanced Penetration Testing, Second Edition will prepare you for participation in professional security teams.
Table of Contents (20 chapters)
Building Virtual Pentesting Labs for Advanced Penetration Testing - Second Edition
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
Preface

Tricks to penetrate filters


Based on what we have discovered in this chapter, you saw that when we encounter a device, our success at targeting it or even targeting through it is limited by the amount of work the administrator has taken to make the device as restrictive as possible.

Despite this, there are times when administrators make mistakes, and that is part of our job as professional security testers. We have to find these existing mistakes and document them so that the client can fix them.

One of the things that we continue to see is weak filtering rules, and this is something that has been around for a long time. Despite the new products, we can still find weak filtering rules when we are testing; therefore, the last section, before we end this chapter, will deal with detecting these.

The weak filters we will create and then test, so that we can document the results, will be those that are often encountered in a stateless filter, and that is a router. We will use our Dynamips virtual...