Book Image

Advanced Penetration Testing

By : Wil Allsopp
Book Image

Advanced Penetration Testing

By: Wil Allsopp

Overview of this book

Today's threats are organized, professionally-run, and very much for-profit. Advanced Penetration Testing?goes beyond Kali Linux and Metasploit and to provide you advanced pen testing for high security networks. This book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data—even from organizations without a direct Internet connection—this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures. By the end of this book, you’ll be in a position to detect threats and defend your high security network.
Table of Contents (13 chapters)
Free Chapter
Title Page
End User License Agreement

What Might Work?

Most users won't have web-to-desktop access and those who do will find it heavily restricted—a VBA macro might make it into a target's inbox but will probably be blocked or the attachment will be deleted by policy regardless of AV hits. A signed Java applet might run in a target's browser but more likely it will be considered a banned technology and blocked at the web proxy. Physical access to the facilities is heavily restricted, and every person in or out will need an electronic access badge. Physical access control only permits one person through at a time with ground sensors capable of determining if more than one individual is trying to enter on a single badge.