Book Image

Advanced Penetration Testing

By : Wil Allsopp
Book Image

Advanced Penetration Testing

By: Wil Allsopp

Overview of this book

Today's threats are organized, professionally-run, and very much for-profit. Advanced Penetration Testing?goes beyond Kali Linux and Metasploit and to provide you advanced pen testing for high security networks. This book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data—even from organizations without a direct Internet connection—this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures. By the end of this book, you’ll be in a position to detect threats and defend your high security network.
Table of Contents (13 chapters)
Free Chapter
Title Page
End User License Agreement

Chapter 6
Criminal Intelligence

A few years ago I was called upon to perform an internal APT-modeling scenario for a police service in the UK. It was an interesting assignment for a number of reasons, not all of them purely technical. At a police HQ they don't, generally speaking, want you wandering around by yourself, so every morning my colleague and myself would dutifully arrive at the front desk to meet our point of contact whose job was also to escort us around the building as necessary. On day three we asked for the gentleman again only to be taken aside by a couple of police officers who wanted to know what our business was with him. I explained we were security consultants, here to fight the good fight against the ever-present forces of darkness (we pen testers are a colorful bunch) only to be told that our point of contact was actually a fugitive from justice and had been arrested the previous evening. I never did find out exactly what that was all about, but it takes a...