Book Image

Penetration Testing with BackBox

By : Stefan Umit Uygur
Book Image

Penetration Testing with BackBox

By: Stefan Umit Uygur

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with BackBox
Stefan Umit Uygur
Feb, 2014 | 130 pages
No titles found
Table of Contents (15 chapters)
Penetration Testing with BackBox
Penetration Testing with BackBox
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Starting Out with BackBox Linux
Starting Out with BackBox Linux
A flexible penetration testing distribution
The organization of tools in BackBox
Services
Update
Anonymous
Extras
Completeness, accuracy, and support
Links and contacts
Summary
2
Information Gathering
Information Gathering
Starting with an unknown system
Proceeding with a known system
Summary
3
Vulnerability Assessment and Management
Vulnerability Assessment and Management
Vulnerability scanning
False positives
Summary
4
Exploitations
Exploitations
Exploitation of a SQL injection on a database
Exploiting web applications with W3af
Summary
5
Eavesdropping and Privilege Escalation
Eavesdropping and Privilege Escalation
Sniffing encrypted SSL/TLS traffic
Password cracking
Summary
6
Maintaining Access
Maintaining Access
Backdoor Weevely
Summary
7
Penetration Testing Methodologies with BackBox
Penetration Testing Methodologies with BackBox
Information gathering
Summary
8
Documentation and Reporting
Documentation and Reporting
MagicTree – the auditing productivity tool
Summary
Index
Index

About the Reviewers

Jorge Armin Garcia Lopez is a very passionate Information Security Consultant from Mexico with more than six years of experience in Computer Security, Penetration Testing, Intrusion Detection/Prevention, Malware Analysis, and Incident Response. He is the leader of the Tiger team at one of the most important security companies located in Latin America and Spain. He is also a Security Researcher at Cipher Storm Ltd and is the co-founder and CEO of the most important Security Conference in Mexico called BugCON. He holds important security industry certifications such as OSCP, GCIA, and GPEN.

Thanks to all my friends who support me. Special thanks to Shakeel Ali, Mada, Stefan Umir, Hector Garcia Posadas, and Krangel.

Shakeel Ali is a Security and Risk Management Consultant at Fortune 500. Previously, he was a key founder of Cipher Storm Ltd., UK. He is also the co-author of BackTrack 4: Assuring Security by Penetration Testing, Packt Publishing, which is also a book on Penetration Testing. His expertise in the security industry markedly exceeds the standard number of security assessments, audits, compliance, governance, and incident-response projects that he carries out in day-to-day operations. As a senior security evangelist, and having spent endless nights, he provides constant security support to various businesses, educational institutions, and government agencies globally. He is an active independent researcher who writes various articles, whitepapers, and manages a blog at Ethical-Hacker.net. He also regularly participates in BugCon Security Conferences held in Mexico, to highlight the best-of-breed cyber security threats and their solutions from practically driven countermeasures.

Sreenath Sasikumar is a web security analyst who heads the cyber security division at Digital Brand Group (DBG). He is an active member of OSWAP and a volunteer at Mozilla Firefox. After a good stint with IBM where he worked with enterprise clients such as AT&T, he was a part of QBust, empowering him to work with top-tier clients such as British Telecom and Plusnet. He started the security testing division at QBurst and was also responsible for creating several internal security-testing tools. Being an ardent lover of open source, he has created eight Mozilla add-ons, of which Clear Console was listed as the best add-on of the month in March 2013. It was also selected as one of the best Mozilla add-ons of 2013. With a user base of more than 44,000, it has registered more than 3,50,000 downloads till date. He has also created the world's first one-of-the-kind security testing browser bundle, PenQ. He supports OWASP and initiated the official Google+ community of OWASP and also contributes to its projects. Sreenath is a regular speaker at the Coffee@DBG series, which is an open walk-in session for technology enthusiasts from over 280 firms in Technopark, Trivandrum. He has also spoken on webinars and at Google DevFest '13, Technopark GTech Conference, and Unicom Testing Conference.

Previous Section
Next Chapter