Defenses continue to improve and become more and more common, but this book will provide you with a number of proven techniques to defeat the latest defenses on networks. The methods and techniques contained will provide you with a powerful arsenal of best practices to increase your penetration testing success. Many of the chapters end with a challenge to the reader that is designed to enhance and perfect their penetration testing skills.
Chapter 1, Penetration Testing Essentials, discusses why an essential element of penetration testing is planning, and a key component of this is having a methodology that emulates and matches the threat that we are portraying.
Chapter 2, Preparing a Test Environment, deals with the test environment, compares a number of different platforms, and prepares the reader for the foundation of building an advanced range for testing.
Chapter 3, Assessment Planning, talks about the test environment and how to evaluate the different platforms for your environment. The process of documenting and recording your testing results is covered, as well as methods to automate the process.
Chapter 4, Intelligence Gathering, reviews some of the tools and focuses on how to use the information to ensure your penetration tests are efficient, focused, and effective.
Chapter 5, Network Service Attacks, discusses how to successfully penetrate a secured environment and how to analyze what you are facing. The enumeration data gathered will assist in determining target prioritization and how to choose which targets are ideal candidates for your initial attacks.
Chapter 6, Exploitation, reviews the basics of exploitation and then moves on to the more interesting techniques and methods that will let us understand the true security posture of the network environment we are testing. Additionally, you will see the challenges of writing exploits today in 64-bit architectures.
Chapter 7, Web Application Attacks, explores various methods of testing web applications using freely available tools such as your web browser, w3af, WebScarab, and others. Methods of bypassing web application firewalls and IDSs are discussed as well how to determine if your targets are being load balanced or filtered.
Chapter 8, Exploitation Concepts, investigates methods that assist us in testing the effectiveness of a corporation's security awareness training and client-side protection mechanisms. The research performed during the information gathering stages of your testing will finally be used to the fullest extent. Furthermore, we look at some of the techniques and tools used by security researchers and crafty attackers to bypass even those system controls that at first glance seem theoretically sound.
Chapter 9, Post-Exploitation, covers the methods of conducting post-exploitation once you have compromised a machine and established a foothold in the environment. The process of extracting credentials, gathering data, and scraping the environment once access is gained is covered in detail.
Chapter 10, Stealth Techniques, reviews the challenges of penetrating firewalled environments, and methods of evading detection and blocks from the different endpoint protection mechanisms that may encounter during your testing.
Chapter 11, Data Gathering and Reporting, introduces the usage of tools and techniques that can make documenting the testing progress less painful and report writing easier, which is an essential but often overlooked component of penetration testing.
Chapter 12, Penetration Testing Challenge, allows you to put some of the information that has been covered throughout the book to work and bring it into perspective. The chapter provides preparation specifications for the practice environment and presents a challenge to the reader to perform a penetration test of this fictional company.
You can use a virtual software platform of your choice, but the examples throughout the book use VMware Workstation Professional, the Kali 2.0 Linux distribution, and a number of other prebuilt virtual machine images, such as the Kioptrix and OWASP distributions. The iso images for pfsense firewall, Ubuntu 8, 14.04, Debian 4.0, CentOS 5.0, FreeBSD, and Windows Server 2003.
This book is for anyone who wants to improve their skills in penetration testing. As it follows a step-by-step approach, anyone from a novice to an experienced security tester can learn effective techniques to deal with highly secured environments.
Whether you are brand new or a seasoned expert, this book will provide you with the skills you need to successfully create, customize, and plan an advanced penetration test.
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Aside from Oracle, another port of interest is the port 3306."
A block of code is set as follows:
<title><%= title %></title> <h1>You can change this template to suit your needs.</h1>
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
Not shown: 999 closed ports PORT STATE SERVICE VERSION 80/tcp open http Apache httpd/2.4.7 ((Ubuntu)) |_http-title: Site doesn't have a title (text/html) TRACEROUTE HOP RTT ADDRESS
Any command-line input or output is written as follows:
$ sudo -i # apt-get update # apt-get upgrade
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Once you verified your settings, click on Apply | OK."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <[email protected]>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/AdvancedPenetrationTestingforHighlySecuredEnvironmentsSecondEdition_ColoredImages.pdf.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
If you have a problem with any aspect of this book, you can contact us at <[email protected]>, and we will do our best to address the problem.