Book Image

Cybersecurity – Attack and Defense Strategies. - Second Edition

By : Yuri Diogenes, Dr. Erdal Ozkaya
Book Image

Cybersecurity – Attack and Defense Strategies. - Second Edition

By: Yuri Diogenes, Dr. Erdal Ozkaya

Overview of this book

Cybersecurity – Attack and Defense Strategies, Second Edition is a completely revised new edition of the bestselling book, covering the very latest security threats and defense mechanisms including a detailed overview of Cloud Security Posture Management (CSPM) and an assessment of the current threat landscape, with additional focus on new IoT threats and cryptomining. Cybersecurity starts with the basics that organizations need to know to maintain a secure posture against outside threat and design a robust cybersecurity program. It takes you into the mindset of a Threat Actor to help you better understand the motivation and the steps of performing an actual attack – the Cybersecurity kill chain. You will gain hands-on experience in implementing cybersecurity using new techniques in reconnaissance and chasing a user’s identity that will enable you to discover how a system is compromised, and identify and then exploit the vulnerabilities in your own system. This book also focuses on defense strategies to enhance the security of a system. You will also discover in-depth tools, including Azure Sentinel, to ensure there are security controls in each network layer, and how to carry out the recovery process of a compromised system.
Table of Contents (20 chapters)
18
Other Books You May Enjoy
19
Index

External reconnaissance

In this section, we'll cover a number of tools for external reconnaissance. Let's begin by looking at the server scanning tool, Webshag.

Webshag

This is a server scanning tool that can evade detection by intrusion detection systems (IDS). Many IDS tools work by blocking suspicious traffic from specific IP addresses. Webshag can send random requests to a server through proxies, thereby evading the IP address blocking mechanism of an IDS.

Therefore, the IDS will hardly be able to protect the target from being probed. Webshag can find the open ports on a server and the services running on them. It has a more aggressive mode called Spider, which can list all the directories in the server to allow a hacker to dig deeper and find any loosely kept sensitive files or backups. It can also find emails and external links posted on the site. The main advantage of Webshag is that it can scan both HTTP and HTTPS protocols.

Webshag can be used in GUI...