Penetration Testing with BackBox
Stefan Umit Uygur
- 出版商: Packt Publishing
- 出版日期: 2014-02-22
- 售價: $1,440
- 貴賓價: 9.5 折 $1,368
- 語言: 英文
- 頁數: 112
- 裝訂: Paperback
- ISBN: 1783282975
- ISBN-13: 9781783282975
-
相關分類:
Penetration-test
海外代購書籍(需單獨結帳)
相關主題
商品描述
This tutorial will immerse you in the fascinating environment of penetration testing. Thoroughly practical and written for ease of understanding, it will give you the insights and knowledge you need to start using BackBox.
Overview
- Experience the real world of penetration testing with Backbox Linux using live, practical examples
- Gain an insight into auditing and penetration testing processes by reading though live sessions
- Learn how to carry out your own testing using the latest techniques and methodologies
In Detail
BackBox is an amazing Linux security distribution designed to keep in mind the needs of security and system administration specialists. It has been developed to perform penetration tests and security assessments. Designed to be fast and easy to use while providing a minimal yet complete desktop environment, Backbox comes with its own software repositories and is continually updated to the latest stable version of the most widely used and best-known ethical hacking tools.
This book provides an exciting introduction to BackBox Linux in order give you familiarity with and understanding of this amazing Linux security distro, making you feel comfortable with both the subject of pen-testing and BackBox. The book progresses through topics based on standard cases of penetration testing from the initial steps to the final procedures.
This book will help you discover the exciting world of penetration testing through a series of step-by-step, practical lessons. Penetration Testing with BackBox is organized into eight chapters. Starting with an introduction to BackBox Linux in order to give you a solid grounding of this amazing Linux security distro, including both its design philosophy and feature set, before moving on to practical tutorials in using BackBox. The book is arranged in a chronological order based on standard cases of penetration testing. For those more experienced in the use of penetration testing tools, each chapter can be read independently, providing a detailed overview of how BackBox will augment your arsenal of tools at each step of the penetration testing process.
Throughout this book, you will be given a clear picture of IT security cases by having one of the most popular topics of penetration testing demonstrated in a user-friendly way. By the end of the book, you will have learned all the fundamental skills needed to use BackBox for ethical hacking.
What you will learn from this book
- Perform reconnaissance and collect information about an unknown system
- Perform vulnerability scanning, management, and assessment, as well as understand false positives
- Understand how SQL injection attacks work and find injectable pages on a web server
- Sniff the network to capture sensitive data and learn different methods of privilege escalation
- Maintain permanent access on a target server once access is initially granted
- Use exploitation tools like Metasploit to exploit the reported vulnerabilities
- Learn how to document and generate reports from the entire auditing process
Approach
This practical book outlines the steps needed to perform penetration testing using BackBox. It explains common penetration testing scenarios and gives practical explanations applicable to a real-world setting.
Who this book is written for
This book is written primarily for security experts and system administrators who have an intermediate Linux capability. However, because of the simplicity and user-friendly design, it is also suitable for beginners looking to understand the principle steps of penetration testing.
商品描述(中文翻譯)
這本教程將帶您深入滲透測試的迷人環境。內容實用且易於理解,將為您提供開始使用 BackBox 所需的見解和知識。
概述
- 使用 Backbox Linux 透過實時的實踐範例體驗滲透測試的真實世界
- 通過閱讀實時會話深入了解審計和滲透測試過程
- 學習如何使用最新的技術和方法進行自己的測試
詳細內容
BackBox 是一個出色的 Linux 安全發行版,旨在考慮安全和系統管理專家的需求。它被開發用於執行滲透測試和安全評估。BackBox 設計快速且易於使用,同時提供一個簡約而完整的桌面環境,並擁有自己的軟體庫,持續更新至最新穩定版本的最廣泛使用和最知名的道德駭客工具。
這本書提供了對 BackBox Linux 的精彩介紹,讓您熟悉並理解這個出色的 Linux 安全發行版,使您對滲透測試和 BackBox 的主題感到舒適。書中內容依據滲透測試的標準案例,從初步步驟到最終程序逐步進行。
這本書將幫助您通過一系列逐步的實踐課程發現滲透測試的精彩世界。《Penetration Testing with BackBox》分為八個章節。首先介紹 BackBox Linux,以便為您提供這個出色的 Linux 安全發行版的堅實基礎,包括其設計理念和功能集,然後進入使用 BackBox 的實踐教程。書中內容按時間順序排列,基於滲透測試的標準案例。對於那些在使用滲透測試工具方面更有經驗的人,每一章都可以獨立閱讀,提供 BackBox 如何在滲透測試過程的每個步驟中增強您的工具庫的詳細概述。
在這本書中,您將清楚了解 IT 安全案例,並以用戶友好的方式展示滲透測試中最受歡迎的主題之一。在書的結尾,您將學會使用 BackBox 進行道德駭客所需的所有基本技能。
您將從這本書中學到的內容
- 執行偵查並收集有關未知系統的信息
- 執行漏洞掃描、管理和評估,並理解假陽性
- 了解 SQL 注入攻擊的運作方式並找到可注入的網頁
- 監聽網路以捕獲敏感數據,並學習不同的特權提升方法
- 一旦初次獲得訪問權限,便在目標伺服器上維持永久訪問
- 使用像 Metasploit 這樣的利用工具來利用報告的漏洞
- 學習如何記錄和生成整個審計過程的報告
方法
這本實用的書概述了使用 BackBox 執行滲透測試所需的步驟。它解釋了常見的滲透測試場景,並提供適用於現實世界的實用解釋。
本書的讀者對象
這本書主要是為具有中級 Linux 能力的安全專家和系統管理員撰寫的。然而,由於其簡單和用戶友好的設計,對於希望了解滲透測試基本步驟的初學者來說也非常合適。