Learn Ethical Hacking from Scratch: Your stepping stone to penetration testing
暫譯: 從零開始學習倫理駭客:滲透測試的踏腳石

Zaid Sabih

  • 出版商: Packt Publishing
  • 出版日期: 2018-07-31
  • 定價: $1,520
  • 售價: 8.0$1,216
  • 語言: 英文
  • 頁數: 564
  • 裝訂: Paperback
  • ISBN: 1788622057
  • ISBN-13: 9781788622059
  • 相關分類: Scratch駭客 Hack
  • 立即出貨 (庫存=1)

商品描述

Learn how to hack systems like black hat hackers and secure them like security experts

Key Features

  • Understand how computer systems work and their vulnerabilities
  • Exploit weaknesses and hack into machines to test their security
  • Learn how to secure systems from hackers

Book Description

This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices.

Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections.

The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.

What you will learn

  • Understand ethical hacking and the different fields and types of hackers
  • Set up a penetration testing lab to practice safe and legal hacking
  • Explore Linux basics, commands, and how to interact with the terminal
  • Access password-protected networks and spy on connected clients
  • Use server and client-side attacks to hack and control remote computers
  • Control a hacked system remotely and use it to hack other systems
  • Discover, exploit, and prevent a number of web application vulnerabilities such as XSS and SQL injections

Who this book is for

Learning Ethical Hacking from Scratch is for anyone interested in learning how to hack and test the security of systems like professional hackers and security experts.

Table of Contents

  1. Introduction
  2. Setting up The Lab
  3. Linux Basics
  4. Network Penetration Testing
  5. Network Penetration Testing - Pre Connection Attacks
  6. Network Penetration Testing - Gaining Access (WEP/WPA/WPA2 Cracking)
  7. Post Connection Attacks
  8. Man-in-the-middle Attacks
  9. Network Penetration Testing - Detection & Security
  10. Gaining Access to Computer Devices
  11. Scanning vulnerabilities using Tools
  12. Client Side Attacks
  13. Client Side Attacks - Social Engineering
  14. Attack and Detect Trojans with BeEF
  15. Attacks Outside The Local Network
  16. Post Exploitation
  17. Website Penetration Testing
  18. Website Pentesting - Information Gathering
  19. File Upload, Code Execution & File Inclusion Vulns
  20. SQL Injection Vulnerabilities
  21. Cross Site Scripting Vulnerabilities
  22. Website Pentesting - Discovering Vulnerabilities Automatically Using OWASP ZAP

商品描述(中文翻譯)

學習如何像黑帽駭客一樣入侵系統,並像安全專家一樣保護它們

主要特點



  • 了解計算機系統的運作及其脆弱性

  • 利用弱點入侵機器以測試其安全性

  • 學習如何保護系統免受駭客攻擊

書籍描述


本書從道德駭客的基本概念開始,介紹如何安全且合法地進行駭客實踐,以及如何安裝和使用Kali Linux及Linux終端。您將探索網路駭客,了解如何測試有線和無線網路的安全性。您還將學習如何破解任何Wi-Fi網路的密碼(無論是使用WEP、WPA還是WPA2),並監視已連接的設備。


接下來,您將發現如何使用客戶端和伺服器端攻擊來獲取遠端計算機系統的訪問權限。您還將掌握後利用技術,包括遠程控制和與您入侵的系統互動。在書的最後,您將能夠學習網頁應用程式的駭客技術。您將看到如何發現、利用和防止多種網站脆弱性,例如XSS和SQL注入。


所涵蓋的攻擊是針對真實系統的實用技術,僅用於教育目的。在每個部分的結尾,您將學習如何檢測、防止和保護系統免受這些攻擊。

您將學到的內容



  • 了解道德駭客及不同領域和類型的駭客

  • 設置滲透測試實驗室以進行安全和合法的駭客實踐

  • 探索Linux基礎知識、命令及如何與終端互動

  • 訪問受密碼保護的網路並監視已連接的客戶端

  • 使用伺服器和客戶端攻擊來駭入和控制遠端計算機

  • 遠程控制被駭系統並利用其駭入其他系統

  • 發現、利用和防止多種網頁應用程式脆弱性,例如XSS和SQL注入

本書適合誰


從零開始學習道德駭客適合任何有興趣學習如何像專業駭客和安全專家一樣駭入和測試系統安全的人。

目錄



  1. 導言

  2. 設置實驗室

  3. Linux基礎

  4. 網路滲透測試

  5. 網路滲透測試 - 連接前攻擊

  6. 網路滲透測試 - 獲取訪問權限(WEP/WPA/WPA2破解)

  7. 連接後攻擊

  8. 中間人攻擊

  9. 網路滲透測試 - 檢測與安全

  10. 獲取計算機設備的訪問權限

  11. 使用工具掃描脆弱性

  12. 客戶端攻擊

  13. 客戶端攻擊 - 社會工程學

  14. 使用BeEF攻擊和檢測木馬

  15. 本地網路外的攻擊

  16. 後利用

  17. 網站滲透測試

  18. 網站滲透測試 - 資訊收集

  19. 檔案上傳、代碼執行與檔案包含漏洞

  20. SQL注入漏洞

  21. 跨站腳本漏洞

  22. 網站滲透測試 - 使用OWASP ZAP自動發現脆弱性