Available:*
Library | Item Barcode | Call Number | Material Type | Item Category 1 | Status |
|---|---|---|---|---|---|
Searching... | 30000010257928 | TK5105.59 W544 2010 | Open Access Book | Book | Searching... |
Searching... | 30000010257930 | TK5105.59 W544 2010 | Open Access Book | Book | Searching... |
On Order
Summary
Summary
Professional Penetration Testing: Creating and Operating a Formal Hacking Lab examines all aspects of professional penetration testing, from project management to team building, metrics, risk management, training, reporting, information gathering, vulnerability identification, vulnerability exploitation, privilege escalation, and test-data archival methods. It also discusses how to maintain access and cover one's tracks. It includes two video courses to teach readers fundamental and intermediate information-system penetration testing techniques, and to explain how to create and operate a formal hacking lab.
The book is divided into three parts. Part 1 focuses on the professionals who are members of a penetration test team, the skills required to be an effective team member, and the ways to create a PenTest lab. Part 2 looks at the activities involved in a penetration test and how to run a PenTest to improve the overall security posture of the client. Part 3 discusses the creation of a final report for the client, cleaning up the lab for the next penetration test, and identifying the training needs of penetration-test team members. This book will benefit both experienced and novice penetration test practitioners.
Author Notes
Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst. A speaker at security conferences across the United States, including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct risk assessments, participate and lead in external and internal penetration testing efforts, and manage Information Systems Security projects.Thomas is also an Information Technology Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he dedicates some of his time as an Associate Professor at Colorado Technical University and has contributed to multiple publications, including both magazines and books. Thomas currently performs security training courses for both civilian and government personnel through Heorot.net, and maintains the following security certifications: ISSMP, CISSP, SCSECA, and SCNA.
Table of Contents
| Part I Setting Up |
| Chapter 1 Introduction |
| Chapter 2 Ethics and Hacking |
| Chapter 3 Hacking as a Career |
| Chapter 4 Setting up Your Lab |
| Chapter 5 Creating and Using PenTest Targets in Your Lab |
| Chapter 6 Methodologies |
| Chapter 7 PenTest Metrics |
| Chapter 8 Management of a PenTest |
| Part II Running a PenTest |
| Chapter 9 Information Gathering |
| Chapter 10 Vulnerability Identification |
| Chapter 11 Vulnerability Verification |
| Chapter 12 Compromising a System and Privilege Escalation |
| Chapter 13 Maintaining Access |
| Chapter 14 Covering Your Tracks |
| Part III Wrapping Everything Up |
| Chapter 15 Reporting Results |
| Chapter 16 Archiving Data |
| Chapter 17 Cleaning Up Your Lab |
| Chapter 18 Planning for Your Next PenTest |
| Appendix A Acronyms |
| Appendix B Definitions |
