Protect your system or web application with this accessible guide
Penetration tests, also known as ‘pen tests’, are a means of assessing the security of a computer system by simulating a cyber-attack. These tests can be an essential tool in detecting exploitable vulnerabilities in a computer system or web application, averting potential user data breaches, privacy violations, losses of system function, and more. With system security an increasingly fundamental part of a connected world, it has never been more important that cyber professionals understand the pen test and its potential applications.
Pen Testing from Contract to Report offers a step-by-step overview of the subject. Built around a new concept called the Penetration Testing Life Cycle, it breaks the process into phases, guiding the reader through each phase and its potential to expose and address system vulnerabilities. The result is an essential tool in the ongoing fight against harmful system intrusions.
In Pen Testing from Contract to Report readers will also find: - Content mapped to certification exams such as the CompTIA PenTest+- Detailed techniques for evading intrusion detection systems, firewalls, honeypots, and more- Accompanying software designed to enable the reader to practice the concepts outlined, as well as end-of-chapter questions and case studies
Pen Testing from Contract to Report is ideal for any cyber security professional or advanced student of cyber security.
Penetration tests, also known as ‘pen tests’, are a means of assessing the security of a computer system by simulating a cyber-attack. These tests can be an essential tool in detecting exploitable vulnerabilities in a computer system or web application, averting potential user data breaches, privacy violations, losses of system function, and more. With system security an increasingly fundamental part of a connected world, it has never been more important that cyber professionals understand the pen test and its potential applications.
Pen Testing from Contract to Report offers a step-by-step overview of the subject. Built around a new concept called the Penetration Testing Life Cycle, it breaks the process into phases, guiding the reader through each phase and its potential to expose and address system vulnerabilities. The result is an essential tool in the ongoing fight against harmful system intrusions.
In Pen Testing from Contract to Report readers will also find: - Content mapped to certification exams such as the CompTIA PenTest+- Detailed techniques for evading intrusion detection systems, firewalls, honeypots, and more- Accompanying software designed to enable the reader to practice the concepts outlined, as well as end-of-chapter questions and case studies
Pen Testing from Contract to Report is ideal for any cyber security professional or advanced student of cyber security.
Table of Contents
Foreword viii
Preface ix
Acknowledgement x
List of Abbreviations xi
Companion Website xiii
1 Introduction to Penetration Testing 1
2 The Contract 19
3 Law and Legislation 39
4 Footprinting and Reconnaissance 53
5 Scanning Networks 81
6 Enumeration 111
7 Vulnerability Analysis 137
8 System Hacking 183
9 Malware Threats 239
10 Sniffing 265
11 Social Engineering 283
12 Denial of Service 315
13 Session Hijacking 343
14 Evading IDS, Firewalls, and Honeypots 363
15 Web Servers 389
16 Web Application Hacking 413
17 SQL Injection 481
18 Hacking Wireless Networks 517
19 Mobile Platforms 549
20 Internet of Things (IoT) 581
21 Cloud Computing 601
22 The Report 623
Index 639
