Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide - Couverture souple

Présentation de l'éditeur

Learn to perform professional penetration testing for highly-secured environments with this intensive hands-on guide.

Overview

• Learn how to perform an efficient, organized, and effective penetration test from start to finish
• Gain hands-on penetration testing experience by building and testing a virtual lab environment that includes commonly found security measures such as IDS and firewalls
• Take the challenge and perform a virtual penetration test against a fictional corporation from start to finish and then verify your results by walking through step-by-step solutions

In Detail

The internet security field has grown by leaps and bounds over the last decade. Everyday more people around the globe gain access to the internet and not all of them with good intentions. The need for penetration testers has grown now that the security industryhas had time to mature. Simply running a vulnerability scanner is a thing of the past and is no longer an effective method of determining a business's true security posture. Learn effective penetration testing skills so that you can effectively meet and manage the rapidly changing security needs of your company.

Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.

The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You'll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution.

Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more. This book will provide the hands-on experience necessary to systematically ensure the security posture for any environment, regardless of how many security controls are in place.

What you will learn from this book

• Detailed step-by-step guidance on managing testing results and writing clearly organized and effective penetration testing reports
• Properly scope your penetration test to avoid catastrophe
• Understand in detail how the testing process works from start to finish, not just how to use specific tools
• Use advanced techniques to bypass security controls and remain hidden while testing
• Create a segmented virtual network with several targets, IDS and firewall
• Generate testing reports and statistics
• Advanced web application testing and exploitation
• Perform an efficient, organized, and effective penetration test from start to finish

Biographie de l'auteur

Lee Allen

Lee Allen is currently the Vulnerability Management Program Lead for one of the Fortune 500. Amongst many other responsibilities, he performs security assessments and penetration testing.

Lee is very passionate and driven about the subject of penetration testing and security research. His journey into the exciting world of security began back in the 80's while visiting BBS's with his trusty Commodore 64 and a room carpeted with 5 ¼ inch floppy disks. Throughout the years, he has continued his attempts at remaining up to date with the latest and greatest in the security industry and the community. He has several industry certifications including the OSWP and has been working in the IT industry for over 15 years. His hobbies include validating and reviewing proof of concept exploit code, programming, security research, attending security conferences, discussing technology, writing, and skiing.

He lives in Ohio with wife Kellie and their 6 children Heather, Kristina, Natalie, Mason, Alyssa, and Seth.