BackTrack 4: Assuring Security by Penetration Testing
eBook - ePub

BackTrack 4: Assuring Security by Penetration Testing

  1. 392 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

BackTrack 4: Assuring Security by Penetration Testing

About this book

In Detail

BackTrack is a penetration testing and security auditing platform with advanced tools to identify, detect, and exploit any vulnerabilities uncovered in the target network environment. Applying appropriate testing methodology with defined business objectives and a scheduled test plan will result in robust penetration testing of your network.

BackTrack 4: Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating the cutting-edge hacker tools and techniques in a coherent step-by-step strategy. It offers all the essential lab preparation and testing procedures to reflect real-world attack scenarios from your business perspective in today's digital age.

The authors' experience and expertise enables them to reveal the industry's best approach for logical and systematic penetration testing.

The first and so far only book on BackTrack OS starts with lab preparation and testing procedures, explaining the basic installation and configuration set up, discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the BackTrack specific testing process. The authors discuss a number of security assessment tools necessary to conduct penetration testing in their respective categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, maintaining access, and reporting), following the formal testing methodology. Each of these tools is illustrated with real-world examples to highlight their practical usage and proven configuration techniques. The authors also provide extra weaponry treasures and cite key resources that may be crucial to any professional penetration tester.

This book serves as a single professional, practical, and expert guide to developing hardcore penetration testing skills from scratch. You will be trained to make the best use of BackTrack OS either in a commercial environment or an experimental test bed.

A tactical example-driven guide for mastering the penetration testing skills with BackTrack to identify, detect, and exploit vulnerabilities at your digital doorstep.

Approach

Written as an interactive tutorial, this book covers the core of BackTrack with real-world examples and step-by-step instructions to provide professional guidelines and recommendations to you. The book is designed in a simple and intuitive manner, which allows you to explore the whole BackTrack testing process or study parts of it individually.

Who this book is for

If you are an IT security professional or network administrator who has a basic knowledge of Unix/Linux operating systems including awareness of information security factors, and you want to use BackTrack for penetration testing, then this book is for you.

Trusted by 375,005 students

Access to over 1 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Packt Publishing
Year
2011
eBook ISBN
9781849513944
Edition
1
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

BackTrack 4: Assuring Security by Penetration Testing

Table of Contents

BackTrack 4: Assuring Security by Penetration Testing
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers and more
Why Subscribe?
Free Access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
I. Lab Preparation and Testing Procedures
1. Beginning with BackTrack
History
BackTrack purpose
Getting BackTrack
Using BackTrack
Live DVD
Installing to hard disk
Installation in real machine
Installation in VirtualBox
Portable BackTrack
Configuring network connection
Ethernet setup
Wireless setup
Starting the network service
Updating BackTrack
Updating software applications
Updating the kernel
Installing additional weapons
Nessus vulnerability scanner
WebSecurify
Customizing BackTrack
Summary
2. Penetration Testing Methodology
Types of penetration testing
Black-box testing
White-box testing
Vulnerability assessment versus penetration testing
Security testing methodologies
Open Source Security Testing Methodology Manual (OSSTMM)
Key features and benefits
Information Systems Security Assessment Framework (ISSAF)
Key features and benefits
Open Web Application Security Project (OWASP) Top Ten
Key features and benefits
Web Application Security Consortium Threat Classification (WASC-TC)
Key features and benefits
BackTrack testing methodology
Target scoping
Information gathering
Target discovery
Enumerating target
Vulnerability mapping
Social engineering
Target exploitation
Privilege escalation
Maintaining access
Documentation and reporting
The ethics
Summary
II. Penetration Testers Armory
3. Target Scoping
Gathering client requirements
Customer requirements form
Deliverables assessment form
Preparing the test plan
Test plan checklist
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
4. Information Gathering
Public resources
Document gathering
Metagoofil
DNS information
dnswalk
dnsenum
dnsmap
dnsmap-bulk
dnsrecon
fierce
Route information
0trace
dmitry
itrace
tcpraceroute
tctrace
Utilizing search engines
goorecon
theharvester
All-in-one intelligence gathering
Maltego
Documenting the information
Dradis
Summary
5. Target Discovery
Introduction
Identifying the target machine
ping
arping
arping2
fping
genlist
hping2
hping3
lanmap
nbtscan
nping
onesixtyone
OS fingerprinting
p0f
xprobe2
Summary
6. Enumerating Target
Port scanning
AutoScan
Netifera
Nmap
Nmap target specification
Nmap TCP scan options
Nmap UDP scan options
Nmap port specification
Nmap output options
Nmap timing options
Nmap scripting engine
Unicornscan
Zenmap
Service enumeration
Amap
Httprint
Httsquash
VPN enumeration
ike-scan
Summary
7. Vulnerability Mapping
Types of vulnerabilities
Local vulnerability
Remote vulnerability
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
OpenVAS integrated security tools
Cisco analysis
Cisco Auditing Tool
Cisco Global Exploiter
Cisco Passwd Scanner
Fuzzy analysis
BED
Bunny
JBroFuzz
SMB analysis
Impacket Samrdump
Smb4k
SNMP analysis
ADMSnmp
Snmp Enum
SNMP Walk
Web application analysis
Database assessment tools
DBPwAudit
Pblind
SQLbrute
SQLiX
SQLMap
SQL Ninja
Application assessment tools
Burp Suite
Grendel Scan
LBD
Nikto2
Paros Proxy
Ratproxy
W3AF
WAFW00F
WebScarab
Summary
8. Social Engineering
Modeling human psychology
Attack process
Attack methods
Impersonation
Reciprocation
Influential authority
Scarcity
Social relationship
Social Engineering Toolkit (SET)
Targeted phishing attack
Gathering user credentials
Common User Passwords Profiler (CUPP)
Summary
9. Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
MSFConsole
MSFCLI
Ninja 101 drills
Scenario #1
Scenario #2
SNMP community scanner
VNC blank authentication scanner
IIS6 WebDAV unicode auth bypass
Scenario #3
Bind shell
Reverse shell
Meterpreter
Scenario #4
Scenario #5
Generating binary backdoor
Automated browser exploitation
Writing exploit module
Summary
10. Privilege Escalation
Attacking the password
Offline attack tools
Rainbowcrack
Samdump2
John
Ophcrack
Crunch
Wyd
Online attack tools
BruteSSH
Hydra
Network sniffers
Dsniff
Hamster
Tcpdump
Tcpick
Wireshark
Network spoofing tools
Arpspoof
Ettercap
Summary
11. Maintaining Access
Protocol tunneling
DNS2tcp
Ptunnel
Stunnel4
Proxy
3proxy
Proxychains
End-to-end connection
CryptCat
Sbd
Socat
Summary
12. Documentation and Reporting
Documentation and results verification
Types of reports
Executive report
Management report
Technical report
Network penetration testing report (sample contents)
Table of Contents
Presentation
Post testing procedures
Summary
A. Supplementary Tools
Vulnerability scanner
NeXpose community edition
NeXpose installation
Starting NeXpose community
Login to NeXpose community
Using NeXpose community
Web application fingerprinter
WhatWeb
BlindElephant
Network Ballista
Netcat
Open connection
Service banner grabbing
Simple server
File transfer
Portscanning
Backdoor Shell
Reverse shell
Summary
B. Key Resources
Vulnerability Disclosure and Tracking
Paid Incentive Programs
Reverse Engineering Resources
Network ports
Index

BackTrack 4: Assuring Security by Penetration Testing

Copyright © 2011 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indire...

Table of contents

  1. BackTrack 4: Assuring Security by Penetration Testing

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access BackTrack 4: Assuring Security by Penetration Testing by Shakeel Ali, Tedi Heriyanto in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.