<link href="style.css" rel="stylesheet" type="text/css"/><meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> <meta content="urn:uuid:e0000000-0000-0000-0000-000000740483" name="Adept.expected.resource"/></head><body><div id="B978-1-59749-627-8.10018-2-18"/><div class="ref-list" id="indexP"><div class="sec-title2" id="indsect0090">P</div><div class="index-item" id="idx2194"><div class="index-heading">P0f tool, enumeration</div><a href="B9781597496278100030.xhtml#p0640">111</a> , <a href="B9781597496278100030.xhtml#s0190">118–121</a></div><div class="index-item" id="idx2195"><div class="index-heading">Packet filtering firewall, definition</div><a href="B9781597496278100078.xhtml#p0240">265</a></div><div class="index-item" id="idx2196"><div class="index-heading">Packetforge-ng, basic function</div><a href="B9781597496278100030.xhtml#p1325">347</a> , <a href="B9781597496278100030.xhtml#u0095">351</a></div><div class="index-item" id="idx2197"><div class="index-heading">Page ranking, Google</div><a href="B9781597496278100029.xhtml#p0265">35</a></div><div class="index-item" id="idx2198"><div class="index-heading">Pair-wise Master Key (PMK), WPA2</div><a href="B9781597496278100030.xhtml#p0120">322</a></div><div class="index-item" id="idx2199"><div class="index-heading">PANs</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2351">Personal area networks (PANs)</a></div></div><div class="index-item" id="idx2200"><div class="index-heading">Parameter passing attacks, web application assessment</div><a href="B9781597496278100066.xhtml#s0105">233</a></div><div class="index-item" id="idx2201"><div class="index-heading">Passive methods</div><div class="index-item" id="idx2202"><div class="index-heading">enumeration</div><a href="B9781597496278100030.xhtml#s0125">111</a></div><div class="index-item" id="idx2203"><div class="index-heading">fingerprinting</div><a href="B9781597496278100030.xhtml#p0660">112–113</a> , <a href="B9781597496278100030.xhtml#s0190">118–120</a></div></div><div class="index-item" id="idx2204"><div class="index-heading">Passive scanners, WLAN discovery</div><a href="B9781597496278100030.xhtml#p0200">325</a></div><div class="index-item" id="idx2205"><div class="index-heading">Password cracking</div><div class="index-item" id="idx2206"><div class="index-heading">database hacking hands-on challenge</div><a href="B9781597496278100054.xhtml#p1010">215–216</a></div><div class="index-item" id="idx2207"><div class="index-heading">Finger enumeration</div><a href="B9781597496278100078.xhtml#p0650">276</a></div><div class="index-item" id="idx2208"><div class="index-heading">Live Hacking CD</div><a href="B9781597496278100017.xhtml#u0250">15</a></div><div class="index-item" id="idx2209"><div class="index-heading">mssql_login</div><a href="B9781597496278100054.xhtml#s0070">197</a></div><div class="index-item" id="idx2210"><div class="index-heading">network device case study</div><a href="B9781597496278100078.xhtml#p0990">285</a></div><div class="index-item" id="idx2211"><div class="index-heading">network device hands-on challenge</div><a href="B9781597496278100078.xhtml#u0410">290</a></div><div class="index-item" id="idx2212"><div class="index-heading">wireless penetration testing</div><a href="B9781597496278100030.xhtml#p0085">320</a></div><div class="index-item" id="idx2213"><div class="index-heading">WPA2</div><a href="B9781597496278100030.xhtml#p0125">322</a></div></div><div class="index-item" id="idx2214"><div class="index-heading">Password creation</div><div class="index-item" id="idx2215"><div class="index-heading">databases</div><a href="B9781597496278100054.xhtml#p0130">192</a> , <a href="B9781597496278100054.xhtml#p1010">215–216</a></div><div class="index-item" id="idx2216"><div class="index-heading">Microsoft SQL Server</div><a href="B9781597496278100054.xhtml#p0190">194–195</a></div><div class="index-item" id="idx2217"><div class="index-heading">Oracle databases</div><a href="B9781597496278100054.xhtml#p0560">208</a></div></div><div class="index-item" id="idx2218"><div class="index-heading">Payloads</div><div class="index-item" id="idx2219"><div class="index-heading">custom malware deployment</div><a href="B9781597496278100042.xhtml#p0945">175</a> , <a href="B9781597496278100042.xhtml#f0095">175f</a></div><div class="index-item" id="idx2220"><div class="index-heading">msfencode, to encoded executable</div><a href="B9781597496278100042.xhtml#f0115">179f</a></div></div><div class="index-item" id="idx2221"><div class="index-heading">Payment card industry (PCI), WLAN vulnerabilities</div><a href="B9781597496278100030.xhtml#p0160">323</a></div><div class="index-item" id="idx2222"><div class="index-heading">PBXs, as targets</div><a href="B9781597496278100078.xhtml#p0280">266</a></div><div class="index-item" id="idx2223"><div class="index-heading">PCI</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2221">Payment card industry (PCI)</a></div></div><div class="index-item" id="idx2224"><div class="index-heading">PDF files</div><div class="index-item" id="idx2225"><div class="index-heading">custom malware</div><a href="B9781597496278100042.xhtml#p0940">175</a></div><div class="index-item" id="idx2226"><div class="index-heading">human recon</div><a href="B9781597496278100029.xhtml#p1940">68–69</a></div><div class="index-item" id="idx2227"><div class="index-heading">human weakness case study</div><a href="B9781597496278100042.xhtml#p1380">183</a></div><div class="index-item" id="idx2228"><div class="index-heading">intelligence gathering</div><a href="B9781597496278100029.xhtml#p0410">41</a></div><div class="index-item" id="idx2229"><div class="index-heading">malicious, generation</div><a href="B9781597496278100042.xhtml#f0130">185f</a></div><div class="index-item" id="idx2230"><div class="index-heading">personal phishing</div><a href="B9781597496278100042.xhtml#p0145">144</a></div><div class="index-item" id="idx2231"><div class="index-heading">spear-phishing attack</div><a href="B9781597496278100042.xhtml#p0425">152</a></div><div class="index-item" id="idx2232"><div class="index-heading">Trojan horses</div><a href="B9781597496278100042.xhtml#p0355">150</a></div></div><div class="index-item" id="idx2233"><div class="index-heading">PEAP</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2439">Protected Extensible Authentication Protocol (PEAP)</a></div></div><div class="index-item" id="idx2234"><div class="index-heading">Peer-to-peer applications, Arudius</div><a href="B9781597496278100017.xhtml#p0860">17–18</a></div><div class="index-item" id="idx2235"><div class="index-heading">Penetration testing frameworks</div><div class="index-item" id="idx2236"><div class="index-heading">implementation consistency</div><a href="B9781597496278100108.xhtml#p0655">390</a></div><div class="index-item" id="idx2237"><div class="index-heading">OSSTMM</div><a href="B9781597496278100108.xhtml#s0160">389</a></div><div class="index-item" id="idx2238"><div class="index-heading">pen-test labs</div><a href="B9781597496278100108.xhtml#s0155">389</a></div><div class="index-item" id="idx2239"><div class="index-heading">SP 800-115</div><a href="B9781597496278100108.xhtml#s0165">390</a></div><div class="index-item" id="idx2240"><div class="index-heading">VulnerabilityAssessment.co.uk</div><a href="B9781597496278100108.xhtml#s0165">390</a></div></div><div class="index-item" id="idx2241"><div class="index-heading">Penetration testing targets</div><div class="index-item" id="idx2242"><div class="index-heading">basic considerations</div><a href="B9781597496278100017.xhtml#s0130">20–21</a></div><div class="index-item" id="idx2243"><div class="index-heading">Damn Vulnerable Web Application</div><a href="B9781597496278100017.xhtml#s0140">22</a></div><div class="index-item" id="idx2244"><div class="index-heading">De-ICE.net PenTest disks</div><a href="B9781597496278100017.xhtml#s0135">22</a></div><div class="index-item" id="idx2245"><div class="index-heading">efficient time use</div><a href="B9781597496278100030.xhtml#p0210">98</a></div><div class="index-item" id="idx2246"><div class="index-heading">Mutillidae</div><a href="B9781597496278100017.xhtml#s0145">22</a></div><div class="index-item" id="idx2247"><div class="index-heading">OldApps.com</div><a href="B9781597496278100017.xhtml#s0155">23</a></div><div class="index-item" id="idx2248"><div class="index-heading">test failure advice</div><a href="B9781597496278100030.xhtml#p1735">138</a></div><div class="index-item" id="idx2249"><div class="index-heading">WebGoat</div><a href="B9781597496278100017.xhtml#s0150">23</a></div></div><div class="index-item" id="idx2250"><div class="index-heading">Penetration testing toolkit creation</div><div class="index-item" id="idx2251"><div class="index-heading">BackTrack toolkit creation case study</div><a href="B9781597496278100017.xhtml#s0160">24</a> , <a href="B9781597496278100017.xhtml#f0075">23–27</a></div><div class="index-item" id="idx2252"><div class="index-heading">basic approach</div><a href="B9781597496278100017.xhtml#s0015">2–3</a></div><div class="index-item" id="idx2253"><div class="index-heading">bootable USB drives</div><a href="B9781597496278100017.xhtml#s0045">6–8</a><div class="index-item" id="idx2254"><div class="index-heading">with Linux</div><a href="B9781597496278100017.xhtml#s0055">7–8</a></div><div class="index-item" id="idx2255"><div class="index-heading">with Windows 7/Vista</div><a href="B9781597496278100017.xhtml#s0050">6–7</a></div></div><div class="index-item" id="idx2256"><div class="index-heading">core technologies</div><a href="B9781597496278100017.xhtml#s0020">4–9</a></div><div class="index-item" id="idx2257"><div class="index-heading">hands-on challenge</div><a href="B9781597496278100017.xhtml#B978-1-59749-627-8.10001-7">27</a></div><div class="index-item" id="idx2258"><div class="index-heading">ISO images</div><a href="B9781597496278100017.xhtml#s0040">6</a></div><div class="index-item" id="idx2259"><div class="index-heading">LiveCD creation</div><a href="B9781597496278100017.xhtml#s0030">4–5</a><div class="index-item" id="idx2260"><div class="index-heading">BartPE Builder</div><a href="B9781597496278100017.xhtml#f0010">10f</a></div><div class="index-item" id="idx2261"><div class="index-heading">BartPE Builder Plugins</div><a href="B9781597496278100017.xhtml#f0015">11f</a></div></div><div class="index-item" id="idx2262"><div class="index-heading">LiveCD modification</div><a href="B9781597496278100017.xhtml#s0035">5</a></div><div class="index-item" id="idx2263"><div class="index-heading">LiveCDs</div><a href="B9781597496278100017.xhtml#s0025">4</a></div><div class="index-item" id="idx2264"><div class="index-heading">LiveCD tools</div><a href="B9781597496278100017.xhtml#s0070">9</a><div class="index-item" id="idx2265"><div class="index-heading">BartPE Builder</div><a href="B9781597496278100017.xhtml#s0075">9–10</a></div><div class="index-item" id="idx2266"><div class="index-heading">UNetbootin</div><a href="B9781597496278100017.xhtml#s0080">11–12</a> , <a href="B9781597496278100017.xhtml#f0020">11f</a></div><div class="index-item" id="idx2267"><div class="index-heading">UNetbootin Ophcrack Install</div><a href="B9781597496278100017.xhtml#f0025">12f</a></div><div class="index-item" id="idx2268"><div class="index-heading">UNetbootin risks</div><a href="B9781597496278100017.xhtml#p0570">12</a></div></div><div class="index-item" id="idx2269"><div class="index-heading">objectives</div><a href="B9781597496278100017.xhtml#s0010">1–2</a></div><div class="index-item" id="idx2270"><div class="index-heading">open source tools</div><a href="B9781597496278100017.xhtml#s0065">9</a></div><div class="index-item" id="idx2271"><div class="index-heading">operating system</div><a href="B9781597496278100017.xhtml#p0080">2</a></div><div class="index-item" id="idx2272"><div class="index-heading">persistent LiveCD creation</div><a href="B9781597496278100017.xhtml#s0060">8–9</a></div><div class="index-item" id="idx2273"><div class="index-heading">private <i>vs.</i> public considerations</div><a href="B9781597496278100017.xhtml#p0075">2</a></div><div class="index-item" id="idx2274"><div class="index-heading">toolkit execution considerations</div><a href="B9781597496278100017.xhtml#p0125">3</a></div></div><div class="index-item" id="idx2275"><div class="index-heading">Penetration testing toolkit examples</div><div class="index-item" id="idx2276"><div class="index-heading">Arudius</div><a href="B9781597496278100017.xhtml#s0115">17–19</a> , <a href="B9781597496278100017.xhtml#f0055">18f</a></div><div class="index-item" id="idx2277"><div class="index-heading">BackTrack Linux</div><a href="B9781597496278100017.xhtml#s0090">13</a> , <a href="B9781597496278100017.xhtml#f0030">13f</a></div><div class="index-item" id="idx2278"><div class="index-heading">BackTrack Linux GUI</div><a href="B9781597496278100017.xhtml#f0035">14f</a></div><div class="index-item" id="idx2279"><div class="index-heading">Katana</div><a href="B9781597496278100017.xhtml#s0125">19–20</a></div><div class="index-item" id="idx2280"><div class="index-heading">Katana boot menu</div><a href="B9781597496278100017.xhtml#f0065">20f</a></div><div class="index-item" id="idx2281"><div class="index-heading">Katana Portable Applications</div><a href="B9781597496278100017.xhtml#f0070">21f</a></div><div class="index-item" id="idx2282"><div class="index-heading">Live Hacking CD</div><a href="B9781597496278100017.xhtml#s0095">14–15</a></div><div class="index-item" id="idx2283"><div class="index-heading">Network Security Toolkit</div><a href="B9781597496278100017.xhtml#s0110">16–17</a> , <a href="B9781597496278100017.xhtml#f0050">18f</a></div><div class="index-item" id="idx2284"><div class="index-heading">Operator</div><a href="B9781597496278100017.xhtml#s0120">19</a> , <a href="B9781597496278100017.xhtml#f0060">19f</a></div><div class="index-item" id="idx2285"><div class="index-heading">OSWA-Assistant</div><a href="B9781597496278100017.xhtml#s0105">16</a> , <a href="B9781597496278100017.xhtml#f0045">17f</a></div><div class="index-item" id="idx2286"><div class="index-heading">overview</div><a href="B9781597496278100017.xhtml#s0085">12–13</a></div><div class="index-item" id="idx2287"><div class="index-heading">Samurai Web Testing Framework</div><a href="B9781597496278100017.xhtml#s0100">15</a> , <a href="B9781597496278100017.xhtml#f0040">16f</a></div></div><div class="index-item" id="idx2288"><div class="index-heading">Penetration test labs</div><div class="index-item" id="idx2289"><div class="index-heading">ad hoc lab</div><a href="B9781597496278100108.xhtml#s0095">384–385</a></div><div class="index-item" id="idx2290"><div class="index-heading">basic approach</div><a href="B9781597496278100108.xhtml#s0015">372</a></div><div class="index-item" id="idx2291"><div class="index-heading">building</div><a href="B9781597496278100108.xhtml#s0100">385–388</a></div><div class="index-item" id="idx2292"><div class="index-heading">case study</div><a href="B9781597496278100108.xhtml#s0225">397–400</a> , <a href="B9781597496278100108.xhtml#f0020">398f</a> , <a href="B9781597496278100108.xhtml#f0030">399f</a></div><div class="index-item" id="idx2293"><div class="index-heading">client hardware matching</div><a href="B9781597496278100108.xhtml#s0115">386</a></div><div class="index-item" id="idx2294"><div class="index-heading">commercial tools</div><a href="B9781597496278100108.xhtml#s0135">388</a></div><div class="index-item" id="idx2295"><div class="index-heading">common hardware</div><a href="B9781597496278100108.xhtml#s0110">385</a></div><div class="index-item" id="idx2296"><div class="index-heading">core technologies</div><a href="B9781597496278100108.xhtml#s0175">390–394</a></div><div class="index-item" id="idx2297"><div class="index-heading">design</div><a href="B9781597496278100108.xhtml#s0020">372–373</a> , <a href="B9781597496278100108.xhtml#f0010">374f</a></div><div class="index-item" id="idx2298"><div class="index-heading">dual-use equipment</div><a href="B9781597496278100108.xhtml#s0120">386–387</a></div><div class="index-item" id="idx2299"><div class="index-heading">Dynagen</div><a href="B9781597496278100108.xhtml#s0215">395–396</a></div><div class="index-item" id="idx2300"><div class="index-heading">Dynamips</div><a href="B9781597496278100108.xhtml#s0215">395–396</a></div><div class="index-item" id="idx2301"><div class="index-heading">external lab</div><a href="B9781597496278100108.xhtml#s0085">383–384</a></div><div class="index-item" id="idx2302"><div class="index-heading">GNS3</div><a href="B9781597496278100108.xhtml#s0215">395–396</a></div><div class="index-item" id="idx2303"><div class="index-heading">hands-on challenge</div><a href="B9781597496278100108.xhtml#s0230">400–401</a> , <a href="B9781597496278100108.xhtml#f0035">400f</a></div><div class="index-item" id="idx2304"><div class="index-heading">hardware selection</div><a href="B9781597496278100108.xhtml#s0105">385</a></div><div class="index-item" id="idx2305"><div class="index-heading">install procedure documentation</div><a href="B9781597496278100108.xhtml#s0145">388–389</a></div><div class="index-item" id="idx2306"><div class="index-heading">internal lab</div><a href="B9781597496278100108.xhtml#s0080">382–383</a></div><div class="index-item" id="idx2307"><div class="index-heading">objectives</div><a href="B9781597496278100108.xhtml#s0010">372</a></div><div class="index-item" id="idx2308"><div class="index-heading">open source tools</div><div class="index-item" id="idx2309"><div class="index-heading">overview</div><a href="B9781597496278100108.xhtml#s0200">394–397</a></div><div class="index-item" id="idx2310"><div class="index-heading">usage</div><a href="B9781597496278100108.xhtml#s0130">387</a></div><div class="index-item" id="idx2311"><div class="index-heading">VirtualBox</div><a href="B9781597496278100108.xhtml#s0210">395</a></div><div class="index-item" id="idx2312"><div class="index-heading">Xen</div><a href="B9781597496278100108.xhtml#s0205">394–395</a></div></div><div class="index-item" id="idx2313"><div class="index-heading">project-specific lab</div><a href="B9781597496278100108.xhtml#s0090">384</a></div><div class="index-item" id="idx2314"><div class="index-heading">results documentation</div><a href="B9781597496278100108.xhtml#s0150">389</a></div><div class="index-item" id="idx2315"><div class="index-heading">running the lab</div><a href="B9781597496278100108.xhtml#s0140">388–390</a></div><div class="index-item" id="idx2316"><div class="index-heading">safety considerations</div><div class="index-item" id="idx2317"><div class="index-heading">basic considerations</div><a href="B9781597496278100108.xhtml#s0065">381</a></div><div class="index-item" id="idx2318"><div class="index-heading">CD labeling</div><a href="B9781597496278100108.xhtml#p0270">378–379</a></div><div class="index-item" id="idx2319"><div class="index-heading">data transfer</div><a href="B9781597496278100108.xhtml#s0045">378</a></div><div class="index-item" id="idx2320"><div class="index-heading">destruction and sanitization</div><a href="B9781597496278100108.xhtml#s0055">379–380</a></div><div class="index-item" id="idx2321"><div class="index-heading">documentation</div><a href="B9781597496278100108.xhtml#s0060">380–381</a></div><div class="index-item" id="idx2322"><div class="index-heading">install disk security</div><a href="B9781597496278100108.xhtml#s0040">377–378</a></div><div class="index-item" id="idx2323"><div class="index-heading">network configuration</div><a href="B9781597496278100108.xhtml#s0035">376–377</a></div><div class="index-item" id="idx2324"><div class="index-heading">network isolation</div><a href="B9781597496278100108.xhtml#s0030">374–376</a></div><div class="index-item" id="idx2325"><div class="index-heading">overview</div><a href="B9781597496278100108.xhtml#s0025">373–374</a></div></div><div class="index-item" id="idx2326"><div class="index-heading">software selection</div><a href="B9781597496278100108.xhtml#s0125">387</a></div><div class="index-item" id="idx2327"><div class="index-heading">software tool considerations</div><a href="B9781597496278100108.xhtml#s0220">396–397</a></div><div class="index-item" id="idx2328"><div class="index-heading">SP 800-115</div><a href="B9781597496278100108.xhtml#s0165">390</a></div><div class="index-item" id="idx2329"><div class="index-heading">testing frameworks</div><a href="B9781597496278100108.xhtml#s0155">389</a></div><div class="index-item" id="idx2330"><div class="index-heading">types</div><a href="B9781597496278100108.xhtml#s0070">381–382</a></div><div class="index-item" id="idx2331"><div class="index-heading">virtualization</div><div class="index-item" id="idx2332"><div class="index-heading">architecture</div><a href="B9781597496278100108.xhtml#s0190">392</a> , <a href="B9781597496278100108.xhtml#f0015">393f</a></div><div class="index-item" id="idx2333"><div class="index-heading">definition</div><a href="B9781597496278100108.xhtml#s0180">391</a></div><div class="index-item" id="idx2334"><div class="index-heading">role</div><a href="B9781597496278100108.xhtml#s0185">391–392</a></div><div class="index-item" id="idx2335"><div class="index-heading">virtual networks</div><a href="B9781597496278100108.xhtml#s0195">393–394</a></div></div><div class="index-item" id="idx2336"><div class="index-heading">virtual lab</div><a href="B9781597496278100108.xhtml#s0075">382</a></div><div class="index-item" id="idx2337"><div class="index-heading">VulnerabilityAssessment.co.uk</div><a href="B9781597496278100108.xhtml#s0165">390</a></div></div><div class="index-item" id="idx2338"><div class="index-heading">Perl script usage examples</div><div class="index-item" id="idx2339"><div class="index-heading">BiLE.pl</div><a href="B9781597496278100029.xhtml#p0585">45</a></div><div class="index-item" id="idx2340"><div class="index-heading">BiLE-Weigh.pl</div><a href="B9781597496278100029.xhtml#p0715">46</a></div><div class="index-item" id="idx2341"><div class="index-heading">dnsenum.pl</div><a href="B9781597496278100029.xhtml#p1265">64</a></div><div class="index-item" id="idx2342"><div class="index-heading">nikto.pl</div><a href="B9781597496278100066.xhtml#p0865">238</a></div><div class="index-item" id="idx2343"><div class="index-heading">snmpenum.pl</div><a href="B9781597496278100030.xhtml#p1185">126</a></div><div class="index-item" id="idx2344"><div class="index-heading">SQLiX.pl</div><a href="B9781597496278100066.xhtml#p1160">244</a></div><div class="index-item" id="idx2345"><div class="index-heading">tld-expand.pl</div><a href="B9781597496278100029.xhtml#p0855">48</a></div></div><div class="index-item" id="idx2346"><div class="index-heading">Permissions</div><div class="index-item" id="idx2347"><div class="index-heading">database installation</div><a href="B9781597496278100054.xhtml#p0135">192</a></div><div class="index-item" id="idx2348"><div class="index-heading">Microsoft SQL Server</div><a href="B9781597496278100054.xhtml#s0055">195</a></div></div><div class="index-item" id="idx2349"><div class="index-heading">Persistent LiveCD, creation</div><a href="B9781597496278100017.xhtml#s0060">8–9</a></div><div class="index-item" id="idx2350"><div class="index-heading">Persistent Live USB, toolkit booting</div><a href="B9781597496278100017.xhtml#p0140">3</a></div><div class="index-item" id="idx2351"><div class="index-heading">Personal area networks (PANs), 802.15.1 standard</div><a href="B9781597496278100030.xhtml#p0100">321</a></div><div class="index-item" id="idx2352"><div class="index-heading">Personal phishing</div><div class="index-item" id="idx2353"><div class="index-heading">basic considerations</div><a href="B9781597496278100042.xhtml#s0030">143–144</a></div><div class="index-item" id="idx2354"><div class="index-heading">example</div><a href="B9781597496278100042.xhtml#b0015">143</a></div></div><div class="index-item" id="idx2355"><div class="index-heading">PHF bug, web server history</div><a href="B9781597496278100066.xhtml#p0105">220–221</a></div><div class="index-item" id="idx2356"><div class="index-heading">Phishing</div><div class="index-item" id="idx2357"><div class="index-heading">basic approach</div><a href="B9781597496278100042.xhtml#s0020">142–143</a></div><div class="index-item" id="idx2358"><div class="index-heading">basic considerations</div><a href="B9781597496278100042.xhtml#s0015">142–156</a></div><div class="index-item" id="idx2359"><div class="index-heading">browser exploitation</div><a href="B9781597496278100042.xhtml#s0070">150</a></div><div class="index-item" id="idx2360"><div class="index-heading">case study</div><a href="B9781597496278100042.xhtml#s0260">181–187</a></div><div class="index-item" id="idx2361"><div class="index-heading">core technologies</div><a href="B9781597496278100042.xhtml#s0045">146–150</a></div><div class="index-item" id="idx2362"><div class="index-heading">generally targeted phishing</div><a href="B9781597496278100042.xhtml#s0040">145–146</a> , <a href="B9781597496278100042.xhtml#b0025">145b–146b</a></div><div class="index-item" id="idx2363"><div class="index-heading">hands-on challenge</div><a href="B9781597496278100042.xhtml#u0295">187</a></div><div class="index-item" id="idx2364"><div class="index-heading">individually targeted phishing</div><div class="index-item" id="idx2365"><div class="index-heading">example</div><a href="B9781597496278100042.xhtml#b0015">143b</a></div><div class="index-item" id="idx2366"><div class="index-heading">overview</div><a href="B9781597496278100042.xhtml#s0025">143</a></div><div class="index-item" id="idx2367"><div class="index-heading">personal phishing</div><a href="B9781597496278100042.xhtml#s0030">143–144</a></div><div class="index-item" id="idx2368"><div class="index-heading">professional phishing</div><a href="B9781597496278100042.xhtml#s0035">144–145</a> , <a href="B9781597496278100042.xhtml#b0020">144b</a></div></div><div class="index-item" id="idx2369"><div class="index-heading">malware</div><a href="B9781597496278100042.xhtml#s0065">149–150</a></div><div class="index-item" id="idx2370"><div class="index-heading">Metasploit</div><a href="B9781597496278100042.xhtml#f0045">157f</a> , <a href="B9781597496278100042.xhtml#f0050">158f</a> , <a href="B9781597496278100042.xhtml#s0100">155–156</a></div><div class="index-item" id="idx2371"><div class="index-heading">Social-Engineer Toolkit</div><a href="B9781597496278100042.xhtml#f0030">153f</a> , <a href="B9781597496278100042.xhtml#s0085">151</a><div class="index-item" id="idx2372"><div class="index-heading">email example</div><a href="B9781597496278100042.xhtml#f0040">155f</a></div><div class="index-item" id="idx2373"><div class="index-heading">main menu screenshot</div><a href="B9781597496278100042.xhtml#f0025">152f</a></div><div class="index-item" id="idx2374"><div class="index-heading">spear-phishing attack</div><a href="B9781597496278100042.xhtml#s0090">151–153</a></div><div class="index-item" id="idx2375"><div class="index-heading">transmission options</div><a href="B9781597496278100042.xhtml#f0035">154f</a></div><div class="index-item" id="idx2376"><div class="index-heading">web attack options</div><a href="B9781597496278100042.xhtml#t0010">156t</a></div><div class="index-item" id="idx2377"><div class="index-heading">web attacks</div><a href="B9781597496278100042.xhtml#s0095">154</a></div></div><div class="index-item" id="idx2378"><div class="index-heading">social networks</div><a href="B9781597496278100042.xhtml#s0115">157–159</a></div><div class="index-item" id="idx2379"><div class="index-heading">tools overview</div><a href="B9781597496278100042.xhtml#s0080">150–151</a></div><div class="index-item" id="idx2380"><div class="index-heading">Trojan horses</div><a href="B9781597496278100042.xhtml#s0075">150</a></div><div class="index-item" id="idx2381"><div class="index-heading">web applications</div><a href="B9781597496278100042.xhtml#f0015">148f</a> , <a href="B9781597496278100042.xhtml#f0020">149f</a> , <a href="B9781597496278100042.xhtml#s0060">147–149</a></div><div class="index-item" id="idx2382"><div class="index-heading">web forms</div><a href="B9781597496278100042.xhtml#f0010">148f</a> , <a href="B9781597496278100042.xhtml#s0050">146–147</a></div></div><div class="index-item" id="idx2383"><div class="index-heading">Photographs, social network attacks</div><a href="B9781597496278100042.xhtml#s0140">162</a></div><div class="index-item" id="idx2384"><div class="index-heading">PHP</div><div class="index-item" id="idx2385"><div class="index-heading">DVWA</div><a href="B9781597496278100017.xhtml#p0965">22</a></div><div class="index-item" id="idx2386"><div class="index-heading">Mutillidae</div><a href="B9781597496278100017.xhtml#p0975">22</a></div><div class="index-item" id="idx2387"><div class="index-heading">Nmap banner grabbing</div><a href="B9781597496278100030.xhtml#p0740">115–116</a></div></div><div class="index-item" id="idx2388"><div class="index-heading">phpMyAdmin, web server testing case study</div><a href="B9781597496278100066.xhtml#p1325">249</a> , <a href="B9781597496278100066.xhtml#f0170">251f</a></div><div class="index-item" id="idx2389"><div class="index-heading">Physical Address Extension (PAE), Xen</div><a href="B9781597496278100108.xhtml#u0120">395</a></div><div class="index-item" id="idx2390"><div class="index-heading">Ping methods</div><div class="index-item" id="idx2391"><div class="index-heading">Httprint fingerprinting</div><a href="B9781597496278100030.xhtml#p0935">121</a></div><div class="index-item" id="idx2392"><div class="index-heading">noisy (IDS) testing case study</div><a href="B9781597496278100030.xhtml#p1725">136–137</a></div><div class="index-item" id="idx2393"><div class="index-heading">p0f passive OS fingerprinting</div><a href="B9781597496278100030.xhtml#p0785">118</a></div><div class="index-item" id="idx2394"><div class="index-heading">Ping.eu sample data</div><a href="B9781597496278100029.xhtml#f0090">62f</a></div><div class="index-item" id="idx2395"><div class="index-heading">router configuration</div><a href="B9781597496278100078.xhtml#p0085">260–261</a></div><div class="index-item" id="idx2396"><div class="index-heading">scanning process</div><a href="B9781597496278100030.xhtml#p0225">98</a></div><div class="index-item" id="idx2397"><div class="index-heading">verification, network boundary exploration</div><a href="B9781597496278100029.xhtml#p2745">78</a></div><div class="index-item" id="idx2398"><div class="index-heading">web server testing case study</div><a href="B9781597496278100066.xhtml#f0145">248f</a></div></div><div class="index-item" id="idx2399"><div class="index-heading">Plaintext</div><div class="index-item" id="idx2400"><div class="index-heading">Kismet</div><a href="B9781597496278100030.xhtml#p0590">336</a></div><div class="index-item" id="idx2401"><div class="index-heading">network device case study</div><a href="B9781597496278100078.xhtml#p0995">286</a></div><div class="index-item" id="idx2402"><div class="index-heading">Nmap output options</div><a href="B9781597496278100030.xhtml#p0425">104</a></div></div><div class="index-item" id="idx2403"><div class="index-heading">PL/SQL, Oracle stored procedures</div><a href="B9781597496278100054.xhtml#p0450">204</a></div><div class="index-item" id="idx2404"><div class="index-heading">PMK</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2198">Pair-wise Master Key (PMK)</a></div></div><div class="index-item" id="idx2405"><div class="index-heading">POC</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2406">Points of contact (POC)</a></div></div><div class="index-item" id="idx2406"><div class="index-heading">Points of contact (POC), verification</div><a href="B9781597496278100029.xhtml#p2635">76</a></div><div class="index-item" id="idx2407"><div class="index-heading">POP3 server, Nmap banner grabbing</div><a href="B9781597496278100030.xhtml#p0740">115–116</a> , <a href="B9781597496278100030.xhtml#p0755">117</a></div><div class="index-item" id="idx2408"><div class="index-heading">POP command, web server stack-based overflows</div><a href="B9781597496278100066.xhtml#p0360">225</a> , <a href="B9781597496278100066.xhtml#f0030">226f</a> , <a href="B9781597496278100066.xhtml#f0035">227f</a></div><div class="index-item" id="idx2409"><div class="index-heading">Port 31337, Nmap port-scanning options</div><a href="B9781597496278100030.xhtml#p0455">105–106</a></div><div class="index-item" id="idx2410"><div class="index-heading">Port scanning</div><div class="see-also"><i>see also</i><a href="B9781597496278100182-21.xhtml#idx2724">Scanning (vulnerability assessment)</a></div><div class="index-item" id="idx2411"><div class="index-heading">basic approach</div><a href="B9781597496278100030.xhtml#p0205">97–98</a></div><div class="index-item" id="idx2412"><div class="index-heading">enumeration timing</div><a href="B9781597496278100030.xhtml#p0670">114</a></div><div class="index-item" id="idx2413"><div class="index-heading">Nmap options</div><a href="B9781597496278100030.xhtml#s0090">105–106</a></div><div class="index-item" id="idx2414"><div class="index-heading">process</div><a href="B9781597496278100030.xhtml#s0045">99</a></div><div class="index-item" id="idx2415"><div class="index-heading">router identification</div><a href="B9781597496278100078.xhtml#p0100">261</a></div><div class="index-item" id="idx2416"><div class="index-heading">SMB considerations</div><a href="B9781597496278100030.xhtml#p1235">127</a></div><div class="index-item" id="idx2417"><div class="index-heading">stealthy penetration test case study</div><a href="B9781597496278100030.xhtml#p1670">134</a></div><div class="index-item" id="idx2418"><div class="index-heading">Unicornscan</div><a href="B9781597496278100030.xhtml#s0105">108</a> , <a href="B9781597496278100030.xhtml#f0030">109f</a></div></div><div class="index-item" id="idx2419"><div class="index-heading">Pre-coded stored procedures, SQL Server</div><a href="B9781597496278100054.xhtml#p0275">195–196</a></div><div class="index-item" id="idx2420"><div class="index-heading">Prepended payload, custom malware</div><a href="B9781597496278100042.xhtml#p0930">174</a> , <a href="B9781597496278100042.xhtml#f0095">175f</a></div><div class="index-item" id="idx2421"><div class="index-heading">Pre-production applications, enterprise application case study</div><a href="B9781597496278100030.xhtml#p1285">313–314</a></div><div class="index-item" id="idx2422"><div class="index-heading">Pre-Shared Keys (PSK)</div><div class="see-also"><i>see also</i><a href="B9781597496278100182-25.xhtml#idx3398">Wi-Fi Protected Access-Pre-Shared Key (WPA-PSK)</a></div><div class="index-item" id="idx2423"><div class="index-heading">ike-scan</div><a href="B9781597496278100030.xhtml#p1040">123</a></div><div class="index-item" id="idx2424"><div class="index-heading">VPN device footprinting</div><a href="B9781597496278100078.xhtml#p0420">271</a></div></div><div class="index-item" id="idx2425"><div class="index-heading">PRGA</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2448">Pseudo Random Generation Algorithm (PRGA)</a></div></div><div class="index-item" id="idx2426"><div class="index-heading">Primary domain name system (DNS) server, network device footprinting</div><a href="B9781597496278100078.xhtml#p0335">268</a></div><div class="index-item" id="idx2427"><div class="index-heading">Primary key, database definition</div><a href="B9781597496278100054.xhtml#p0090">190</a></div><div class="index-item" id="idx2428"><div class="index-heading">Privileges</div><div class="index-item" id="idx2429"><div class="index-heading">database installation</div><a href="B9781597496278100054.xhtml#p0135">192</a></div><div class="index-item" id="idx2430"><div class="index-heading">Oracle databases</div><a href="B9781597496278100054.xhtml#s0100">204</a></div></div><div class="index-item" id="idx2431"><div class="index-heading">PRNG</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2452">Pseudo Random Number Generator (PRNG)</a></div></div><div class="index-item" id="idx2432"><div class="index-heading">Production enterprise applications</div><div class="index-item" id="idx2433"><div class="index-heading">case study</div><a href="B9781597496278100030.xhtml#p1285">313–314</a></div><div class="index-item" id="idx2434"><div class="index-heading">security</div><a href="B9781597496278100030.xhtml#p0260">299</a></div></div><div class="index-item" id="idx2435"><div class="index-heading">Professional phishing</div><div class="index-item" id="idx2436"><div class="index-heading">basic considerations</div><a href="B9781597496278100042.xhtml#s0035">144–145</a></div><div class="index-item" id="idx2437"><div class="index-heading">example</div><a href="B9781597496278100042.xhtml#b0020">144b</a></div></div><div class="index-item" id="idx2438"><div class="index-heading">Project-specific penetration test lab, basic considerations</div><a href="B9781597496278100108.xhtml#s0090">384</a></div><div class="index-item" id="idx2439"><div class="index-heading">Protected Extensible Authentication Protocol (PEAP)</div><div class="index-item" id="idx2440"><div class="index-heading">EAP encryption</div><a href="B9781597496278100030.xhtml#u0090">328</a></div><div class="index-item" id="idx2441"><div class="index-heading">WLAN vulnerabilities</div><a href="B9781597496278100030.xhtml#p0185">324</a></div></div><div class="index-item" id="idx2442"><div class="index-heading">Proxy methods</div><div class="index-item" id="idx2443"><div class="index-heading">enumeration</div><a href="B9781597496278100030.xhtml#p0640">111</a></div><div class="index-item" id="idx2444"><div class="index-heading">fimap web application testing</div><a href="B9781597496278100066.xhtml#p1045">241–242</a></div></div><div class="index-item" id="idx2445"><div class="index-heading">Proxy servers</div><div class="index-item" id="idx2446"><div class="index-heading">data capture</div><a href="B9781597496278100066.xhtml#p1025">240</a></div><div class="index-item" id="idx2447"><div class="index-heading">Nmap network device scanning</div><a href="B9781597496278100078.xhtml#p0450">272</a></div></div><div class="index-item" id="idx2448"><div class="index-heading">Pseudo Random Generation Algorithm (PRGA)</div><div class="index-item" id="idx2449"><div class="index-heading">Aircrack-ng</div><a href="B9781597496278100030.xhtml#p1155">347–348</a></div><div class="index-item" id="idx2450"><div class="index-heading">Aireplay-ng</div><a href="B9781597496278100030.xhtml#p1285">350</a></div><div class="index-item" id="idx2451"><div class="index-heading">basic considerations</div><a href="B9781597496278100030.xhtml#p1380">352</a></div></div><div class="index-item" id="idx2452"><div class="index-heading">Pseudo Random Number Generator (PRNG), WEP attacks</div><a href="B9781597496278100030.xhtml#p0350">329</a></div><div class="index-item" id="idx2453"><div class="index-heading">PSK</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2422">Pre-Shared Keys (PSK)</a></div></div><div class="index-item" id="idx2454"><div class="index-heading">Psychological considerations</div><div class="index-item" id="idx2455"><div class="index-heading">commiseration in email</div><a href="B9781597496278100042.xhtml#p0140">144</a></div><div class="index-item" id="idx2456"><div class="index-heading">social network status udpates</div><a href="B9781597496278100042.xhtml#p0630">164</a></div></div><div class="index-item" id="idx2457"><div class="index-heading">PTW attacks</div><div class="see-also"><i>see</i><a href="B9781597496278100182-18.xhtml#idx2463">Pychkine-Tews-Weinmann (PTW) attacks</a></div></div><div class="index-item" id="idx2458"><div class="index-heading">“Pull” real-time integration, enterprise applications</div><a href="B9781597496278100030.xhtml#p0135">295</a></div><div class="index-item" id="idx2459"><div class="index-heading">PUSH C command, web server stack-based overflows</div><a href="B9781597496278100066.xhtml#p0350">225</a> , <a href="B9781597496278100066.xhtml#f0020">226f</a></div><div class="index-item" id="idx2460"><div class="index-heading">PUSH D command, web server stack-based overflows</div><a href="B9781597496278100066.xhtml#p0355">225</a> , <a href="B9781597496278100066.xhtml#f0025">226f</a></div><div class="index-item" id="idx2461"><div class="index-heading">PUSH flag, port scanning</div><a href="B9781597496278100030.xhtml#p0245">99</a></div><div class="index-item" id="idx2462"><div class="index-heading">“Push” real-time integration, enterprise applications</div><a href="B9781597496278100030.xhtml#p0140">295</a></div><div class="index-item" id="idx2463"><div class="index-heading">Pychkine-Tews-Weinmann (PTW) attacks</div><div class="index-item" id="idx2464"><div class="index-heading">Aircrack-ng</div><a href="B9781597496278100030.xhtml#p1460">347</a> , <a href="B9781597496278100030.xhtml#p1490">355</a> , <a href="B9781597496278100030.xhtml#p0040">356</a></div><div class="index-item" id="idx2465"><div class="index-heading">WEP attacks</div><a href="B9781597496278100030.xhtml#p0340">328</a></div></div><div class="index-item" id="idx2466"><div class="index-heading">Python script usage examples</div><div class="index-item" id="idx2467"><div class="index-heading">dnsreverse.py</div><a href="B9781597496278100029.xhtml#p1700">66</a></div><div class="index-item" id="idx2468"><div class="index-heading">EXIF.py</div><a href="B9781597496278100042.xhtml#p0680">168</a></div><div class="index-item" id="idx2469"><div class="index-heading">fimap.py</div><a href="B9781597496278100066.xhtml#p1050">242</a></div><div class="index-item" id="idx2470"><div class="index-heading">forcedns.py</div><a href="B9781597496278100029.xhtml#p1570">66</a></div><div class="index-item" id="idx2471"><div class="index-heading">metagoofil.py</div><a href="B9781597496278100029.xhtml#p2335">73</a></div><div class="index-item" id="idx2472"><div class="index-heading">netxml2kml.py</div><a href="B9781597496278100030.xhtml#p0835">341</a></div><div class="index-item" id="idx2473"><div class="index-heading">theharvester.py</div><a href="B9781597496278100029.xhtml#p2040">71</a></div><div class="index-item" id="idx2474"><div class="index-heading">wafw00f.py</div><a href="B9781597496278100066.xhtml#p0760">234</a></div></div></div></body></html>