Building Virtual Pentesting Labs for Advanced Penetration Testing by Cardwell, Kevin -- Read -- Imperial Library of Trantor

Log In

Or create an account ->

Imperial Library

Home
About
News
Upload
Forum

Help

Login/SignUp

Index

Building Virtual Pentesting Labs for Advanced Penetration Testing Credits About the Author About the Reviewers www.PacktPub.com Support files, eBooks, discount offers, and more Why subscribe? Free access for Packt account holders Preface What this book covers What you need for this book Who this book is for Conventions Reader feedback Customer support Errata Piracy Questions 1. Introducing Penetration Testing Security testing Authentication Authorization Confidentiality Integrity Availability Non-repudiation Abstract testing methodology Planning Nonintrusive target search Intrusive target search Data analysis Reporting Myths and misconceptions of pen testing Summary 2. Choosing the Virtual Environment Open source and free environments VMware Player VirtualBox Xen Hyper-V vSphere Hypervisor Commercial environments vSphere VMware Player Plus XenServer VMware Workstation Image conversion Converting from a physical to virtual environment Summary 3. Planning a Range Planning What are we trying to accomplish? By when do we have to accomplish it? Identifying vulnerabilities Vulnerability sites Vendor sites Summary 4. Identifying Range Architecture Building the machines Building new machines Conversion Cloning a virtual machine Selecting network connections The bridged setting Network Address Translation The host-only switch The custom settings Choosing range components The attacker machine Router Firewall Web server Summary 5. Identifying a Methodology The OSSTMM The Posture Review Logistics Active detection verification Visibility Audit Access verification Trust verification Control verification Process verification Configuration verification Property validation Segregation review Exposure verification Competitive intelligence scouting Quarantine verification Privileges audit Survivability validation Alert and log review CHECK NIST SP-800-115 The information security assessment methodology Technical assessment techniques Comparing tests and examinations Testing viewpoints Overt and covert Offensive Security Other methodologies Customization Summary 6. Creating an External Attack Architecture Establishing layered architectures Configuring firewall architectures iptables Deploying IDS/IPS and load balancers Intrusion Detection System (IDS) Intrusion Prevention System (IPS) Load balancers Integrating web application firewalls Summary 7. Assessment of Devices Assessing routers Evaluating switches MAC attacks VLAN hopping attacks GARP attacks Attacking the firewall Identifying the firewall rules Tricks to penetrate filters Summary 8. Architecting an IDS/IPS Range Deploying a network-based IDS Implementing the host-based IDS and endpoint security Working with virtual switches Evasion Determining thresholds Stress testing Shell code obfuscation Summary 9. Assessment of Web Servers and Web Applications Analyzing the OWASP Top Ten attacks Injection flaws Broken authentication and session management Cross-Site Scripting Insecure direct object references Security misconfiguration Sensitive data exposure Missing function-level access control Cross-Site Request Forgery Using known vulnerable components Invalidated redirects and forwards Identifying web application firewalls Penetrating web application firewalls Tools Summary 10. Testing Flat and Internal Networks The role of Vulnerability Scanners Microsoft Baseline Security Analyzer Open Vulnerability Assessment Language Scanning without credentials Nessus Scanning with credentials Dealing with host protection User Account Control The host firewall Endpoint protection Enhanced Mitigation Experience Toolkit Summary 11. Attacking Servers Common protocols and applications for servers Web File Transfer Protocol Protocol research Secure Shell Mail Database assessment MSSQL MySQL Oracle OS platform specifics Windows legacy Windows Server 2008 and 2012 Unix Linux MAC Summary 12. Exploring Client-side Attack Vectors Client-side attack methods Bait Lure Pilfering data from the client Using the client as a pivot point Pivoting Proxy exploitation Leveraging the client configuration Client-side exploitation Binary payloads Malicious PDF files Bypassing antivirus and other protection tools Obfuscation and encoding Summary 13. Building a Complete Cyber Range Creating the layered architecture Architecting the switching Segmenting the architecture A public DMZ A private DMZ Decoy DMZ Integrating decoys and honeypots Attacking the cyber range Recording the attack data for further training and analysis Summary Index

← Prev
Back
Next →

← Prev
Back
Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion