Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Title Page Copyright and Credits
Network Vulnerability Assessment
Packt Upsell
Why subscribe? PacktPub.com
Contributors
About the author About the reviewer Packt is searching for authors like you
Preface
Who this book is for What this book covers To get the most out of this book
Download the color images Conventions used
Get in touch
Reviews
Disclaimer
Vulnerability Management Governance
Security basics
The CIA triad
Confidentiality  Integrity Availability
Identification Authentication Authorization Auditing  Accounting  Non–repudiation  Vulnerability  Threats  Exposure  Risk  Safeguards  Attack vectors 
Understanding the need for security assessments
Types of security tests
Security testing Vulnerability assessment versus penetration testing Security assessment Security audit
Business drivers for vulnerability management
Regulatory compliance Satisfying customer demands Response to some fraud/incident Gaining a competitive edge Safeguarding/protecting critical infrastructures
Calculating ROIs Setting up the context
Bottom-up Top-down
Policy versus procedure versus standard versus guideline
Vulnerability assessment policy template
Penetration testing standards
Penetration testing lifecycle
Industry standards
Open Web Application Security Project testing guide
Benefits of the framework
Penetration testing execution standard
Benefits of the framework
Summary Exercises
Setting Up the Assessment Environment
Setting up a Kali virtual machine Basics of Kali Linux Environment configuration and setup
Web server Secure Shell (SSH) File Transfer Protocol (FTP) Software management
List of tools to be used during assessment Summary
Security Assessment Prerequisites
Target scoping and planning Gathering requirements
Preparing a detailed checklist of test requirements Suitable time frame and testing hours Identifying stakeholders
Deciding upon the type of vulnerability assessment
Types of vulnerability assessment
Types of vulnerability assessment based on the location
External vulnerability assessment Internal vulnerability assessment
Based on knowledge about environment/infrastructure
Black-box testing White-box testing Gray-box testing
Announced and unannounced testing Automated testing
Authenticated and unauthenticated scans Agentless and agent-based scans
Manual testing
Estimating the resources and deliverables Preparing a test plan Getting approval and signing NDAs
Confidentiality and nondisclosure agreements
Summary
Information Gathering
What is information gathering?
Importance of information gathering
Passive information gathering
Reverse IP lookup Site report Site archive and way-back Site metadata Looking for vulnerable systems using Shodan Advanced information gathering using Maltego theHarvester
Active information gathering
Active information gathering with SPARTA Recon-ng Dmitry
Summary
Enumeration and Vulnerability Assessment
What is enumeration? Enumerating services
HTTP FTP SMTP SMB DNS SSH VNC
Using Nmap scripts
http-methods smb-os-discovery http-sitemap-generator mysql-info
Vulnerability assessments using OpenVAS Summary
Gaining Network Access
Gaining remote access
Direct access Target behind router
Cracking passwords
Identifying hashes Cracking Windows passwords Password profiling Password cracking with Hydra
Creating backdoors using Backdoor Factory Exploiting remote services using Metasploit
Exploiting vsftpd Exploiting Tomcat
Hacking embedded devices using RouterSploit Social engineering using SET Summary
Assessing Web Application Security
Importance of web application security testing Application profiling Common web application security testing tools Authentication
Credentials over a secure channel Authentication error messages Password policy Method for submitting credentials OWASP mapping
Authorization
OWASP mapping
Session management
Cookie checks Cross-Site Request Forgery OWASP mapping
Input validation
OWASP mapping
Security misconfiguration
OWASP mapping
Business logic flaws
Testing for business logic flaws
Auditing and logging
OWASP mapping
Cryptography
OWASP mapping
Testing tools
OWASP ZAP Burp Suite
Summary
Privilege Escalation
What is privilege escalation? Horizontal versus vertical privilege escalation
Horizontal privilege escalation Vertical privilege escalation
Privilege escalation on Windows Privilege escalation on Linux Summary
Maintaining Access and Clearing Tracks
Maintaining access Clearing tracks and trails Anti-forensics Summary
Vulnerability Scoring
Requirements for vulnerability scoring Vulnerability scoring using CVSS
Base metric group
Exploitability metrics
Attack vector Attack complexity Privileges required User interaction
Scope
Impact metrics
Confidentiality impact Integrity impact Availability impact
Temporal metric group
Exploit code maturity Remediation level Report confidence
CVSS calculator Summary
Threat Modeling
What is threat modeling? Benefits of threat modeling Threat modeling terminology How to model threats? Threat modeling techniques
STRIDE DREAD
Threat modeling tools
Microsoft Threat Modeling Tool SeaSponge
Summary
Patching and Security Hardening
Defining patching? Patch enumeration
Windows patch enumeration Linux patch enumeration
Security hardening and secure configuration reviews
Using CIS benchmarks
Summary
Vulnerability Reporting and Metrics
Importance of reporting Type of reports
Executive reports Detailed technical reports
Reporting tools
Dradis KeepNote
Collaborative vulnerability management with Faraday v2.6 Metrics
Mean time to detect Mean time to resolve Scanner coverage Scan frequency by asset group Number of open critical/high vulnerabilities Average risk by BU, asset group, and so on Number of exceptions granted Vulnerability reopen rate Percentage of systems with no open high/critical vulnerability Vulnerability ageing
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab
.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion