Log In
Or create an account -> 
Imperial Library
  • Home
  • About
  • News
  • Upload
  • Forum
  • Help
  • Login/SignUp

Index
Table of Contents
Foreword Introduction
Who Should Read This Book? About This Book How to Use This Book What You Don’t Need to Read Foolish Assumptions How This Book Is Organized Icons Used in This Book Where to Go from Here
Part I: Building the Foundation for Security Testing
Chapter 1: Introduction to Ethical Hacking
Straightening Out the Terminology Recognizing How Malicious Attackers Beget Ethical Hackers Understanding the Need to Hack Your Own Systems Understanding the Dangers Your Systems Face Obeying the Ethical Hacking Principles Using the Ethical Hacking Process
Chapter 2: Cracking the Hacker Mindset
What You’re Up Against Who Breaks into Computer Systems Why They Do It Planning and Performing Attacks Maintaining Anonymity
Chapter 3: Developing Your Ethical Hacking Plan
Establishing Your Goals Determining Which Systems to Hack Creating Testing Standards Selecting Security Assessment Tools
Chapter 4: Hacking Methodology
Setting the Stage for Testing Seeing What Others See Scanning Systems Determining What’s Running on Open Ports Assessing Vulnerabilities Penetrating the System
Part II: Putting Security Testing in Motion
Chapter 5: Information Gathering
Gathering Public Information Mapping the Network
Chapter 6: Social Engineering
Introducing Social Engineering Starting Your Social Engineering Tests Why Attackers Use Social Engineering Understanding the Implications Performing Social Engineering Attacks Social Engineering Countermeasures
Chapter 7: Physical Security
Identifying Basic Physical Security Vulnerabilities Pinpointing Physical Vulnerabilities in Your Office
Chapter 8: Passwords
Understanding Password Vulnerabilities Cracking Passwords General Password Cracking Countermeasures Securing Operating Systems
Part III: Hacking Network Hosts
Chapter 9: Network Infrastructure Systems
Understanding Network Infrastructure Vulnerabilities Choosing Tools Scanning, Poking, and Prodding the Network Detecting Common Router, Switch, and Firewall Weaknesses Putting Up General Network Defenses
Chapter 10: Wireless Networks
Understanding the Implications of Wireless Network Vulnerabilities Choosing Your Tools Discovering Wireless Networks Discovering Wireless Network Attacks and Taking Countermeasures
Chapter 11: Mobile Devices
Sizing Up Mobile Vulnerabilities Cracking Laptop Passwords Cracking Phones and Tablets
Part IV: Hacking Operating Systems
Chapter 12: Windows
Introducing Windows Vulnerabilities Choosing Tools Gathering Information About Your Windows Vulnerabilities Detecting Null Sessions Checking Share Permissions Exploiting Missing Patches Running Authenticated Scans
Chapter 13: Linux
Understanding Linux Vulnerabilities Choosing Tools Gathering Information About Your Linux Vulnerabilities Finding Unneeded and Unsecured Services Securing the .rhosts and hosts.equiv Files Assessing the Security of NFS Checking File Permissions Finding Buffer Overflow Vulnerabilities Checking Physical Security Performing General Security Tests Patching Linux
Part V: Hacking Applications
Chapter 14: Communication and Messaging Systems
Introducing Messaging System Vulnerabilities Recognizing and Countering E-Mail Attacks Understanding Voice over IP
Chapter 15: Web Applications and Mobile Apps
Choosing Your Web Security Testing Tools Seeking Out Web Vulnerabilities Minimizing Web Security Risks Uncovering Mobile App Flaws
Chapter 16: Databases and Storage Systems
Diving Into Databases Following Best Practices for Minimizing Database Security Risks Opening Up About Storage Systems Following Best Practices for Minimizing Storage Security Risks
Part VI: Security Testing Aftermath
Chapter 17: Reporting Your Results
Pulling the Results Together Prioritizing Vulnerabilities Creating Reports
Chapter 18: Plugging Security Holes
Turning Your Reports into Action Patching for Perfection Hardening Your Systems Assessing Your Security Infrastructure
Chapter 19: Managing Security Processes
Automating the Ethical Hacking Process Monitoring Malicious Use Outsourcing Security Assessments Instilling a Security-Aware Mindset Keeping Up with Other Security Efforts
Part VII: The Part of Tens
Chapter 20: Ten Tips for Getting Security Buy-In
Cultivate an Ally and a Sponsor Don’t Be a FUDdy Duddy Demonstrate How the Organization Can’t Afford to Be Hacked Outline the General Benefits of Security Testing Show How Security Testing Specifically Helps the Organization Get Involved in the Business Establish Your Credibility Speak on Management’s Level Show Value in Your Efforts Be Flexible and Adaptable
Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test
The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods IT Governance and Compliance Are More than High-Level Checklist Audits Hacking Complements Audits and Security Evaluations Customers and Partners Will Ask, ‘How Secure Are Your Systems?’ The Law of Averages Works Against Businesses Security Assessments Improve the Understanding of Business Threats If a Breach Occurs, You Have Something to Fall Back On In-Depth Testing Brings Out the Worst in Your Systems Combining the Best of Penetration Testing and Vulnerability Assessments Is What You Need Proper Testing Can Uncover Weaknesses That Might Go Overlooked for Years
Chapter 22: Ten Deadly Mistakes
Not Getting Prior Approval Assuming You Can Find All Vulnerabilities During Your Tests Assuming You Can Eliminate All Security Vulnerabilities Performing Tests Only Once Thinking You Know It All Running Your Tests Without Looking at Things from a Hacker’s Viewpoint Not Testing the Right Systems Not Using the Right Tools Pounding Production Systems at the Wrong Time Outsourcing Testing and Not Staying Involved
Appendix: Tools and Resources
Advanced Malware Bluetooth Certifications Databases Denial of Service Protection Exploits General Research Tools Hacker Stuff Keyloggers Laws and Regulations Linux Live Toolkits Log Analysis Messaging Miscellaneous Mobile Networks Password Cracking Patch Management Security Education and Learning Resources Security Methods and Models Social Enginering and Phishing Source Code Analysis Statistics Storage System Hardening User Awareness and Training Voice over IP Vulnerability Databases Websites and Applications Windows Wireless Networks
About the Author Cheat Sheet Connect with Dummies End User License Agreement
  • ← Prev
  • Back
  • Next →
  • ← Prev
  • Back
  • Next →

Chief Librarian: Las Zenow <zenow@riseup.net>
Fork the source code from gitlab.

This is a mirror of the Tor onion service:
http://kx5thpx2olielkihfyo4jgjqfb7zx7wxr3sd4xzt26ochei4m6f7tayd.onion