Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
Security Posture
The current threat landscape
The credentials – authentication and authorization
Apps
Data
Cybersecurity challenges
Old techniques and broader results
The shift in the threat landscape
Enhancing your security posture
Cloud Security Posture Management
The Red and Blue Teams
Assume breach
Summary
References
Incident Response Process
The incident response process
Reasons to have an IR process in place
Creating an incident response process
Incident response team
Incident life cycle
Handling an incident
Best practices to optimize incident handling
Post-incident activity
Real-world scenario
Lessons learned
Incident response in the cloud
Updating your IR process to include cloud
Appropriate toolset
IR Process from the Cloud Solution Provider (CSP) perspective
Summary
References
What is a Cyber Strategy?
Introduction
Why do we need to build a cyber strategy?
How to build a cyber strategy
Understand the business
Understand threats and risks
Document
Best cyber attack strategies (Red Team)
External testing strategies
Internal testing strategies
Blind testing strategy
Targeted testing strategy
Best cyber defense strategies (Blue Team)
Defense in depth
Defense in breadth
Summary
Further reading
Understanding the Cybersecurity Kill Chain
Introducing the Cyber Kill Chain
Reconnaissance
Weaponization
Privilege Escalation
Vertical privilege escalation
Horizontal privilege escalation
Exfiltration
Sustainment
Assault
Obfuscation
Obfuscation Techniques
Dynamic code obfuscation
Hiding Trails
Threat Life Cycle Management
Data Collection Phase
Discovery Phase
Qualification Phase
Investigation Phase
Neutralization Phase
Recovery Phase
Shared files
Tools used in the Cyber Kill Chain Phases
Nmap
Zenmap
Metasploit
John the Ripper
Hydra
Wireshark
Aircrack-ng
Nikto
Kismet
Airgeddon
Deauther Board
Mitigations against wireless attacks
EvilOSX
Cybersecurity Kill Chain Summary
Lab – Hacking Wireless Network/s via Evil Twin Attack
The Lab Scenario
Step 1 – Ensure you have all required hardware and software for the "simulated attack"
Step 2 – Install Airgeddon in Kali
Step 3 – Configure Airgeddon
Step 4 – Select target
Step 5 – Gather the handshake
Step 6 – Set the phishing page
Step 7 – Capture the network credentials
Lab Summary
References
Further reading
Reconnaissance
External reconnaissance
Webshag
PhoneInfoga
Email harvester – TheHarvester
Web Browser Enumeration Tools
Penetration Testing Kit
Netcraft
Dumpster diving
Social media
Social engineering
Pretexting
Diversion theft
Phishing
Keepnet Labs
Water holing
Baiting
Quid pro quo
Tailgating
Internal reconnaissance
Airgraph-ng
Sniffing and scanning
Prismdump
Tcpdump
Nmap
Wireshark
Scanrand
Masscan
Cain and Abel
Nessus
Metasploit
Aircrack-ng
Wardriving
Hak5 Plunder Bug
CATT
Canary token links
Summary
LAB
Google Hacking
Part 1: Hacking personal information
Part 2: Hacking Servers
References
Compromising the System
Analyzing current trends
Extortion attacks
Data manipulation attacks
IoT device attacks
Backdoors
Mobile device attacks
Hacking everyday devices
Hacking the cloud
The appeal of cloud attacks
Cloud Hacking Tools
CloudTracker
OWASP DevSlop Tool
Cloud security recommendations
Phishing
Exploiting a vulnerability
Hot Potato
Zero-day
WhatsApp vulnerability (CVE-2019-3568)
Chrome zero-day vulnerability (CVE-2019-5786)
Windows 10 Privilege escalation
Windows privilege escalation vulnerability (CVE20191132)
Fuzzing
Source code analysis
Types of zero-day exploits
Buffer overflows
Structured exception handler overwrites
Performing the steps to compromise a system
Deploying payloads
Installing and using a vulnerability scanner
Using Metasploit
Compromising operating systems
Compromising a remote system
Compromising web-based systems
Mobile phone (iOS / Android attacks)
Exodus
SensorID
iPhone hack by Cellebrite
Man-in-the-disk
Spearphone (loudspeaker data capture on Android)
Tap n Ghost
Red and Blue Team Tools for Mobile Devices
Snoopdroid
Androguard
Frida
Cycript
iOS Implant Teardown
Lab
Building a Red Team PC in Windows
Lab 2: Hack those websites (legally!)
bWAPP
HackThis!!
OWASP Juice Shop Project
Try2Hack
Google Gruyere
Damn Vulnerable Web Application (DVWA)
Summary
References
Further reading
Chasing a User's Identity
Identity is the new perimeter
Strategies for compromising a user's identity
Gaining access to the network
Harvesting credentials
Hacking a user's identity
Brute force
Social engineering
Pass the hash
Identity theft through mobile devices
Other methods for hacking an identity
Summary
References
Lateral Movement
Infiltration
Network mapping
Avoiding alerts
Performing lateral movement
Think like a Hacker
Port scans
Sysinternals
File shares
Windows DCOM
Remote Desktop
PowerShell
Windows Management Instrumentation
Scheduled tasks
Token stealing
Stolen credentials
Removable media
Tainted Shared Content
Remote Registry
TeamViewer
Application deployment
Network Sniffing
ARP spoofing
AppleScript and IPC (OS X)
Breached host analysis
Central administrator consoles
Email pillaging
Active Directory
Admin shares
Pass the ticket
Pass the hash (PtH)
Winlogon
Lsass.exe Process
Security Accounts Manager (SAM) database
Domain Active Directory Database (NTDS.DIT):
Credential Manager (CredMan) store:
PtH Mitigation Recommendations
Lab
Hunting Malware without antivirus
Summary
References
Further reading
Privilege Escalation
Infiltration
Horizontal Privilege Escalation
Vertical Privilege Escalation
Avoiding alerts
Performing Privilege Escalation
Exploiting unpatched operating systems
Access token manipulation
Exploiting accessibility features
Application shimming
Bypassing user account control
DLL injection
DLL search order hijacking
Dylib hijacking
Exploration of vulnerabilities
Launch daemon
Hands-on example of Privilege Escalation on a Windows target
Privilege escalation techniques
Dumping the SAM file
Rooting Android
Using the /etc/passwd file
Extra window memory injection
Hooking
New services
Scheduled tasks
Windows Boot Sequence
Startup items
Startup 101
Sudo caching
Additional tools for privilege escalation
0xsp Mongoose v1.7
Conclusion and lessons learned
Summary
Lab 1
Lab 2
Part 1 – Retrieving passwords from LSASS
Part 2 – Dumping Hashes with PowerSploit
Lab 3: HackTheBox
References
Security Policy
Reviewing your security policy
Educating the end user
Social media security guidelines for users
Security awareness training
Policy enforcement
Application whitelisting
Hardening
Monitoring for compliance
Continuously driving security posture enhancement via security policy
Summary
References
Network Segmentation
The defense in depth approach
Infrastructure and services
Documents in transit
Endpoints
Physical network segmentation
Discovering your network
Securing remote access to the network
Site-to-site VPN
Virtual network segmentation
Zero trust network
Planning zero trust network adoption
Hybrid cloud network security
Cloud network visibility
Summary
Ref
Active Sensors
Detection capabilities
Indicators of compromise
Intrusion detection systems
Intrusion prevention system
Rule-based detection
Anomaly-based detection
Behavior analytics on-premises
Device placement
Behavior analytics in a hybrid cloud
Azure Security Center
Analytics for PaaS workloads
Summary
References
Threat Intelligence
Introduction to threat intelligence
Open source tools for threat intelligence
Free threat intelligence feeds
Microsoft threat intelligence
Azure Sentinel
Leveraging threat intelligence to investigate suspicious activity
Summary
Refe
Investigating an Incident
Scoping the issue
Key artifacts
Investigating a compromised system on-premises
Investigating a compromised system in a hybrid cloud
Integrating Azure Security Center with your SIEM for Investigation
Proactive investigation (threat hunting)
Lessons learned
Summary
References
Recovery Process
Disaster recovery plan
The disaster recovery planning process
Forming a disaster recovery team
Performing risk assessment
Prioritizing processes and operations
Determining recovery strategies
Collecting data
Creating the DR plan
Testing the plan
Obtaining approval
Maintaining the plan
Challenges
Contingency planning
IT contingency planning process
Development of the contingency planning policy
Conducting business impact analysis
Identifying the preventive controls
Business continuity vs Disaster recovery
Developing recovery strategies
Live recovery
Plan maintenance
Cyber Incident Recovery Examples from the field
Risk management tools
RiskNAV
IT Risk Management App
Best practices for recovery planning
Disaster recovery best practices
On-Premises
On the cloud
Hybrid
Cyber-resilient recommendations
Summary
Resources for DR Planning
References
Further reading
Vulnerability Management
Creating a vulnerability management strategy
Asset inventory
Information management
Risk assessment
Scope
Collecting data
Analysis of policies and procedures
Vulnerability analysis
Threat analysis
Analysis of acceptable risks
Vulnerability assessment
Reporting and remediation tracking
Response planning
Vulnerability management tools
Asset inventory tools
Peregrine tools
LANDesk Management Suite
StillSecure
McAfee's Enterprise
Information management tools
Risk assessment tools
Vulnerability assessment tools
Reporting and remediation tracking tools
Response planning tools
Implementation of vulnerability management
Best practices for vulnerability management
Vulnerability management tools
Intruder
Patch Manager Plus
InsightVM
Azure Threat & Vulnerability Management
Implementing vulnerability management with Nessus
OpenVAS
Qualys
Acunetix
LABS
Lab 1: Performing an online vulnerability scan with Acunetix
Lab 2: Network security scan with GFI LanGuard
Summary
References
Log Analysis
Data correlation
Operating system logs
Windows logs
Linux logs
Firewall logs
Web server logs
Amazon Web Services (AWS) logs
Accessing AWS logs from Azure Sentinel
Azure Activity logs
Accessing Azure Activity logs from Azure Sentinel
Summary
Refere
Other Books You May Enjoy
Index
← Prev
Back
Next →
← Prev
Back
Next →