Professional Penetration Testing
Creating and Learning in a Hacking Lab
- 2nd Edition - June 27, 2013
- Author: Thomas Wilhelm
- Language: English
Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find s… Read more
World Book Day celebration
Where learning shapes lives
Up to 25% off trusted resources that support research, study, and discovery.
Description
Description
Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices.
Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.
All disc-based content for this title is now available on the Web.
Key features
Key features
- Find out how to turn hacking and pen testing skills into a professional career
- Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers
- Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business
- Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester
Readership
Readership
Penetration testers, IT security consultants and practitioners
Table of contents
Table of contents
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest
PART II - Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks
PART III - Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest
Appendix A - Acronyms
Appendix B - Definitions
Review quotes
Review quotes
"...this is a detailed and thorough examination of both the technicalities and the business of pen-testing, and an excellent starting point for anyone getting into the field."—Network Security, March 2014
Product details
Product details
- Edition: 2
- Published: July 17, 2013
- Language: English
About the author
About the author
TW
Thomas Wilhelm
Thomas Wilhelm has been involved in Information Security since 1990, where he served in the U.S. Army for 8 years as a Signals Intelligence Analyst, Russian Linguist, and a Cryptanalyst. His expertise in the field of Information Security has led him to speak at prominent security conferences across the United States, including DefCon, HOPE, and CSI.
Thomas has contributed significantly to the field of professional penetration testing and information security. In his capacity as both a practice director and a managing director, he has played a pivotal role in executing offensive and defensive security initiatives for Fortune 100 companies and leading research and tool development that has influenced the security industry. Presently, he serves as a managing director at Redstone Securities and possesses master’s degrees in both Computer Science and Management.
His influence also extends to education where he formerly held the position of Associate Professor at Colorado Technical University. Thomas has also written various publications, including magazines and books. Through Pentest.TV, he continues to provide advanced security training and has obtained numerous certifications over the years, including the ISSMP, CISSP, CCNP Security, AWS Cloud Solutions Architect, AWS Cloud Security Specialist, and multiple Solaris certifications as well.