(Ebook) Hands on Hacking 1st Edition by Matthew Hickey, Jennifer Arcuri ISBN 9781119561453 1119561450

(Ebook) Hands on Hacking 1st Edition by Matthew Hickey, Jennifer Arcuri ISBN 9781119561453 1119561450

(Ebook) Hands on Hacking 1st Edition by Matthew Hickey, Jennifer Arcuri - Ebook PDF Instant Download/Delivery: 9781119561453, 1119561450
Full download (Ebook) Hands on Hacking 1st Edition after payment

Product details:

ISBN 10: 1119561450
ISBN 13: 9781119561453
Author: Matthew Hickey, Jennifer Arcuri

A fast, hands-on introduction to offensive hacking techniques

Hands-On Hacking teaches readers to see through the eyes of their adversary and apply hacking techniques to better understand real-world risks to computer networks and data. Readers will benefit from the author's years of experience in the field hacking into computer networks and ultimately training others in the art of cyber-attacks. This book holds no punches and explains the tools, tactics and procedures used by ethical hackers and criminal crackers alike.

We will take you on a journey through a hacker’s perspective when focused on the computer infrastructure of a target company, exploring how to access the servers and data. Once the information gathering stage is complete, you’ll look for flaws and their known exploits--including tools developed by real-world government financed state-actors.

•    An introduction to the same hacking techniques that malicious hackers will use against an organization

•    Written by infosec experts with proven history of publishing vulnerabilities and highlighting security flaws

•    Based on the tried and tested material used to train hackers all over the world in the art of breaching networks

•    Covers the fundamental basics of how computer networks are inherently vulnerable to attack, teaching the student how to apply hacking skills to uncover vulnerabilities

We cover topics of breaching a company from the external network perimeter, hacking internal enterprise systems and web application vulnerabilities. Delving into the basics of exploitation with real-world practical examples, you won’t find any hypothetical academic only attacks here. From start to finish this book will take the student through the steps necessary to breach an organization to improve its security.

Written by world-renowned cybersecurity experts and educators, Hands-On Hacking teaches entry-level professionals seeking to learn ethical hacking techniques. If you are looking to understand penetration testing and ethical hacking, this book takes you from basic methods to advanced techniques in a structured learning format

(Ebook) Hands on Hacking 1st Edition Table of contents:

Chapter 1: Hacking a Business Case

All Computers Are Broken

The Stakes

Blue, Red, and Purple Teams

Hacking is Part of Your Company's Immune System

Summary

Chapter 2: Hacking Ethically and Legally

Laws That Affect Your Work

Criminal Hacking

Hacking Neighborly

Legally Gray

Penetration Testing Methodologies

Authorization

Responsible Disclosure

Bug Bounty Programs

Legal Advice and Support

Hacker House Code of Conduct

Summary

Chapter 3: Building Your Hack Box

Hardware for Hacking

Linux or BSD?

Host Operating Systems

Verifying Downloads

Disk Encryption

Essential Software

Setting Up VirtualBox

Guest Additions

Testing Your Virtual Environment

Creating Vulnerable Servers

Summary

Chapter 4: Open Source Intelligence Gathering

Does Your Client Need an OSINT Review?

What Are You Looking For?

Where Do You Find It?

OSINT Tools

Grabbing Email Addresses from Google

Google Dorking the Shadows

A Brief Introduction to Passwd and Shadow Files

The Google Hacking Database

Have You Been “Pwned” Yet?

OSINT Framework Recon-ng

Recon-ng Under the Hood

Harvesting the Web

Document Metadata

Maltego

Social Media Networks

Shodan

Protecting Against OSINT

Summary

Chapter 5: The Domain Name System

The Implications of Hacking DNS

A Brief History of DNS

The DNS Hierarchy

A Basic DNS Query

Authority and Zones

DNS Resource Records

BIND9

DNS Hacking Toolkit

Finding Hosts

Finding the SOA with Dig

Hacking a Virtual Name Server

Port Scanning with Nmap

Digging for Information

Information Leak CHAOS

Zone Transfer Requests

Information-Gathering Tools

Searching for Vulnerabilities and Exploits

DNS Traffic Amplification

Metasploit

Carrying Out a Denial-of-Service Attack

DoS Attacks with Metasploit

DNS Spoofing

DNS Cache Poisoning

DNS Cache Snooping

DNSSEC

Fuzzing

Summary

Chapter 6: Electronic Mail

The Email Chain

Message Headers

Delivery Status Notifications

The Simple Mail Transfer Protocol

Sender Policy Framework

Scanning a Mail Server

Mail Software

User Enumeration via Finger

Brute-Forcing the Post Office

The Nmap Scripting Engine

CVE-2014-0160: The Heartbleed Bug

Exploiting CVE-2010-4345

Exploiting CVE-2017-7692

Summary

Chapter 7: The World Wide Web of Vulnerabilities

The World Wide Web

The Hypertext Transfer Protocol

Uniform Resource Identifiers

LAMP: Linux, Apache, MySQL, and PHP

Creepy Crawlers and Spiders

The Web Server Hacker's Toolkit

Port Scanning a Web Server

Manual HTTP Requests

Web Vulnerability Scanning

Guessing Hidden Web Content

Uploading Files

HTTP Authentication

Common Gateway Interface

Shellshock

SSL, TLS, and Heartbleed

Web Administration Interfaces

Web Proxies

Privilege Escalation

Summary

Chapter 8: Virtual Private Networks

What Is a VPN?

Internet Protocol Security

Internet Key Exchange

Transport Layer Security and VPNs

User Databases and Authentication

The NSA and VPNs

The VPN Hacker's Toolkit

VPN Hacking Methodology

Port Scanning a VPN Server

IKE-scan

OpenVPN

LDAP

OpenVPN and Shellshock

Exploiting CVE-2017-5618

Summary

Chapter 9: Files and File Sharing

What Is Network-Attached Storage?

File Permissions

NAS Hacking Toolkit

Port Scanning a File Server

The File Transfer Protocol

The Trivial File Transfer Protocol

Remote Procedure Calls

Server Message Block

Rsync

Network File System

NFS Privilege Escalation

Searching for Useful Files

Summary

Chapter 10: UNIX

UNIX System Administration

Solaris

UNIX Hacking Toolbox

Port Scanning Solaris

Telnet

Secure Shell

RPC

R-services

The Simple Network Management Protocol

The Common UNIX Printing System

The X Window System

Cron and Local Files

The Common Desktop Environment

Summary

Chapter 11: Databases

Types of Databases

Structured Query Language

User-Defined Functions

The Database Hacker's Toolbox

Common Database Exploitation

Port Scanning a Database Server

MySQL

PostgreSQL

Escaping Database Software

Oracle Database

MongoDB

Redis

Privilege Escalation via Databases

Summary

Chapter 12: Web Applications

The OWASP Top 10

The Web Application Hacker's Toolkit

Port Scanning a Web Application Server

Using an Intercepting Proxy

Manual Browsing and Mapping

Spidering

Identifying Entry Points

Web Vulnerability Scanners

Finding Vulnerabilities

Injection

Broken Authentication

Sensitive Data Exposure

XML External Entities

Broken Access Controls

Security Misconfiguration

Cross-Site Scripting

Insecure Deserialization

Known Vulnerabilities

Insufficient Logging and Monitoring

Privilege Escalation

Summary

Chapter 13: Microsoft Windows

Hacking Windows vs. Linux

Setting Up a Windows VM

A Windows Hacking Toolkit

Windows and the NSA

Port Scanning Windows Server

Microsoft DNS

Internet Information Services

Kerberos

Golden Tickets

NetBIOS

LDAP

Server Message Block

ETERNALBLUE

Enumerating Users

Microsoft RPC

Task Scheduler

Remote Desktop

The Windows Shell

PowerShell

Meterpreter

Hash Dumping

Passing the Hash

Privilege Escalation

Getting SYSTEM

Alternative Payload Delivery Methods

Bypassing Windows Defender

Summary

Chapter 14: Passwords

Hashing

The Password Cracker's Toolbox

Cracking

Hash Tables and Rainbow Tables

Adding Salt

Into the /etc/shadow

Different Hash Types

Pseudo-hashing

Microsoft Hashes

Guessing Passwords

The Art of Cracking

Random Number Generators

Summary

Chapter 15: Writing Reports

What Is a Penetration Test Report?

Common Vulnerabilities Scoring System

Report Writing as a Skill

What Should a Report Include?

Executive Summary

Technical Summary

Assessment Results

Supporting Information

Taking Notes

Proofreading

Delivery

People also search for (Ebook) Hands on Hacking 1st Edition:

hands on hacking matthew hickey pdf
    
hands on hacking pdf download
    
hands on hacking free pdf
    
hands on hacking filetype.pdf
    
hands on hacking book review

Tags: Matthew Hickey, Jennifer Arcuri, Hacking