Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
Planning and Scoping for a Successful Penetration Test
Introduction to advanced penetration testing
Effectively manage your test results
Introduction to the Dradis Framework
Advanced Reconnaissance Techniques
Introduction to reconnaissance
Gathering and validating domain and IP information
Using search engines to do your job for you
Enumeration: Choosing Your Targets Wisely
Adding another virtual machine to our lab
SNMP: A goldmine of information just waiting to be discovered
Creating network baselines with scanPBNJ
Enumeration avoidance techniques
Target practice — Adding a Kioptrix virtual machine
Getting files to and from victim machines
Passwords: Something you know…
Metasploit — learn it and love it
Detecting Web Application Firewalls (WAF)
Web Application Attack and Audit Framework (w3af)
Exploits and Client-Side Attacks
Buffer overflows — A refresher
Fuzzing tools included in BackTrack
Data gathering, network analysis, and pillaging
Bypassing Firewalls and Avoiding Detection
Stealth scanning through the firewall
Now you see me, now you don't — Avoiding IDS
Miscellaneous evasion techniques
Data Collection Tools and Reporting
Old school — The text editor method
Dradis framework for collaboration
Setting Up Virtual Test Lab Environments
Why bother with setting up labs?
Adding complexity or emulating target environments