Learn Penetration Testing

• Perform entry-level penetration tests by learning various concepts and techniques
• Understand both common and not-so-common vulnerabilities from an attacker's perspective
• Get familiar with intermediate attack methods that can be used in real-world scenarios
• Understand how vulnerabilities are created by developers and how to fix some of them at source code level
• Become well versed with basic tools for ethical hacking purposes
• Exploit known vulnerable services with tools such as Metasploit

Sending information via the internet is not entirely private, as evidenced by the rise in hacking, malware attacks, and security threats. With the help of this book, you'll learn crucial penetration testing techniques to help you evaluate enterprise defenses. You'll start by understanding each stage of pentesting and deploying target virtual machines, including Linux and Windows. Next, the book will guide you through performing intermediate penetration testing in a controlled environment. With the help of practical use cases, you'll also be able to implement your learning in real-world scenarios. By studying everything from setting up your lab, information gathering and password attacks, through to social engineering and post exploitation, you'll be able to successfully overcome security threats. The book will even help you leverage the best tools, such as Kali Linux, Metasploit, Burp Suite, and other open source pentesting tools to perform these techniques. Toward the later chapters, you'll focus on best practices to quickly resolve security threats. By the end of this book, you'll be well versed with various penetration testing techniques so as to be able to tackle security threats effectively

• Enhance your penetration testing skills to tackle security threats
• Learn to gather information, find vulnerabilities, and exploit enterprise defenses
• Navigate secured systems with the most up-to-date version of Kali Linux (2019.1) and Metasploit (5.0.0)

Table of contents

1 Introduction to Penetration Testing
Technical requirements
What is penetration testing?
Stages of a penetration test
Getting started with your lab
Creating virtual machines in VMware, Hyper-V, and VirtualBox
Summary
Questions

2 Getting Started with Kali Linux
Technical requirements
An introduction to Kali Linux
Installing and configuring Kali Linux
Basic commands in Kali Linux
Scripting in Kali Linux
The essential tools of Kali Linux
Summary
Questions

3 Performing Information Gathering
Technical requirements
Passive information gathering
Active information gathering
Vulnerability scanning
Capturing traffic
Summary
Questions

4 Mastering Social Engineering
Technical requirements
What is social engineering?
Social engineering tools
Creating a social engineering campaign
Summary
Questions

5 Diving into the Metasploit Framework
Technical requirements
Introducing Metasploit
Finding modules
Adding modules
Metasploit options, shells, and payloads
Working with MSFvenom
Summary
Questions

6 Understanding Password Attacks
Technical requirements
Introduction to password attacks
Working with wordlists
Offline password attacks
Online password attacks
Dumping passwords from memory
Summary
Questions

7 Working with Burp Suite
Technical requirements
Understanding Burp Suite
Preparing your environment
Exploring and configuring Burp Suite components
Summary
Questions

8 Attacking Web Applications
Technical requirements
Preparing your environment
Types of web application security testing
The components of a web application
Understanding the HTTP protocol
Common web application attacks
Attacking web applications
Summary
Questions

9 Getting Started with Wireless Attacks
Technical requirements
Exploring wireless attacks
Compatible hardware
Wireless attack tools
Cracking WEP, WPA, and WPA2
Summary
Questions

10 Moving Laterally and Escalating Your Privileges
Technical requirements
Discovering post-exploitation techniques
Preparing your environment
Performing post-exploitation attacks
Summary
Questions

11 Antivirus Evasion
Technical requirements
The evolution of antivirus technologies
Concepts of antivirus evasion
Getting started with antivirus evasion
Testing evasion techniques
Summary
Questions

12 Maintaining Control within the Environment
Technical requirements
The importance of maintaining access
Techniques used to maintain access
Using tools for persistence
Summary
Questions

13 Reporting and Acting on Your Findings
Technical requirements
The importance of a penetration testing report
What goes into a penetration test report?
Tools for report writing
Recommending remediation options
Summary
Questions

14 Where Do I Go from Here?
Technical requirements
Knowledge maintenance
Toolkit maintenance
Purposefully vulnerable resources
Summary