Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework

Jessey Bullock

買這商品的人也買了...

商品描述

Master Wireshark to solve real-world security problems 

If you don’t already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment.

Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples.

Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, and the Metasploit Framework, the open-source framework for security testing. Lab-based virtual systems generate network traffic for analysis, investigation and demonstration. In addition to following along with the labs you will be challenged with end-of-chapter exercises to expand on covered material.

Lastly, this book explores Wireshark with Lua, the light-weight programming language. Lua allows you to extend and customize Wireshark’s features for your needs as a security professional. Lua source code is available both in the book and online. Lua code and lab source code are available online through GitHub, which the book also introduces. The book’s final two chapters greatly draw on Lua and TShark, the command-line interface of Wireshark.

By the end of the book you will gain the following:

  • Master the basics of Wireshark
  • Explore the virtual w4sp-lab environment that mimics a real-world network
  • Gain experience using the Debian-based Kali OS among other systems
  • Understand the technical details behind network attacks
  • Execute exploitation and grasp offensive and defensive activities, exploring them through Wireshark
  • Employ Lua to extend Wireshark features and create useful scripts

To sum up, the book content, labs and online material, coupled with many referenced sources of PCAP traces, together present a dynamic and robust manual for information security professionals seeking to leverage Wireshark.

 

商品描述(中文翻譯)

《Wireshark安全專業指南》:掌握Wireshark解決實際安全問題

如果您還沒有使用Wireshark進行各種信息安全任務,閱讀本書後您將會使用它。Wireshark成熟且功能強大,通常用於找出具有挑戰性的網絡問題的根本原因。本書將這種功能擴展到信息安全專業人員,並提供可下載的虛擬實驗環境。

《Wireshark安全專業指南》涵蓋了攻擊和防禦概念,適用於幾乎任何信息安全角色。無論您是從事網絡安全、惡意軟件分析、入侵檢測還是滲透測試,本書都通過相關且實用的示例演示了Wireshark的應用。

通過實驗場景和練習來掌握Wireshark。在本書的早期,提供了一個虛擬實驗環境,以便實際操作Wireshark。Wireshark結合了兩個流行的平台:以安全為重點的Linux發行版Kali和用於安全測試的開源框架Metasploit。基於實驗室的虛擬系統生成用於分析、調查和演示的網絡流量。除了跟隨實驗室的操作,您還將通過章節結尾的練習來擴展所學內容。

最後,本書還介紹了輕量級編程語言Lua與Wireshark的結合。Lua使您能夠擴展和自定義Wireshark的功能,以滿足您作為安全專業人員的需求。書中和線上都提供了Lua源代碼。Lua代碼和實驗室源代碼可通過GitHub在線獲取,本書也對此進行了介紹。本書的最後兩章主要涉及Lua和Wireshark的命令行界面TShark。

通過閱讀本書,您將獲得以下技能:

- 掌握Wireshark的基礎知識
- 探索模擬真實網絡的虛擬w4sp-lab環境
- 使用基於Debian的Kali操作系統等系統獲得實踐經驗
- 理解網絡攻擊的技術細節
- 執行利用並通過Wireshark掌握攻擊和防禦活動
- 使用Lua擴展Wireshark功能並創建有用的腳本

總之,本書的內容、實驗室和線上資料,以及許多參考的PCAP數據源,共同呈現了一本動態且強大的手冊,供信息安全專業人員利用Wireshark。