Advanced Penetration Testing: Hacking the World's Most Secure Networks (Paperback)

Wil Allsopp

  • 出版商: Wiley
  • 出版日期: 2017-03-20
  • 定價: $1,750
  • 售價: 9.5$1,663
  • 語言: 英文
  • 頁數: 288
  • 裝訂: Paperback
  • ISBN: 1119367689
  • ISBN-13: 9781119367680
  • 相關分類: 駭客 Hack
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Build a better defense against motivated, organized, professional attacks

Advanced Penetration Testing: Hacking the World's Most Secure Networks takes hacking far beyond Kali linux and Metasploit to provide a more complex attack simulation. Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data—even from organizations without a direct Internet connection—this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures.

Typical penetration testing consists of low-level hackers attacking a system with a list of known vulnerabilities, and defenders preventing those hacks using an equally well-known list of defensive scans. The professional hackers and nation states on the forefront of today's threats operate at a much more complex level—and this book shows you how to defend your high security network.

  • Use targeted social engineering pretexts to create the initial compromise
  • Leave a command and control structure in place for long-term access
  • Escalate privilege and breach networks, operating systems, and trust structures
  • Infiltrate further using harvested credentials while expanding control

Today's threats are organized, professionally-run, and very much for-profit. Financial institutions, health care organizations, law enforcement, government agencies, and other high-value targets need to harden their IT infrastructure and human capital against targeted advanced attacks from motivated professionals. Advanced Penetration Testing goes beyond Kali linux and Metasploit and to provide you advanced pen testing for high security networks.

商品描述(中文翻譯)

建立一個更好的防禦機制,以對抗有動機、有組織、專業的攻擊。

《進階滲透測試:入侵世界上最安全的網絡》將滲透測試推向更高層次,超越了Kali Linux和Metasploit,提供了更複雜的攻擊模擬。本書介紹了在任何認證準備或常見防禦掃描器中未教授的技術,將社交工程、編程和漏洞利用融入到一種多學科的方法中,用於針對和破壞高安全環境。從發現和創建攻擊向量,無聲地穿越目標企業,建立命令並外洩數據,甚至從沒有直接互聯網連接的組織中外洩數據,本指南包含了提供更準確的系統防禦圖像的關鍵技術。自定義編碼示例使用VBA、Windows Scripting Host、C、Java、JavaScript、Flash等,涵蓋了標準庫應用程序和使用掃描工具繞過常見防禦措施的方法。

典型的滲透測試包括低級黑客使用已知漏洞列表對系統進行攻擊,而防禦者則使用同樣熟知的防禦掃描列表來防止這些攻擊。如今,領先於當今威脅的專業黑客和國家機構在更複雜的層次上運作,而本書將向您展示如何保護您的高安全網絡。


  • 使用有針對性的社交工程假設來創建初始入侵

  • 保留一個命令和控制結構,以便長期訪問

  • 提升特權並入侵網絡、操作系統和信任結構

  • 使用收集到的憑據進一步滲透並擴大控制範圍

如今的威脅是有組織、專業運營且追求利潤的。金融機構、醫療機構、執法機構、政府機構和其他高價值目標需要加強其IT基礎設施和人力資本,以對抗來自有動機的專業人士的有針對性高級攻擊。《進階滲透測試》超越了Kali Linux和Metasploit,為您提供了針對高安全網絡的進階滲透測試。