The Hacker Playbook 3: Practical Guide To Penetration Testing (Paperback)

Peter Kim

買這商品的人也買了...

商品描述

Back for the third season, The Hacker Playbook 3 (THP3) takes your offensive game to the pro tier. With a combination of new strategies, attacks, exploits, tips and tricks, you will be able to put yourself in the center of the action toward victory.

The main purpose of this book is to answer questions as to why things are still broken. For instance, with all the different security products, secure code reviews, defense in depth, and penetration testing requirements, how are we still seeing massive security breaches happening to major corporations and governments? The real question we need to ask ourselves is, are all the safeguards we are putting in place working? This is what The Hacker Playbook 3 - Red Team Edition is all about.

By now, we are all familiar with penetration testing, but what exactly is a Red Team? Red Teams simulate real-world, advanced attacks to test how well your organization's defensive teams respond if you were breached. They find the answers to questions like: Do your incident response teams have the right tools, skill sets, and people to detect and mitigate these attacks? How long would it take them to perform these tasks and is it adequate? This is where you, as a Red Teamer, come in to accurately test and validate the overall security program.

THP3 will take your offensive hacking skills, thought processes, and attack paths to the next level. This book focuses on real-world campaigns and attacks, exposing you to different initial entry points, exploitation, custom malware, persistence, and lateral movement--all without getting caught! This heavily lab-based book will include multiple Virtual Machines, testing environments, and custom THP tools.

So grab your helmet and let's go break things! For more information, visit http://thehackerplaybook.com/about/.

商品描述(中文翻譯)

第三季的《駭客攻略手冊3》(THP3)回歸,將帶領你的攻擊技巧提升至專業級別。透過結合新的策略、攻擊手法、漏洞利用、技巧和竅門,你將能夠將自己置於行動的中心,朝向勝利邁進。

本書的主要目的是回答為什麼事情仍然會出錯的問題。例如,儘管有各種不同的安全產品、安全代碼審查、防禦層級和滲透測試要求,為什麼我們仍然看到大型企業和政府發生嚴重的安全漏洞?我們真正需要問自己的問題是,我們所設置的所有保障措施是否有效?這就是《駭客攻略手冊3 - 紅隊版》所關注的內容。

現在,我們都對滲透測試很熟悉,但紅隊到底是什麼?紅隊模擬現實世界中的高級攻擊,測試你的組織的防禦團隊對入侵的應對能力。他們找到答案,例如:你的事件應對團隊是否擁有正確的工具、技能和人員來檢測和緩解這些攻擊?他們執行這些任務需要多長時間,是否足夠?這就是你作為紅隊成員的角色,準確測試和驗證整體安全計劃的地方。

《駭客攻略手冊3》將提升你的攻擊技巧、思維過程和攻擊路徑至更高水平。本書專注於現實世界的攻擊和行動,讓你接觸不同的初始入口點、利用漏洞、自定義惡意軟體、持久性和橫向移動,而且一切都不會被發現!這本以實驗室為基礎的書籍將包含多個虛擬機器、測試環境和自定義的THP工具。

所以,拿起你的頭盔,讓我們去破壞一些東西吧!欲了解更多信息,請訪問http://thehackerplaybook.com/about/。