網絡安全滲透測試與防護
王立進,張宗寶,張鎮
- 出版商: 電子工業
- 出版日期: 2024-11-01
- 定價: $263
- 售價: 7.9 折 $208
- 語言: 簡體中文
- 頁數: 224
- ISBN: 712148384X
- ISBN-13: 9787121483844
-
相關分類:
Penetration-test
立即出貨
買這商品的人也買了...
-
$301Python 黑客攻防入門 -
FLAG'S 創客‧自造者工作坊 -- 資安衛士 破解駭客戲法$1,599$1,439 -
CQRS 命令查詢職責分離模式 (Command Query Responsibility Segregation)$500$390 -
Oracle 19c 從入門到精通 (視頻教學超值版)$534$507 -
$213計算機組成原理 -
計算機組成原理:作業系統概論Ⅰ$560$437 -
計算機組成原理:作業系統概論Ⅱ$600$468 -
計算機組成原理:基礎知識揭密, 2/e$520$406 -
$356實用黑客攻防技術 -
絕對會 Python 用場! 驚人的程式妙用$680$537 -
$356Kali滲透測試技術標準教程(實戰微課版) -
Linux Shell 命令行及腳本編程實例詳解, 2/e$599$569 -
APCS × Python 解題思路, 2/e$420$378 -
這樣寫 code 好不好?辨識、分析、改善,寫出易讀易維護的程式碼$630$498 -
為你自己學 Python$600$474 -
$469C和指針 -
Shell 從入門到精通, 2/e$599$569 -
資安鑑識分析:數位工具、情資安全、犯罪偵防與證據追蹤$560$437 -
Vue.js 3 高階程式設計:UI 元件庫開發實戰$534$507 -
程式設計原來不只有寫 CODE!銜接學校與職場的五堂軟體開發實習課 = Beyond Just Coding: Five Essential Lessons from Classroom to Career in Software Development$700$546 -
大數據 SQL 優化 : 原理與實踐$594$564 -
圖說演算法 -- 使用 C語言, 3/e【暢銷回饋版】$560$437 -
一個人的藍隊:企業資安防護技術實戰指南(iThome鐵人賽系列書)$650$507 -
邊緣 AI - 使用 NVIDIA Jetson Orin Nano 開發具備深度學習、電腦視覺與生成式 AI 功能的 ROS2 機器人$580$458 -
你的第一本 Git 與 GitHub 入門書:輕鬆實作本機與遠端儲存庫的版本控制$620$484
簡體館年度書展|現貨2書79折3書75折 詳見活動內容 »
-
VIP 95折
深入淺出 SSD 測試 : 固態存儲測試流程 方法與工具$594$564 -
VIP 95折
MCP 開發從入門到實戰$515$489 -
85折
$806Linux x64 匯編語言編程 -
VIP 95折
MCP 極簡開發 : 輕鬆打造高效智能體$479$455 -
VIP 95折
RISC-V 架構 DSP 處理器設計$534$507 -
VIP 95折
硬件系統模糊測試:技術揭秘與案例剖析$419$398 -
85折
$454RAG 實踐權威指南:構建精準、高效大模型之道 -
VIP 95折
CUDA 並行編程與性能優化$714$678 -
VIP 95折
生成式視覺模型原理與實踐$288$274 -
87折
$459AI大模型:賦能通信產業 -
VIP 95折
科學預測——預見科學之美$408$388 -
VIP 95折
Processing創意編程入門:從編程原理到項目案例$299$284 -
VIP 95折
大模型驅動的具身智能 架構,設計與實現$534$507 -
VIP 95折
納米級CMOS VLSI電路(可制造性設計)$474$450 -
VIP 95折
Manus應用與AI Agent設計指南:從入門到精通$359$341 -
87折
$360高薪Offer 簡歷、面試、談薪完全攻略 -
VIP 95折
軟件系統優化$534$507 -
VIP 95折
芯片的較量 (日美半導體風雲)$414$393 -
VIP 95折
Manus AI 智能體從入門到精通$294$279 -
87折
$981深度學習:基礎與概念 -
85折
$505GitHub Copilot 編程指南 -
87折
$469Cursor 與 Copilot 開發實戰 : 讓煩瑣編程智能化 -
85折
$551C#核心編程200例(視頻課程+全套源程序) -
VIP 95折
Verilog HDL計算機網絡典型電路算法設計與實現$354$336 -
VIP 95折
SAAS + AI 架構實戰:業務解析、架構設計、AI 應用$708$673
簡體館年度書展|現貨2書79折3書75折 詳見活動內容 »
-
85折
$806Linux x64 匯編語言編程
-
VIP 95折
MCP 極簡開發 : 輕鬆打造高效智能體
$479$455 -
VIP 95折
硬件系統模糊測試:技術揭秘與案例剖析
$419$398 -
VIP 95折
生成式視覺模型原理與實踐
$288$274 -
87折
$459AI大模型:賦能通信產業
-
VIP 95折
科學預測——預見科學之美
$408$388 -
VIP 95折
Processing創意編程入門:從編程原理到項目案例
$299$284 -
87折
$360高薪Offer 簡歷、面試、談薪完全攻略
-
VIP 95折
軟件系統優化
$534$507 -
85折
$505GitHub Copilot 編程指南
-
85折
$551C#核心編程200例(視頻課程+全套源程序)
-
VIP 95折
SAAS + AI 架構實戰:業務解析、架構設計、AI 應用
$708$673 -
VIP 95折
深入淺出 Docker, 2/e$419$398 -
85折
$658Unity 特效制作:Shader Graph 案例精講 -
79折
$275零基礎玩轉國產大模型DeepSeek -
VIP 95折
人工智能大模型:機器學習基礎$774$735 -
VIP 95折
RAG 極簡入門:原理與實踐$419$398 -
VIP 95折
大模型實戰 : 從零實現 RAG 與 Agent 系統$419$398 -
VIP 95折
算法趣學(第2版)$348$331 -
VIP 95折
大模型理論與實踐——打造行業智能助手$354$336 -
VIP 95折
大模型應用開發 RAG 實戰課$599$569 -
85折
$509生成式人工智能 (基於 PyTorch 實現) -
VIP 95折
機器人抓取力學$894$849 -
VIP 95折
集成電路版圖設計從入門到精通$474$450 -
VIP 95折
Java 學習筆記, 6/e$839$797
相關主題
商品描述
本書根據網絡安全服務工程師的技能要求及網絡安全管理與評估賽項規範,以網絡安全服務工程師的工作情景為主線進行邊寫 ,內容包括搭建網絡攻防環境、信息收集與漏洞掃描、 LINUX系統滲透測試與加固、 WINDOWS系統滲透測試與加固、數據庫系統滲透測試與加固、信息系統應急響應、 Web系統安全性測試、無線網絡安全性測試。本書內容針對性、適用性強,在同類高職院校網絡安全類類教材中是一部具有先進性的"崗課賽證融通”教材。
目錄大綱
項目一 滲透測試環境搭建 ·······································································.1
1.1 項目情境 ······················································································.2
1.2 項目任務 ······················································································.3
任務 1-1 安裝與配置 Kali Linux 操作機 ··············································.3
任務 1-2 安裝與管理 Kali Linux 軟件 ················································.21
任務 1-3 安裝與配置 Linux 靶機 ······················································.26
任務 1-4 安裝與配置 Windows 靶機 ··················································.30
1.3 項目拓展——滲透測試方法論 ··························································.45
1.4 練習題 ························································································.48
項目二 信息收集與漏洞掃描 ···································································.50
2.1 項目情境 ·····················································································.51
2.2 項目任務 ·····················································································.51
任務 2-1 通過公開網站收集信息 ·····················································.51
任務 2-2 使用 Nmap 工具收集信息 ··················································.56
任務 2-3 使用 Nmap 工具掃描漏洞 ··················································.61
任務 2-4 使用 Nessus 工具掃描漏洞 ·················································.65
任務 2-5 檢查主機弱口令 ······························································.74
2.3 項目拓展——深入認識漏洞 ·····························································.78
2.4 練習題 ························································································.79
網絡安全 滲透測試與防護
VI
項目三 Linux 操作系統滲透測試與加固 ·····················································.81
3.1 項目情境 ·····················································································.82
3.2 項目任務 ·····················································································.82
任務 3-1 利用 vsFTPd 後門漏洞進行滲透測試 ····································.82
任務 3-2 利用 Samba MS-RPC Shell 命令註入漏洞進行滲透測試 ·················.87
任務 3-3 利用 Samba Sysmlink 默認配置目錄遍歷漏洞進行滲透測試 ··········.90
任務 3-4 利用臟牛漏洞提升權限 ·····················································.94
任務 3-5 Linux 操作系統安全加固 ····················································.97
3.3 項目拓展——臟牛漏洞利用思路解析 ···············································.101
3.4 練習題 ······················································································.102
項目四 Windows 操作系統滲透測試與加固 ··············································.104
4.1 項目情境 ···················································································.105
4.2 項目任務 ···················································································.105
任務 4-1 利用 MS17_010_externalblue 漏洞進行滲透測試 ····················.105
任務 4-2 利用 CVE-2019-0708 漏洞進行滲透測試 ······························.113
任務 4-3 利用 Trusted Service Paths 漏洞提權 ····································.117
任務 4-4 社會工程學攻擊測試 ······················································.123
任務 4-5 利用 CVE-2020-0796 漏洞進行滲透測試 ······························.126
任務 4-6 Windows 操作系統安全加固 ·············································.133
4.3 項目拓展——社會工程學工具包 ·····················································.144
4.4 練習題 ······················································································.145
項目五 數據庫系統滲透測試與加固 ························································.147
5.1 項目情境 ···················································································.148
5.2 項目任務 ···················································································.148
任務 5-1 暴力破解 MySQL 弱口令 ·················································.148
任務 5-2 利用 UDF 對 MySQL 數據庫提權 ·······································.153
任務 5-3 利用弱口令對 SQL Server 數據庫進行滲透測試 ····················.159
目錄
VII
任務 5-4 利用 SQL Server 數據庫的 xp_cmdshell 組件提權 ···················.163
任務 5-5 數據庫系統安全加固 ······················································.167
5.3 項目拓展——MySQL 數據庫權限深入解析 ········································.172
5.4 練習題 ······················································································.174
項目六 無線網絡滲透測試與加固 ···························································.176
6.1 項目情境 ···················································································.177
6.2 項目任務 ···················································································.177
任務 6-1 無線網絡嗅探 ·······························································.177
任務 6-2 破解 WEP 加密的無線網絡 ··············································.182
任務 6-3 對 WPS 滲透測試 ···························································.186
任務 6-4 偽造釣魚熱點獲取密碼 ···················································.189
任務 6-5 無線網絡安全加固 ·························································.198
6.3 項目拓展——WiFi 加密算法 ··························································.201
6.4 練習題 ······················································································.202
項目七 滲透測試報告撰寫與溝通匯報 ·····················································.205
7.1 項目情境 ···················································································.206
7.2 項目任務 ···················································································.206
任務 7-1 滲透測試報告撰寫 ·························································.206
任務 7-2 項目溝通匯報 ·······························································.211
7.3 項目拓展-問題回答技巧 ·······························································.212
7.4 練習題 ······················································································.213
參考文獻 ····························································································.215
嚴正聲明 ····························································································.216
