A practical guide to hacker Penetration Testing--Interactive publishing network

This article is a computer class of high-quality pre-sale recommendation >>>>"Hacker Secrets Penetration Test Practical Guide"

The best penetration test in the Market book Beauty Asia ranked first through the simulation of penetration testing process throughout the use of various tools and techniques

Editor's recommendation

best-in-class penetration test book in the market, ranked first in the U.S.-Asia Test book field, and Rave
The book describes the tactics of penetration testing in rugby jargon, as shown in the following sections.
pre-match preparation-installation: The attack machines and tools used to configure the book.
before serving-scan the network: Before the strike, you need to scan to understand the environment you are about to face. This chapter will delve into the search for target information and the relevant content of intelligent scanning.
with ball-exploit: exploit the vulnerability found in the scan to attack the system. From now on, we have started to act.
manual detection techniques for-web applications: Sometimes you need to be creative and look for open goals. We'll see how to manually find and attack Web apps.
Cross-Infiltrate the intranet: How to get more important information over the network after a system is compromised.
assists-social engineering: by acting to confuse the enemy, this chapter will explain some of the social engineering skills.
Short Pass-an attack that requires physical access: a nice little kick that requires a very close distance. This will describe the attacks that require physical access.
four breakout-evade anti-virus detection: When you're close, the sneak attack is great. In most cases, you will be faced with anti-virus software obstruction. To address this obstacle, this chapter will introduce ways to circumvent the anti-virus system.
Secret Service -hack, exploit and trick: hack passwords, exploit exploits, and tips.
post-match-analysis report: Analysis of the competition process and results report.
Continuing Education: share with readers some of the things you need to do to improve penetration testing, such as attending safety meetings, attending training courses, reading related books, researching loopholes, and participating in CTF competitions.

Introduction to content

so-called penetration testing, is the use of various vulnerability scanning tools, The network security is evaluated by simulating the hacker's attack method.
This book uses a lot of real-life cases and tips for collecting stamps to explain some of the obstacles that you face during penetration testing and how to solve them. This book is divided into 10 chapters, covering the book's Attack machine/tool installation configuration, network scanning, exploit, manual search and searching for Web application vulnerabilities, how to gain more important information after the system, social work skills, physical access attacks, circumvent anti-virus software methods, Crack down on password related tips and the final results of the summary of knowledge.
The book is organized, the chapters are directly independent of each other, the reader can read on demand, can also be read by chapter. This book does not require the reader to have a background in penetration testing, but it will be more helpful to understand the content of the book if it has relevant experience.  

As a translator

Peter Kim, CEO and chairman of Secure Planet, has nearly 10 years of experience in the field of security and has been conducting penetration testing for the past 7 years. He has lectured on penetration testing and cyber security at Howard Community College, Maryland, and has extensive security-related certifications.

Partial catalogs

1th Pre-race preparation-Installation 1
1.1 Build penetration test Host 1
1.1.1 Hardware Specifications 1
1.1.2 Business software 2
1.1.3 Kali Linux (http://www.kali.org) 3
1.1.4 Windows virtual machine
1.2 Summary
2nd. Before serving-Scan network
2.1 External Scan
2.2 Discover Scripts (formerly known as Backtrack Scripts) (Kali Linux)
How to 2.2.1 Passive information collection
2.2.2 Use the leak library to find mailboxes, authentication information
2.3 External or internal proactive information collection
scanning of the 2.4 Web application
scanning process for the 2.4.1 Web application
scanning tools for the 2.4.2 Web application
2.5 Summary
The 3rd chapter with the ball-exploit
3.1 Metasploit (Windows/kali Linux) (http://www. metasploit.com)
3.1.1 Basic steps to configure Metasploit for remote attacks

3.1.2 Search for Metasploit's exploit (example of an ancient ms08-067 vulnerability) 41
3.2 Script 42
3.3 Summary 45
4th Manual detection Technology for-web applications 47
4.1 Penetration Testing of Web applications 47
4.1.1 SQL injection 47
4.1.2 Cross-site scripting (XSS) 57
4.1.3 Cross-site request forgery (CSRF) 65
4.1.4 Session Token 68
4.1.5 Fuzzy test/input Validation 70
4.1.6 function/business logic Test 75
4.2 Summary 75

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

A practical Guide to penetration testing of hackers ' secrets-interactive Publishing network