Overclock Project Forums

بازگشت   Overclock Project > عمومی > کتاب الکترونیکی | آموزش های ویدیویی

کتاب الکترونیکی | آموزش های ویدیویی در این بخش کتاب های الکترونیکی مرتبط با فناوری اطلاعات و آموزش های ویدیویی قرار می گیرند

Like Tree1Likes
  • 1 Post By AsadSAAD

پاسخ
 
LinkBack ابزارهای موضوع امتیاز موضوع نحوه نمایش
قدیمی 09-04-2013, 03:42 PM   #1
Big Boss
 
AsadSAAD آواتار ها
 
تاریخ عضویت: Aug 2011
محل سکونت: Near the LN2 POT
نوشته ها: 1,865
تشکر ها: 1,292
از این کاربر 3,107 بار در 1,280 ارسال تشکر شده است.
Rep Power: 10
AsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud ofAsadSAAD has much to be proud of
فرستادن پیام با Skype به AsadSAAD
Thumbs up دانلود کتاب بی نظیر advanced_penetration_testing_for_highly-secured_environments

دانلود کتاب از سرور اورکلاک پراجکت:

advanced_penetration_testing_for_highly-secured_environments.pdf

15.86 MB

سرفصل های این کتاب بی نظیر:



کد:
Chapter 1: Planning and Scoping for a Successful Penetration Test 7
  Introduction to advanced penetration testing 7
  Vulnerability assessments 8
  Penetration testing 8
  Advanced penetration testing 9
  Before testing begins 10
  Determining scope 10
  Setting limits — nothing lasts forever 12
  Rules of engagement documentation 12
  Planning for action 14
  Installing VirtualBox 14
  Installing your BackTrack virtual machine 16
  Preparing the virtual guest machine for BackTrack 16
  Installing BackTrack on the virtual disk image 20
  Exploring BackTrack 24
  Logging in 24
  Changing the default password 24
  Updating the applications and operating system 24
  Installing OpenOffice 26
  Effectively manage your test results 26
  Introduction to MagicTree 27
  Starting MagicTree 28
  Adding nodes 28
  Data collection 29
  Report generation 31
  Introduction to the Dradis Framework 32
  Exporting a project template 35
  Importing a project template 36
  Preparing sample data for import 36
  Importing your Nmap data 38
  Exporting data into HTML 39
  Dradis Category field 40
  Changing the default HTML template 40
  Summary 42
  Chapter 2: Advanced Reconnaissance Techniques 43
  Introduction to reconnaissance 44
  Reconnaissance workflow 46
  DNS recon 47
  Nslookup — it's there when you need it 47
  Default output 48
  Changing nameservers 48
  Creating an automation script 50
  What did we learn? 52
  Domain Information Groper (Dig) 52
  Default output 52
  Zone transfers using Dig 54
  Advanced features of Dig 55
  DNS brute forcing with fierce 58
  Default command usage 58
  Creating a custom wordlist 60
  Gathering and validating domain and IP information 61
  Gathering information with whois 62
  Specifying which registrar to use 63
  Where in the world is this IP? 63
  Defensive measures 64
  Using search engines to do your job for you 64
  SHODAN 64
  Filters 65
  Understanding banners 66
  Finding specific assets 68
  Finding people (and their documents) on the web 68
  Google hacking database 68
  Metagoofil 70
  Searching the Internet for clues 72
  Metadata collection 74
  Extracting metadata from photos using exiftool 74
  Summary 78
  Chapter 3: Enumeration: Choosing Your Targets Wisely 79
  Adding another virtual machine to our lab 80
  Configuring and testing our Vlab_1 clients 82
  BackTrack – Manual ifconfig 82
  Ubuntu – Manual ifconfig 83
  Verifying connectivity 83
  Maintaining IP settings after reboot 84
  Nmap — getting to know you 84
  Commonly seen Nmap scan types and options 85
  Basic scans — warming up 87
  Other Nmap techniques 88
  Remaining stealthy 88
  Shifting blame — the zombies did it! 92
  IDS rules, how to avoid them 94
  Using decoys 95
  Adding custom Nmap scripts to your arsenal 96
  How to decide if a script is right for you 97
  Adding a new script to the database 99
  SNMP: A goldmine of information just waiting to be discovered 100
  SNMPEnum 100
  SNMPCheck 103
  When the SNMP community string is NOT "public" 104
  Creating network baselines with scanPBNJ 106
  Setting up MySQL for PBNJ 106
  Starting MySQL 106
  Preparing the PBNJ database 106
  First scan 108
  Reviewing the data 108
  Enumeration avoidance techniques 111
  Naming conventions 111
  Port knocking 112
  Intrusion detection and avoidance systems 112
  Trigger points 112
  SNMP lockdown 113
  Summary 113
  Chapter 4: Remote Exploitation 115
  Exploitation – Why bother? 115
  Target practice – Adding a Kioptrix virtual machine 116
  Manual exploitation 118
  Enumerating services 119
  Quick scan with Unicornscan 120
  Full scan with Nmap 121
  Banner grabbing with Netcat and Ncat 123
  Banner grabbing with Netcat 123
  Banner grabbing with Ncat 124
  Banner grabbing with smbclient 124
  Searching Exploit-DB 125
  Exploit-DB at hand 127
  Compiling the code 130
  Compiling the proof of concept code 131
  Troubleshooting the code 131
  Running the exploit 133
  Getting files to and from victim machines 137
  Installing and starting a TFTP server on BackTrack 5 137
  Installing and configuring pure-ftpd 138
  Starting pure-ftpd 139
  Passwords: Something you know… 140
  Cracking the hash 140
  Brute forcing passwords 142
  THC Hydra 143
  Metasploit — learn it and love it 148
  Updating the Metasploit framework 148
  Databases and Metasploit 149
  Installing PostgreSQL on BackTrack 5 149
  Verifying database connectivity 150
  Performing an Nmap scan from within Metasploit 150
  Using auxiliary modules 152
  Using Metasploit to exploit Kioptrix 153
  Summary 158
  Chapter 5: Web Application Exploitation 159
  Practice makes perfect 160
  Installing Kioptrix Level 3 161
  Creating a Kioptrix VM Level 3 clone 163
  Installing and configuring Mutillidae 2.1.7 on the Ubuntu virtual machine 164
  Installing and configuring pfSense 166
  Preparing the virtual machine for pfSense 166
  pfSense virtual machine persistence 168
  Configuring the pfSense DHCP server 171
  Starting the virtual lab 172
  pfSense DHCP – Permanent reservations 173
  Installing HAProxy for load balancing 175
  Adding Kioptrix3.com to the host file 176
  Detecting load balancers 177
  Quick reality check – Load Balance Detector 177
  So, what are we looking for anyhow? 178
  Detecting Web Application Firewalls (WAF) 180
  Taking on Level 3 – Kioptrix 182
  Web Application Attack and Audit Framework (w3af) 182
  Using w3af GUI to save time 184
  Scanning by using the w3af console 185
  Using WebScarab as a HTTP proxy 192
  Introduction to Mantra 197
  Summary 200
  Chapter 6: Exploits and Client-Side Attacks 201
  Buffer overflows—A refresher 202
  "C"ing is believing—Create a vulnerable program 202
  Turning ASLR on and off in BackTrack 204
  Understanding the basics of buffer overflows 205
  Introduction to fuzzing 210
  Introducing vulnserver 213
  Fuzzing tools included in BackTrack 215
  Bruteforce Exploit Detector (BED) 215
  SFUZZ: Simple fuzzer 224
  Fast-Track 227
  Updating Fast-Track 230
  Client-side attacks with Fast-Track 231
  Social Engineering Toolkit 233
  Summary 237
  Chapter 7: Post-Exploitation 239
  Rules of engagement 240
  What is permitted? 240
  Can you modify anything and everything? 241
  Are you allowed to add persistence? 241
  How is the data that is collected and stored
  handled by you and your team? 242
  Employee data and personal information 242
  Data gathering, network analysis, and pillaging 242
  Linux 243
  Important directories and files 243
  Important commands 244
  Putting this information to use 245
  Enumeration 245
  Exploitation 246
  Were connected, now what? 247
  Which tools are available on the remote system 248
  Finding network information 249
  Determine connections 252
  Checking installed packages 253
  Package repositories 254
  Programs and services that run at startup 254
  Searching for information 255
  History files and logs 257
  Configurations, settings, and other files 261
  Users and credentials 262
  Moving the files 266
  Microsoft Windows™ post-exploitation 269
  Important directories and files 270
  Using Armitage for post-exploitation 271
  Enumeration 273
  Exploitation 274
  Were connected, now what? 277
  Networking details 279
  Finding installed software and tools 282
  Pivoting 284
  Summary 286
  Chapter 8: Bypassing Firewalls and Avoiding Detection 287
  Lab preparation 288
  BackTrack guest machine 289
  Ubuntu guest machine 290
  pfSense guest machine configuration 290
  pfSense network setup 291
  WAN IP configuration 292
  LAN IP configuration 293
  Firewall configuration 294
  Stealth scanning through the firewall 297
  Finding the ports 297
  Traceroute to find out if there is a firewall 297
  Finding out if the firewall is blocking certain ports 298
  Now you see me, now you don't — Avoiding IDS 301
  Canonicalization 302
  Timing is everything 304
  Blending in 304
  Looking at traffic patterns 306
  Cleaning up compromised hosts 308
  Using a checklist 308
  When to clean up 308
  Local log files 309
  Miscellaneous evasion techniques 309
  Divide and conquer 309
  Hiding out (on controlled units) 310
  File integrity monitoring 310
  Using common network management tools to do the deed 310
  Summary 311
  Chapter 9: Data Collection Tools and Reporting 313
  Record now — Sort later 314
  Old school — The text editor method 314
  Nano 314
  VIM — The power user's text editor of choice 316
  NoteCase 318
  Dradis framework for collaboration 319
  Binding to an available interface other than 127.0.0.1 320
  The report 322
  Challenge to the reader 330
  Summary 331
  Chapter 10: Setting Up Virtual Test Lab Environments 333
  Why bother with setting up labs? 333
  Keeping it simple 334
  No-nonsense test example 335
  Network segmentation and firewalls 335
  Requirements 336
  Setup 336
  Adding complexity or emulating target environments 343
  Configuring firewall1 347
  Installing additional packages in pfSense 349
  Firewall2 setup and configuration 350
  Web1 351
  DB1 352
  App1 352
  Admin1 353
  Summary 354
  Chapter 11: Take the Challenge – Putting It All Together 355
  The scenario 355
  The setup 356
  NewAlts Research Labs' virtual network 357
  Additional system modifications 360
  Web server modifications 360
  The challenge 362
  The walkthrough 363
  Defining the scope 364
  Determining the "why" 364
  So what is the "why" of this particular test? 365
  Developing the Rules of Engagement document 365
  Initial plan of attack 367
  Enumeration and exploitation 368
  Reporting 377
  Summary 378
Rezasam1 likes this.
__________________
KNOWLEDGE is POWER | Stronger Than Yesterday | 01001111 01110110 01100101 01110010 01100011 01101100 011011


Always Think and Choose the BETTER, not comfortable

ویرایش توسط AsadSAAD : 09-04-2013 در ساعت 04:00 PM
AsadSAAD آنلاین نیست.   پاسخ با نقل قول
کاربر مقابل از AsadSAAD عزیز به خاطر این پست مفید تشکر کرده است:
Rezasam1 (09-05-2013)
Ads
پاسخ

علاقه مندی ها (Bookmarks)

برچسب ها
(and, (dig), 10 determining, 10 setting, 12 planning, 12 rules, 14 installing, 16 installing, 16 preparing, 20 exploring, 24 changing, 24 installing, 24 logging, 24 updating, 26 effectively, 26 introduction, 27 starting, 28 adding, 28 data, 29 report, 31 introduction, 32 exporting, 35 importing, 36 importing, 36 preparing, 38 exporting, 39 dradis, 40 changing, 40 summary, 42 chapter, 43 introduction, 44 reconnaissance, 46 dns, 47 default, 47 nslookup, 48 changing, 48 creating, 50 what, 52 default, 52 domain, 52 zone, 54 advanced, 55 dns, 58 creating, 58 default, 60 gathering, 61 gathering, 62 specifying, 63 defensive, 63 where, 64 filters, 64 shodan, 64 using, 65 understanding, 66 finding, 68 finding, 68 google, 68 metagoofil, 7 introduction, 7 vulnerability, 70 searching, 72 metadata, 74 extracting, 74 summary, 78 chapter, 79 adding, 8 advanced, 8 penetration, 80 configuring, 82 backtrack, 82 ubuntu, 83 maintaining, 83 verifying, 84 commonly, 84 nmap, 85 basic, 87 other, 88 remaining, 88 shifting, 9 before, 92 ids, 94 using, 95 adding, action, advanced, advanced_penetration_testing_for_highly-secured_environments, applications, assessments, assets, automation, avoid, backtrack, banners, begins, blame, brute, category, chapter, choosing, clients, clues, collection, command, connectivity, custom, data, database, decoys, default, dig, disk, documentation, documents), domain, dradis, engagement, engines, enumeration:, exiftool, features, field, fierce, forcing, forever, framework, generation, groper, guest, hacking, html, ifconfig, image, import, information, internet, ip?, it!, it's, job, lab, lasts, learn?, limits, machine, magictree, manage, manual, measures, metadata, nameservers, nmap, nodes, openoffice, operating, options, output, password, penetration, people, photos, planning, project, reboot, recon, reconnaissance, registrar, results, rules, sample, scan, scans, scope, scoping, script, search, settings, specific, stealthy, successful, system, targets, techniques, template, test, testing, transfers, types, usage, validating, virtual, virtualbox, vlab_1, warming, web, whois, wisely, wordlist, workflow, world, zombies


کاربران در حال دیدن موضوع: 1 نفر (0 عضو و 1 مهمان)
 
ابزارهای موضوع
نحوه نمایش امتیاز به این موضوع
امتیاز به این موضوع:

مجوز های ارسال و ویرایش
شما نمیتوانید موضوع جدیدی ارسال کنید
شما امکان ارسال پاسخ را ندارید
شما نمیتوانید فایل پیوست در پست خود ضمیمه کنید
شما نمیتوانید پست های خود را ویرایش کنید

BB code هست فعال
شکلک ها فعال است
کد [IMG] فعال است
کد HTML فعال است
Trackbacks are فعال
Pingbacks are فعال
Refbacks are فعال



اکنون ساعت 06:03 AM برپایه ساعت جهانی (GMT - گرینویچ) +4.5 می باشد.


Design By Dynam Host
Powered by Overclock Project
Copyright © 2006 - 2017, Overclock Project.
تمامی حقوق مطالب و تصاویر محفوظ است، نقل و استفاده از آنها در سایت ها و نشریات تنها با ذکر منبع مجاز می باشد