渗透测试实践指南:必知必会的工具与方法(样章).pdf 🔍
渗透测试实践指南:必知必会的工具与方法(样章).pdf
北京:机械工业出版社, Elsevier Ltd., Waltham, MA, 2010
英语 [en] · 中文 [zh] · PDF · 34.7MB · 2010 · 📘 非小说类图书 · 🚀/duxiu/lgli/upload/zlib · Save
描述
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. This book makes ethical hacking and penetration testing easy – no prior hacking experience is required. It shows how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. With a simple and clean explanation of how to effectively utilize these tools – as well as the introduction to a four-step methodology for conducting a penetration test or hack – the book provides students with the know-how required to jump start their careers and gain a better understanding of offensive security. The book is organized into 7 chapters that cover hacking tools such as Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. PowerPoint slides are available for use in class. This book is an ideal reference for security consultants, beginning InfoSec professionals, and students. Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases. Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University. Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.
备用文件名
lgli/渗透测试实践指南:必知必会的工具与方法(样章).pdf - 渗透测试实践指南:必知必会的工具与方法(样章).pdf.pdf
备用文件名
zlib/Computers/Security/渗透测试实践指南:必知必会的工具与方法(样章).pdf/渗透测试实践指南:必知必会的工具与方法(样章).pdf_15932230.pdf
备选标题
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)
备选标题
渗透测试实践指南 : 必知必会的工具与方法 : ethical hacking and penetration testing made easy (美)Patrick Engebretson著 ; 缪纶, 只莹莹, 蔡金栋译
备选标题
渗透测试实践指南 : 必知必会的工具与方法 = The basics of hacking and penetration testing
备选作者
(美)Patrick Engebretson著 ; 缪纶, 只莹莹, 蔡金栋译; 蔡金栋; Miu lun; Zhi ying ying; Cai jin dong; 恩格布雷森; 缪纶; 只莹莹
备选作者
Patrick Engebretson; technical editor, James Broad
备选作者
恩格布雷森 (Engebretson, Patrick)
备选作者
Patrick Henry Engebretson
备选作者
Adobe InDesign CS3 (5.0)
备选作者
(美)恩格布雷森著;缪纶,只莹莹,蔡金栋译
备选作者
恩格布雷森; 缪纶; 只莹莹; 蔡金栋
备用出版商
China Machine Press
备用出版商
Syngress Publishing
备用出版商
Elsevier
备用版本
Syngress the basics, Waltham, MA, Massachusetts, 2011
备用版本
Syngress basics series, Waltham, MA, ©2011
备用版本
United States, United States of America
备用版本
China, People's Republic, China
备用版本
Di 1 ban, Beijing, 2013
备用版本
1st edition, PS, 2011
备用版本
Bei jing, 2013
元数据中的注释
producers:
Adobe PDF Library 8.0
Adobe PDF Library 8.0
元数据中的注释
Includes index.
Includes bibliographical references and index.
Includes bibliographical references and index.
元数据中的注释
Bookmarks: p1 (p1): 第1章 渗透测试
p1-1 (p1): 1.1内容简介
p1-2 (p3): 1.2 Backtrack Linux介绍
p1-3 (p7): 1.3使用Backtrack:启动引擎
p1-4 (p10): 1.4黑客实验环境的搭建与使用
p1-5 (p11): 1.5渗透测试的步骤
p1-6 (p15): 1.6本章回顾
p1-7 (p15): 1.7小结
p2 (p17): 第2章 侦察
p2-1 (p17): 2.1内容简介
p2-2 (p21): 2.2 HTTrack:网站复制机
p2-3 (p24): 2.3 Google指令——Google搜索实践
p2-4 (p29): 2.4 The Harvester:挖掘并利用邮箱地址
p2-5 (p31): 2.5 Whois
p2-6 (p34): 2.6 Netcraft
p2-7 (p35): 2.7 host工具
p2-8 (p36): 2.8从DNS中提取信息
p2-8-1 (p37): 2.8.1 NS Lookup
p2-8-2 (p39): 2.8.2 Dig
p2-9 (p39): 2.9从电子邮件服务器提取信息
p2-10 (p40): 2.10 MetaGooFil
p2-11 (p42): 2.11社会工程学
p2-12 (p43): 2.12筛选信息以寻找可攻击的目标
p2-13 (p44): 2.13如何实践
p2-14 (p44): 2.14接下来该做什么
p2-15 (p45): 2.15小结
p3 (p47): 第3章 扫描
p3-1 (p47): 3.1内容简介
p3-2 (p50): 3.2 ping和ping扫描
p3-3 (p52): 3.3端口扫描
p3-3-1 (p53): 3.3.1三次握手
p3-3-2 (p54): 3.3.2使用Nmap进行TCP连接扫描
p3-3-3 (p55): 3.3.3使用Nmap进行SYN扫描
p3-3-4 (p57): 3.3.4使用Nmap进行UDP扫描
p3-3-5 (p60): 3.3.5使用Nmap执行Xmas扫描
p3-3-6 (p61): 3.3.6使用Nmap执行Null扫描
p3-3-7 (p62): 3.3.7端口扫描总结
p3-4 (p63): 3.4漏洞扫描
p3-5 (p66): 3.5如何实践
p3-6 (p68): 3.6接下来该做什么
p3-7 (p68): 3.7小结
p4 (p69): 第4章 漏洞利用
p4-1 (p69): 4.1内容简介
p4-2 (p71): 4.2利用Medusa获得远程服务的访问权限
p4-3 (p74): 4.3 Metasploit
p4-4 (p87): 4.4 John the Ripper:密码破解之王
p4-5 (p96): 4.5密码重置:破墙而入
p4-6 (p99): 4.6嗅探网络流量
p4-7 (p100): 4.7 macof:泛洪攻击交换机
p4-8 (p104): 4.8 Fast-Track Autopwn:自动化漏洞攻击
p4-9 (p108): 4.9如何实践
p4-10 (p110): 4.10接下来该做什么
p4-11 (p112): 4.11小结
p5 (p115): 第5章 基于Web的漏洞利用
p5-1 (p115): 5.1内容简介
p5-2 (p116): 5.2扫描Web服务器:Nikto
p5-3 (p117): 5.3 Websecurify:自动化的Web漏洞扫描
p5-4 (p119): 5.4网络爬虫:抓取目标网站
p5-5 (p122): 5.5使用WebScarab拦截请求
p5-6 (p125): 5.6代码注入攻击
p5-7 (p129): 5.7跨站脚本:轻信网站的浏览器
p5-8 (p133): 5.8如何实践
p5-9 (p134): 5.9接下来该做什么
p5-10 (p135): 5.10小结
p6 (p137): 第6章 使用后门和rootkit维持访问
p6-1 (p137): 6.1内容简介
p6-2 (p138): 6.2 Netcat:瑞士军刀
p6-3 (p144): 6.3 Netcat神秘的家族成员:Cryptcat
p6-4 (p145): 6.4 Netbus:一款经典的工具
p6-5 (p146): 6.5 rootkit
p6-6 (p152): 6.6 rootkit的检测与防御
p6-7 (p154): 6.7如何实践
p6-8 (p155): 6.8接下来该做什么
p6-9 (p156): 6.9小结
p7 (p157): 第7章 渗透测试总结
p7-1 (p157): 7.1内容简介
p7-2 (p158): 7.2编写渗透测试报告
p7-2-1 (p159): 7.2.1综合报告
p7-2-2 (p159): 7.2.2详细报告
p7-2-3 (p161): 7.2.3原始输出
p7-3 (p164): 7.3继续前行
p7-4 (p166): 7.4接下来该做什么
p7-5 (p168): 7.5结束语
p7-6 (p169): 7.6学无止境
p7-7 (p169): 7.7小结
p1-1 (p1): 1.1内容简介
p1-2 (p3): 1.2 Backtrack Linux介绍
p1-3 (p7): 1.3使用Backtrack:启动引擎
p1-4 (p10): 1.4黑客实验环境的搭建与使用
p1-5 (p11): 1.5渗透测试的步骤
p1-6 (p15): 1.6本章回顾
p1-7 (p15): 1.7小结
p2 (p17): 第2章 侦察
p2-1 (p17): 2.1内容简介
p2-2 (p21): 2.2 HTTrack:网站复制机
p2-3 (p24): 2.3 Google指令——Google搜索实践
p2-4 (p29): 2.4 The Harvester:挖掘并利用邮箱地址
p2-5 (p31): 2.5 Whois
p2-6 (p34): 2.6 Netcraft
p2-7 (p35): 2.7 host工具
p2-8 (p36): 2.8从DNS中提取信息
p2-8-1 (p37): 2.8.1 NS Lookup
p2-8-2 (p39): 2.8.2 Dig
p2-9 (p39): 2.9从电子邮件服务器提取信息
p2-10 (p40): 2.10 MetaGooFil
p2-11 (p42): 2.11社会工程学
p2-12 (p43): 2.12筛选信息以寻找可攻击的目标
p2-13 (p44): 2.13如何实践
p2-14 (p44): 2.14接下来该做什么
p2-15 (p45): 2.15小结
p3 (p47): 第3章 扫描
p3-1 (p47): 3.1内容简介
p3-2 (p50): 3.2 ping和ping扫描
p3-3 (p52): 3.3端口扫描
p3-3-1 (p53): 3.3.1三次握手
p3-3-2 (p54): 3.3.2使用Nmap进行TCP连接扫描
p3-3-3 (p55): 3.3.3使用Nmap进行SYN扫描
p3-3-4 (p57): 3.3.4使用Nmap进行UDP扫描
p3-3-5 (p60): 3.3.5使用Nmap执行Xmas扫描
p3-3-6 (p61): 3.3.6使用Nmap执行Null扫描
p3-3-7 (p62): 3.3.7端口扫描总结
p3-4 (p63): 3.4漏洞扫描
p3-5 (p66): 3.5如何实践
p3-6 (p68): 3.6接下来该做什么
p3-7 (p68): 3.7小结
p4 (p69): 第4章 漏洞利用
p4-1 (p69): 4.1内容简介
p4-2 (p71): 4.2利用Medusa获得远程服务的访问权限
p4-3 (p74): 4.3 Metasploit
p4-4 (p87): 4.4 John the Ripper:密码破解之王
p4-5 (p96): 4.5密码重置:破墙而入
p4-6 (p99): 4.6嗅探网络流量
p4-7 (p100): 4.7 macof:泛洪攻击交换机
p4-8 (p104): 4.8 Fast-Track Autopwn:自动化漏洞攻击
p4-9 (p108): 4.9如何实践
p4-10 (p110): 4.10接下来该做什么
p4-11 (p112): 4.11小结
p5 (p115): 第5章 基于Web的漏洞利用
p5-1 (p115): 5.1内容简介
p5-2 (p116): 5.2扫描Web服务器:Nikto
p5-3 (p117): 5.3 Websecurify:自动化的Web漏洞扫描
p5-4 (p119): 5.4网络爬虫:抓取目标网站
p5-5 (p122): 5.5使用WebScarab拦截请求
p5-6 (p125): 5.6代码注入攻击
p5-7 (p129): 5.7跨站脚本:轻信网站的浏览器
p5-8 (p133): 5.8如何实践
p5-9 (p134): 5.9接下来该做什么
p5-10 (p135): 5.10小结
p6 (p137): 第6章 使用后门和rootkit维持访问
p6-1 (p137): 6.1内容简介
p6-2 (p138): 6.2 Netcat:瑞士军刀
p6-3 (p144): 6.3 Netcat神秘的家族成员:Cryptcat
p6-4 (p145): 6.4 Netbus:一款经典的工具
p6-5 (p146): 6.5 rootkit
p6-6 (p152): 6.6 rootkit的检测与防御
p6-7 (p154): 6.7如何实践
p6-8 (p155): 6.8接下来该做什么
p6-9 (p156): 6.9小结
p7 (p157): 第7章 渗透测试总结
p7-1 (p157): 7.1内容简介
p7-2 (p158): 7.2编写渗透测试报告
p7-2-1 (p159): 7.2.1综合报告
p7-2-2 (p159): 7.2.2详细报告
p7-2-3 (p161): 7.2.3原始输出
p7-3 (p164): 7.3继续前行
p7-4 (p166): 7.4接下来该做什么
p7-5 (p168): 7.5结束语
p7-6 (p169): 7.6学无止境
p7-7 (p169): 7.7小结
备用描述
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. No prior hacking experience is needed. You learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, Hacker Defender rootkit, and more. A simple and clean explanation of how to effectively utilize these tools as well as the introduction to a four-step methodology for conducting a penetration test or hack, will provide you with know-how required to jump start your career or gain a better understanding of offensive security. The book serves as an introduction to penetration testing and hacking and will provide you with a solid foundation of knowledge. After completing the book readers will be prepared to take on in-depth and advanced topics in hacking and penetration testing. The book walks through each of the steps and tools in a structured, orderly manner allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases relate.
Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases
Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University
Utilizes the Backtrack Linux distribution and focuses on the seminal tools required to complete a penetration test
Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases
Written by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University
Utilizes the Backtrack Linux distribution and focuses on the seminal tools required to complete a penetration test
备用描述
<p><i>The Basics of Hacking and Penetration Testing </i>serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate.</p><br><br><ul><li>Named a 2011 Best Hacking and Pen Testing Book by <i>InfoSec Reviews</i></li><li>Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.</li><li>Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.</li><li>Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.</li></ul>
备用描述
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate. Each chapter contains hands-on examples teach you how to interpret the results and utilize those results in later phases Written by an author who has practical experience as a Penetration Tester and who has taught "Introduction to Penetration Testing" for 5 years Utilizes Backtrack Linux distribution and the "core" tools required to complete a penetration test
备用描述
渗透测试实践指南-封面 1
渗透测试实践指南-扉页 2
渗透测试实践指南-版权页 3
渗透测试实践指南-译者序 4
渗透测试实践指南-前言 5
本书读者对象 6
本书与其他书有什么不同 7
为什么要购买本书 8
渗透测试实践指南-致谢 10
渗透测试实践指南-目录 12
第1 章 渗透测试 14
1.1 内容简介 14
1.2 Backtrack Linux介绍 16
1.3 使用Backtrack:启动引擎 20
1.4 黑客实验环境的搭建与使用 23
1.5 渗透测试的步骤 24
1.6 本章回顾 28
1.7 小结 28
第2 章 侦察 29
2.1 内容简介 29
2.2 HTTrack:网站复制机 33
2.3 Google指——令Google搜索实践 36
2.4 The Harvester:挖掘并利用邮箱地址 41
2.5 Whois 43
2.6 Netcraft 46
2.7 host工具 47
2.8 从DNS中提取信息 48
2.8.1 NS Lookup 49
2.8.2 Dig 50
2.9 从电子邮件服务器提取信息 51
2.10 MetaGooFil 52
2.11 社会工程学 54
2.12 筛选信息以寻找可攻击的目标 55
2.13 如何实践 56
2.14 接下来该做什么 56
2.15 小结 57
渗透测试实践指南-封底 58
渗透测试实践指南-扉页 2
渗透测试实践指南-版权页 3
渗透测试实践指南-译者序 4
渗透测试实践指南-前言 5
本书读者对象 6
本书与其他书有什么不同 7
为什么要购买本书 8
渗透测试实践指南-致谢 10
渗透测试实践指南-目录 12
第1 章 渗透测试 14
1.1 内容简介 14
1.2 Backtrack Linux介绍 16
1.3 使用Backtrack:启动引擎 20
1.4 黑客实验环境的搭建与使用 23
1.5 渗透测试的步骤 24
1.6 本章回顾 28
1.7 小结 28
第2 章 侦察 29
2.1 内容简介 29
2.2 HTTrack:网站复制机 33
2.3 Google指——令Google搜索实践 36
2.4 The Harvester:挖掘并利用邮箱地址 41
2.5 Whois 43
2.6 Netcraft 46
2.7 host工具 47
2.8 从DNS中提取信息 48
2.8.1 NS Lookup 49
2.8.2 Dig 50
2.9 从电子邮件服务器提取信息 51
2.10 MetaGooFil 52
2.11 社会工程学 54
2.12 筛选信息以寻找可攻击的目标 55
2.13 如何实践 56
2.14 接下来该做什么 56
2.15 小结 57
渗透测试实践指南-封底 58
备用描述
本书共分7章: 第1章介绍了渗透测试的概念, 常用工具, 测试环境的搭建, 以及四步模型法;第2章讲解了HTTrack, Google搜索指令, DNS和电子邮件服务器信息提取等;第3章讲解了ping命令, ping扫描, 端口扫描涉及的切实可用的工具及参数设置等;第4-5章解读了漏洞利用的过程, 工具和技巧, 包括获得远程服务访问权限, 密码重置和破解, 嗅探网络流量等;第6章介绍了使用后门和rootkit的方法及注意事项, 侧重讲解Netcat, Cryptcat, Netbus工具和常用rootkit的使用, 检测和防御技术;第7章着重介绍了如何编写渗透测试报告
备用描述
Serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. This title helps you learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test.
备用描述
What is penetration testing?
Reconnaissance
Scanning
Exploitation
Web based exploitation
Maintaining access with backdoors and rootkits.
Reconnaissance
Scanning
Exploitation
Web based exploitation
Maintaining access with backdoors and rootkits.
开源日期
2021-06-06
🚀 快速下载
成为会员以支持书籍、论文等的长期保存。为了感谢您对我们的支持,您将获得高速下载权益。❤️
如果您在本月捐款,您将获得双倍的快速下载次数。
🐢 低速下载
由可信的合作方提供。 更多信息请参见常见问题解答。 (可能需要验证浏览器——无限次下载!)
- 低速服务器(合作方提供) #1 (稍快但需要排队)
- 低速服务器(合作方提供) #2 (稍快但需要排队)
- 低速服务器(合作方提供) #3 (稍快但需要排队)
- 低速服务器(合作方提供) #4 (稍快但需要排队)
- 低速服务器(合作方提供) #5 (无需排队,但可能非常慢)
- 低速服务器(合作方提供) #6 (无需排队,但可能非常慢)
- 低速服务器(合作方提供) #7 (无需排队,但可能非常慢)
- 低速服务器(合作方提供) #8 (无需排队,但可能非常慢)
- 低速服务器(合作方提供) #9 (无需排队,但可能非常慢)
- 下载后: 在我们的查看器中打开
所有选项下载的文件都相同,应该可以安全使用。即使这样,从互联网下载文件时始终要小心。例如,确保您的设备更新及时。
外部下载
-
对于大文件,我们建议使用下载管理器以防止中断。
推荐的下载管理器:JDownloader -
您将需要一个电子书或 PDF 阅读器来打开文件,具体取决于文件格式。
推荐的电子书阅读器:Anna的档案在线查看器、ReadEra和Calibre -
使用在线工具进行格式转换。
推荐的转换工具:CloudConvert和PrintFriendly -
您可以将 PDF 和 EPUB 文件发送到您的 Kindle 或 Kobo 电子阅读器。
推荐的工具:亚马逊的“发送到 Kindle”和djazz 的“发送到 Kobo/Kindle” -
支持作者和图书馆
✍️ 如果您喜欢这个并且能够负担得起,请考虑购买原版,或直接支持作者。
📚 如果您当地的图书馆有这本书,请考虑在那里免费借阅。
下面的文字仅以英文继续。
总下载量:
“文件的MD5”是根据文件内容计算出的哈希值,并且基于该内容具有相当的唯一性。我们这里索引的所有影子图书馆都主要使用MD5来标识文件。
一个文件可能会出现在多个影子图书馆中。有关我们编译的各种数据集的信息,请参见数据集页面。
有关此文件的详细信息,请查看其JSON 文件。 Live/debug JSON version. Live/debug page.