Cover: GlebSStock/Shutterstock
NIST Computer Security Resource Center defines the term Hacker
Sun Tzu, The Art of War
High Level Organization of the Standard by The Penetration Testing Execution Standard
PCI Security Standard council, Information Supplement: Penetration Testing Guidance
Penetration Testing Framework 0.59 by VulnerabilityAssessment.co.uk
Open Source Security Testing Methodology Manual (OSSTMM), Contemporary Security testing and analysis
GLBA (12 U.S.C. § 1843(k))
NY DFS Cybersecurity Regulation
Covered Entities and Business Associates, The HIPAA Rules apply to covered entities and business associates.
Payment Card Industry (PCI) Data Security Standard (DSS) and Payment Application Data Security Standard (PA-DSS), April 2016.
Elaine Barker, NIST Special Publication 800-57 Part 1 Revision 4 Recommendation for Key Management Part 1: General, January 2016.
Figure 2-1 Screenshot of Gantt Chart © 2018 Microsoft Corporation
Figure 3-2 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-4 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-6 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-8 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-10 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-12 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-13 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-14 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-15 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-16 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-17 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-18 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-19 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-20 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-21 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-22 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-23 Screenshot of Google © 2018 Google, LLC.
Figure 3-24 Screenshot of DNSdumpster © 2018 Hacker Target Pty Ltd
Figure 3-25 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-26 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-27 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-28 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-29 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-30 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-31 Screenshot of Shodan © 2013-2018 Shodan®
Figure 3-32 Screenshot of Shodan © 2013-2018 Shodan®
Figure 3-33 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-34 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-35 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-36 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-37 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-38 Screenshot of Kali Linux © 2018 Kali Linux
Figure 3-39 Omar Santos
Figure 3-41 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-3 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-4 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-5 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-6 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-7 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-8 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-9 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-10 Screenshot of Kali Linux © 2018 Kali Linux
Figure 4-11 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-15 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-18 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-19 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-20 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-23 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-24 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-25 Screenshot of Kali Linux © 2018 Kali Linux
Figure 5-26 Screenshot of Kali Linux © 2018 Kali Linux
Figure 6-3 Screenshot of Wireshark © The Wireshark team
Figure 6-4 Screenshot of Wireshark © The Wireshark team
Figure 6-7 Screenshot of WebGoat © OWASP
Figure 6-9 Screenshot of W3school © 1999-2018 by Refsnes Data
Figure 6-11 Screenshot of WebGoat © OWASP
Figure 6-12 Screenshot of WebGoat © OWASP
Figure 6-13 Screenshot of WebGoat © OWASP
Figure 6-14 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-16 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-18 Screenshot of Wireshark © The Wireshark team
Figure 6-21 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-22 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-23 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-24 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 6-25 Screenshot of DVWA © 2014-2017 Dewhurst Security
Figure 7-5 Screenshot of Unix Permission Calculator © 2017 Dan’s Tools
Figure 7-6 Screenshot of Unix Permission Calculator © 2017 Dan’s Tools
Figure 7-7 Screenshot of Visudo Command Man Page © Visudo
Figure 7-9 Screenshot of Microsoft Excel © 2018 Microsoft Corporation Mobile Top 10 2016-Top 10 by OWASP
Figure 7-13 Screenshot of Android Studio © Google, LLC.
Figure 7-14 Screenshot of Android Studio © Google, LLC.
Figure 7-15 Screenshot of Kali Linux © 2018 Kali Linux
Figure 8-4 Screenshot of Kali Linux © 2018 Kali Linux
Figure 8-6 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-1 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-2 Screenshot of Parrot Linux © 2013-2018 Lorenzo Faletra
Figure 9-3 Screenshot of BlackArch Linux © 2013-2018 BlackArch Linux
Figure 9-4 Screenshot of BlackArch Linux © 2013-2018 BlackArch Linux
Figure 9-5 Screenshot of Caine © Caine
Figure 9-6 Screenshot of Security Onion © Security Onion Solutions, LLC
Figure 9-7 Screenshot of Shodan © 2013-2018 Shodan®
Figure 9-8 Screenshot of Maltego © Paterva
Figure 9-9 Screenshot of Maltego © Paterva
Figure 9-10 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-11 Screenshot of Censys © 2018 Censys
Figure 9-12 Screenshot of Zenmap © Nmap
Figure 9-13 Screenshot of Zenmap © Nmap
Category: Vulnerability Scanning Tools by OWASP
Figure 9-14 Screenshot of Greenbone © 2017 Greenbone Networks
Figure 9-15 Screenshot of Greenbone © 2017 Greenbone Networks
Figure 9-16 Screenshot of Greenbone © 2017 Greenbone Networks
Figure 9-17 Screenshot of Greenbone © 2017 Greenbone Networks
OWASP Zed Attack Proxy Project by OWASP
Figure 9-18 Screenshot of OWASP ZAP © OWASP
Figure 9-19 Screenshot of OWASP ZAP © OWASP
Figure 9-20 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-21 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-22 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-23 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-24 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-25 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-26 Screenshot of the art of hacking © 2018 Omar Santos
Figure 9-27 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-28 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-29 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-30 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-31 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-32 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-33 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-34 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-35 Screenshot of BeEF Exploitation Framework © Beef
Figure 9-36 Screenshot of OllyDbg © 2000-2014 Oleh Yuschuk
Figure 9-37 Screenshot of Kali Linux © 2018 Kali Linux
Figure 9-38 Screenshot of IDA © 2017 Hex-Rays SA.
Figure 9-39 Screenshot of IDA © 2017 Hex-Rays SA.
Figure 10-1 Screenshot of Kali Linux © 2018 Kali Linux
Figure 10-2 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-3 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-4 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-5 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-6 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-7 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-8 Screenshot of Kali Linux © 2018 Kali Linux
Figure 10-9 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-10 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-11 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-12 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-13 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-14 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-15 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-16 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-17 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-18 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-19 Screenshot of Dradis © 2012-2018 Dradis Framework
Figure 10-21 Screenshot of SQLMap © 2006-2018 by Bernardo Damele Assumpcao Guimaraes
Figure 10-22 Screenshot of SQLMap © 2006-2018 by Bernardo Damele Assumpcao Guimaraes ISO 31000
Chapter Opener images: Charlie Edwards/Gettyimages
18.225.95.248