Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Matthew Hickey, Jennifer Arcuri
Hands on Hacking
Cover
Foreword
Introduction
Who Should Read This Book
What You Will Learn
How This Book Is Organized
Hardware and Software Requirements
How to Use This Book
How to Contact the Authors
Chapter 1: Hacking a Business Case
All Computers Are Broken
The Stakes
Blue, Red, and Purple Teams
Hacking is Part of Your Company's Immune System
Summary
Chapter 2: Hacking Ethically and Legally
Laws That Affect Your Work
Criminal Hacking
Hacking Neighborly
Legally Gray
Penetration Testing Methodologies
Authorization
Responsible Disclosure
Bug Bounty Programs
Legal Advice and Support
Hacker House Code of Conduct
Summary
Chapter 3: Building Your Hack Box
Hardware for Hacking
Linux or BSD?
Host Operating Systems
Verifying Downloads
Disk Encryption
Essential Software
Setting Up VirtualBox
Guest Additions
Testing Your Virtual Environment
Creating Vulnerable Servers
Summary
Chapter 4: Open Source Intelligence Gathering
Does Your Client Need an OSINT Review?
What Are You Looking For?
Where Do You Find It?
OSINT Tools
Grabbing Email Addresses from Google
Google Dorking the Shadows
A Brief Introduction to Passwd and Shadow Files
The Google Hacking Database
Have You Been “Pwned” Yet?
OSINT Framework Recon-ng
Recon-ng Under the Hood
Harvesting the Web
Document Metadata
Maltego
Social Media Networks
Shodan
Protecting Against OSINT
Summary
Chapter 5: The Domain Name System
The Implications of Hacking DNS
A Brief History of DNS
The DNS Hierarchy
A Basic DNS Query
Authority and Zones
DNS Resource Records
BIND9
DNS Hacking Toolkit
Finding Hosts
Finding the SOA with Dig
Hacking a Virtual Name Server
Port Scanning with Nmap
Digging for Information
Information Leak CHAOS
Zone Transfer Requests
Information-Gathering Tools
Searching for Vulnerabilities and Exploits
DNS Traffic Amplification
Metasploit
Carrying Out a Denial-of-Service Attack
DoS Attacks with Metasploit
DNS Spoofing
DNS Cache Poisoning
DNS Cache Snooping
DNSSEC
Fuzzing
Summary
Chapter 6: Electronic Mail
The Email Chain
Message Headers
Delivery Status Notifications
The Simple Mail Transfer Protocol
Sender Policy Framework
Scanning a Mail Server
Mail Software
User Enumeration via Finger
Brute-Forcing the Post Office
The Nmap Scripting Engine
CVE-2014-0160: The Heartbleed Bug
Exploiting CVE-2010-4345
Exploiting CVE-2017-7692
Summary
Chapter 7: The World Wide Web of Vulnerabilities
The World Wide Web
The Hypertext Transfer Protocol
Uniform Resource Identifiers
LAMP: Linux, Apache, MySQL, and PHP
Creepy Crawlers and Spiders
The Web Server Hacker's Toolkit
Port Scanning a Web Server
Manual HTTP Requests
Web Vulnerability Scanning
Guessing Hidden Web Content
Uploading Files
HTTP Authentication
Common Gateway Interface
Shellshock
SSL, TLS, and Heartbleed
Web Administration Interfaces
Web Proxies
Privilege Escalation
Summary
Chapter 8: Virtual Private Networks
What Is a VPN?
Internet Protocol Security
Internet Key Exchange
Transport Layer Security and VPNs
User Databases and Authentication
The NSA and VPNs
The VPN Hacker's Toolkit
VPN Hacking Methodology
Port Scanning a VPN Server
IKE-scan
OpenVPN
LDAP
OpenVPN and Shellshock
Exploiting CVE-2017-5618
Summary
Chapter 9: Files and File Sharing
What Is Network-Attached Storage?
File Permissions
NAS Hacking Toolkit
Port Scanning a File Server
The File Transfer Protocol
The Trivial File Transfer Protocol
Remote Procedure Calls
Server Message Block
Rsync
Network File System
NFS Privilege Escalation
Searching for Useful Files
Summary
Chapter 10: UNIX
UNIX System Administration
Solaris
UNIX Hacking Toolbox
Port Scanning Solaris
Telnet
Secure Shell
RPC
R-services
The Simple Network Management Protocol
The Common UNIX Printing System
The X Window System
Cron and Local Files
The Common Desktop Environment
Summary
Chapter 11: Databases
Types of Databases
Structured Query Language
User-Defined Functions
The Database Hacker's Toolbox
Common Database Exploitation
Port Scanning a Database Server
MySQL
PostgreSQL
Escaping Database Software
Oracle Database
MongoDB
Redis
Privilege Escalation via Databases
Summary
Chapter 12: Web Applications
The OWASP Top 10
The Web Application Hacker's Toolkit
Port Scanning a Web Application Server
Using an Intercepting Proxy
Manual Browsing and Mapping
Spidering
Identifying Entry Points
Web Vulnerability Scanners
Finding Vulnerabilities
Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities
Broken Access Controls
Security Misconfiguration
Cross-Site Scripting
Insecure Deserialization
Known Vulnerabilities
Insufficient Logging and Monitoring
Privilege Escalation
Summary
Chapter 13: Microsoft Windows
Hacking Windows vs. Linux
Setting Up a Windows VM
A Windows Hacking Toolkit
Windows and the NSA
Port Scanning Windows Server
Microsoft DNS
Internet Information Services
Kerberos
Golden Tickets
NetBIOS
LDAP
Server Message Block
ETERNALBLUE
Enumerating Users
Microsoft RPC
Task Scheduler
Remote Desktop
The Windows Shell
PowerShell
Meterpreter
Hash Dumping
Passing the Hash
Privilege Escalation
Getting SYSTEM
Alternative Payload Delivery Methods
Bypassing Windows Defender
Summary
Chapter 14: Passwords
Hashing
The Password Cracker's Toolbox
Cracking
Hash Tables and Rainbow Tables
Adding Salt
Into the /etc/shadow
Different Hash Types
Pseudo-hashing
Microsoft Hashes
Guessing Passwords
The Art of Cracking
Random Number Generators
Summary
Chapter 15: Writing Reports
What Is a Penetration Test Report?
Common Vulnerabilities Scoring System
Report Writing as a Skill
What Should a Report Include?
Executive Summary
Technical Summary
Assessment Results
Supporting Information
Taking Notes
Proofreading
Delivery
Summary
Index
End User License Agreement
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Table of Contents
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset