Attackers implement eavesdropping, shoulder surfing, and impersonation to obtain sensitive information from the organization's help desk and its general staff. Sometimes, attacks can be subtle and persuasive; other times, they can be a bit intimidating and aggressive in order to put pressure on an employee in the hope that they will reveal confidential information. To protect staff from such attacks, organizations should ensure that frequent employee training is done to raise awareness of such dangers and let them know never to reveal any sensitive information.
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
- Section 1: Kali Linux Basics
- Introduction to Hacking
- Setting Up Kali - Part 1
- Setting Up Kali - Part 2
- Getting Comfortable with Kali Linux 2019
- Section 2: Reconnaissance
- Passive Information Gathering
- Technical requirements
- Reconnaissance and footprinting
- Understanding passive information gathering
- Understanding OSINT
- Using the top OSINT tools
- Identifying target technology and security controls
- Finding data leaks in cloud resources
- Understanding Google hacking and search operators
- Leveraging whois and copying websites with HTTrack
- Finding subdomains using Sublist3r
- Summary
- Questions
- Further reading
- Active Information Gathering
- Technical requirements
- Understanding active information gathering
- DNS interrogation
- Scanning
- Nmap
- NSE scripts
- Zenmap
- Hping3
- SMB, LDAP enumeration, and null sessions
- User enumeration through noisy authentication controls
- Web footprints and enumeration with EyeWitness
- Metasploit auxiliary modules
- Summary
- Questions
- Further reading
- Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
- Working with Vulnerability Scanners
- Understanding Network Penetration Testing
- Network Penetration Testing - Pre-Connection Attacks
- Technical requirements
- Getting started with packet sniffing using airodump-ng
- Targeted packet sniffing using airodump-ng
- Deauthenticating clients on a wireless network
- Creating a rogue AP/evil twin
- Performing a password spraying attack
- Setting up watering hole attacks
- Exploiting weak encryption to steal credentials
- Summary
- Questions
- Further reading
- Network Penetration Testing - Gaining Access
- Technical requirements
- Gaining access
- WEP cracking
- WPA cracking
- Securing your network from the aforementioned attacks
- Configuring wireless security settings to secure your network
- Exploiting vulnerable perimeter systems with Metasploit
- Penetration testing Citrix and RDP-based remote access systems
- Plugging PWN boxes and other tools directly into a network
- Bypassing NAC
- Summary
- Questions
- Further reading
- Network Penetration Testing - Post-Connection Attacks
- Network Penetration Testing - Detection and Security
- Client-Side Attacks - Social Engineering
- Performing Website Penetration Testing
- Website Penetration Testing - Gaining Access
- Best Practices
- Assessments
- Chapter 1: Introduction to Hacking
- Chapter 2: Setting Up Kali - Part
- Chapter 4: Getting Comfortable with Kali Linux 2019
- Chapter 5: Passive Information Gathering
- Chapter 6: Active Information Gathering
- Chapter 7: Working with Vulnerability Scanners
- Chapter 8: Understanding Network Penetration Testing
- Chapter 9: Network Penetration Testing - Pre-Connection Attacks
- Chapter 10: Network Penetration Testing - Gaining Access
- Chapter 11: Network Penetration Testing - Post-Connection Attacks
- Chapter 12: Network Penetration Testing - Detection and Security
- Chapter 13: Client-Side Attacks - Social Engineering
- Chapter 14: Performing Website Penetration Testing
- Chapter 15: Website Penetration Testing - Gaining Access 
- Chapter 16: Best Practices
- Other Books You May Enjoy
Protecting the help desk and general staff
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.