Index
A
Access Control Lists (ACLs)
56Active reconnaissance
18,
25Advanced security concepts
153“Allintitle:” directive
23APT (Advanced Package Tool)
B
Bind and reverse payloads, difference between
80Brute forcing letter combinations
87D
Dakota State University website
22Domain Name Systems (DNS) servers
28,
29extracting information from
32–36E
E-mail server, extracting information from
36Ethical hackers
, ,
18,
57Exploitation
13,
65network traffic, sniffing
92–93F
“Fail closed”, concept of
94“Fail open”, concept of
94G
Google Hacking for Penetration Testers
21,
40Graphical user interface (GUI)
48–49H
Hacking lab, use and creation of
9–10ICMP Echo Request packets
46L
Long, Johnny
Google Hacking Database (GHDB)
40M
Malicious hacker and ethical hackers
,
28MetaGooFil
36–37information gathering with
69“Metasploit Unleashed”
102N
Network interface card (NIC)
92–93Network traffic, sniffing
92–93Null scans, using Nmap to perform
56–57O
Online password crackers
67Open Source Security Testing Methodology Manual (OSSTMM)
155Open Web Application Security Project (OWASP) organization
123,
125OSX passwords, cracking
88P
Passive reconnaissance
18,
21Password dictionary
68,
87Paterva's Maltego CE
40–41Penetration testing
,
66,
145Backtrack, working with
6–9hacking lab, use and creation of
9–10Penetration Testing Framework (PTF)
155Ping and ping sweeps
46–48Port numbers, and corresponding services
45Port scanning
13,
48TCP connect scan and Nmap
49–51Proof of concept (POC) attacks
,
101,
148R
Reconnaissance
10–11,
13,
15e-mail server, extracting information from
36finding attackable targets
39information gathering, advanced topics in
40–41Google Hacking for Penetration Testers
40Johnny Long's Google Hacking Database (GHDB)
40Paterva's Maltego CE
40–41Search Engine Assessment Tool (SEAT)
40search engine directives for sites other than Google
40Remote access service
67–70S
SAM (Security Account Manager) file
83–84,
85Scanning
43pings and ping sweeps
46–48port scanning
48TCP connect scan and Nmap
49–51vulnerability scanning
58–61Search Engine Assessment Tool (SEAT)
40Search engine directives, for sites other than Google
40Security Account Manager file
Security-related curriculum
154,
155Structured Query Language (SQL)
117,
118T
TCP (Transmission Control Protocol) Connect scan
49–51,
53U
UDP (User Datagram Protocol)
53V
Vulnerability assessment and penetration testing
1–2W
Web-based exploitation
107
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.