The Art of Network Penetration Testing

Book Description Network penetration testing is about more than just getting through a perimeter firewall. The biggest security threats facing a modern enterprise are inside the network, where attackers can rampage through sensitive data by exploiting weak access controls and poorly patched software. Designed for up-and-coming security professionals,

The Art of Network Penetration Testing teaches you how to take over an enterprise network from the inside. It lays out every stage of an internal security assessment step-by-step,showing you how to identify weaknesses before a malicious invader can do real damage.

After setting up a virtual environment to use as your lab, you'll work step-by-step through every stage of a professional pentest, from information- gathering to seizing control of a vulnerable system.

You'll learn a repeatable process you can use to identify vulnerable targets within a typical enterprise environment, perform controlled exploitation of critical security weaknesses, elevate network level privileges, and pivot laterally through the network. Finally, you'll learn how to write-up your findings in a clear and actionable report, to ensure that remediated systems can be protected against the weaknesses you've identified.

Content

1. Network penetration testing

PHASE 1 - INFORMATION GATHERING 
2. Discovering network hosts
3. Discovering network services
4. Discovering network vulnerabilities

PHASE 2 - FOCUSED PENETRATION
5. Attacking vulnerable web services
6. Attacking vulnerable database services
7. Attacking unpatched services

PHASE 3 - POST-EXPLOITATION AND PRIVILEGE ESCALATION
8. Windows post-exploitation
9. Linux or UNIX post-exploitation
10. Controlling the entire network

PHASE 4 - DOCUMENTATION 
11. Post-engagement cleanup
12. Writing a solid pentest deliverable