Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits – آموزش اصول تست نفوذ

یک تست نفوذ یا Penetration Test یک پروسه مجاز، برنامه ریزی شده و سیستماتیک برای به کارگیری آسیب پذیری ها جهت نفوذ به سرور، شبکه و یا منابع برنامه های کاربردی است. در واقع تست نفوذ روشی برای ارزیابی امنیتی یک سیستم یا شبکه کامپیوتری است که از طریق شبیه سازی حمله یک هکر یا نفوذگر خرابکار صورت می گیرد. پروسه تست نفوذ یک تحلیل فعال از سیستم برای یافتن هر حفره، آسیب پذیری و نقص فنی است که بالقوه یک ضعف امنیتی سیستم محسوب می شود. این تحلیل در مقام یک هکر بالقوه انجام می شود و در آن می توان از آسیب پذیری های امنیتی فعال برای اجرای حملات استفاده کرد.

• Copyright 2018
• Pages: 448
• Edition: 1st
• Price: $144.00
• Format: PDF Convert
• By: William (Chuck) Easttom
• ISBN-10: 0-7897-5937-3
• ISBN-13: 978-0-7897-5937-5
• Published: Mar 8, 2018 by Pearson IT Certification

The perfect introduction to pen testing for all IT professionals and students

· Clearly explains key concepts, terminology, challenges, tools, and skills
· Covers the latest penetration testing standards from NSA, PCI, and NIST

Welcome to today’s most useful and practical introduction to penetration testing. Chuck Easttom brings together up-to-the-minute coverage of all the concepts, terminology, challenges, and skills you’ll need to be effective. Drawing on decades of experience in cybersecurity and related IT fields, Easttom integrates theory and practice, covering the entire penetration testing life cycle from planning to reporting. You’ll gain practical experience through a start-to-finish sample project relying on free open source tools. Throughout, quizzes, projects, and review sections deepen your understanding and help you apply what you’ve learned.

Including essential pen testing standards from NSA, PCI, and NIST, Penetration Testing Fundamentals will help you protect your assets–and expand your career options.

LEARN HOW TO Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits

·         Understand what pen testing is and how it’s used
·         Meet modern standards for comprehensive and effective testing
·         Review cryptography essentials every pen tester must know
·         Perform reconnaissance with Nmap, Google searches, and ShodanHq
·         Use malware as part of your pen testing toolkit
·         Test for vulnerabilities in Windows shares, scripts, WMI, and the Registry
·         Pen test websites and web communication
·         Recognize SQL injection and cross-site scripting attacks
·         Scan for vulnerabilities with OWASP ZAP, Vega, Nessus, and MBSA
·         Identify Linux vulnerabilities and password cracks
·         Use Kali Linux for advanced pen testing
·         Apply general hacking technique ssuch as fake Wi-Fi hotspots and social engineering
·         Systematically test your environment with Metasploit
·         Write or customize sophisticated Metasploit exploits