When it’s all said and done, penetration testing remains the most effective way to identify security vulnerabilities in computer networks. Conducting Network Penetration and Espionage in a Global Environment provides detailed guidance on how to perform effective penetration testing of computer networks—using free, open source, and commercially available tools, including Backtrack, Metasploit, Wireshark, Nmap, Netcat, and Nessus. It also considers exploits and other programs using Python, PERL, BASH, PHP, Ruby, and Windows PowerShell.
The book taps into Bruce Middleton’s decades of experience with computer security, including penetration testing of military networks, the White House, utilities, manufacturing facilities, CIA headquarters, the Defense Information Systems Agency, and NASA. Mr. Middleton begins with a chapter on defensive measures/privacy issues and then moves on to describe a cyber-attack on one of his labs and how he responded to the attack.
Next, the book explains how to research a target without directly "touching" that target. Once you’ve learned all you can, the text describes how to gather even more information using a more direct approach. From there, it covers mathematical analysis, considers target exploitation, and discusses Chinese and Syrian cyber-attacks.
Providing authoritative guidance on cyberforensics, reverse engineering, and penetration testing, the book categorizes testing tools according to their use within the standard penetration testing framework. For each of the above-mentioned categories, you will find basic and advanced tools and procedures to help you identify security vulnerabilities in today’s networks.
After reading this book, you will understand how to perform an organized and efficient penetration test. You will also learn techniques used to bypass anti-virus software and capture keystrokes of remote systems. Explaining how to put together your own penetration testing lab, the text concludes by describing how to utilize various iPhone apps to perform reconnaissance activities on wireless networks.
Table of Contents
Chapter 1 - What You Need to Know First
Chapter 2 - Attack from Christmas Island
Chapter 3 - Indirect Target Information Acquisition (ITIA)
Chapter 4 - Direct Target Information Acquisition (DTIA)
Chapter 5 - Nmap
Chapter 6 - MATLAB, SimuLink, and R
Chapter 7 - Metasploit Pro
Chapter 8 - China, Syria, and the American Intelligence Community
Chapter 9 - Building a Penetration Testing Lab
Chapter 10 - Vendor Default Passwords and Default Unix Ports
Chapter 11 - Oldies but Goodies If You Have Physical Access
Chapter 12 - Order of Operations for Your Tools
Chapter 13 - Using Your iPhone as a Network Scanner