Pen Testing For Dummies aims to equip IT enthusiasts at various levels with the basic knowledge of pen testing. It is the go-to book for those who have some IT experience but desire more knowledge of how to gather intelligence on a target, learn the steps for mapping out a test, and discover best practices for analyzing, solving, and reporting on vulnerabilities.
The perfect introduction to pen testing for all IT professionals and students
· Clearly explains key concepts, terminology, challenges, tools, and skills
· Covers the latest penetration testing standards from NSA, PCI, and NIST
Welcome to today’s most useful and practical introduction to penetration testing. Chuck Easttom brings together up-to-the-minute coverage of all the concepts, terminology, challenges, and skills you’ll need to be effective.
Drawing on decades of experience in cybersecurity and related IT fields, Easttom integrates theory and practice, covering the entire penetration testing life cycle from planning to reporting.
You’ll gain practical experience through a start-to-finish sample project relying on free open source tools. Throughout, quizzes, projects, and review sections deepen your understanding and help you apply what you’ve learned.
Including essential pen testing standards from NSA, PCI, and NIST, Penetration Testing Fundamentals will help you protect your assets–and expand your career options.
LEARN HOW TO
· Understand what pen testing is and how it’s used
· Meet modern standards for comprehensive and effective testing
· Review cryptography essentials every pen tester must know
· Perform reconnaissance with Nmap, Google searches, and ShodanHq
· Use malware as part of your pen testing toolkit
· Test for vulnerabilities in Windows shares, scripts, WMI, and the Registry
· Pen test websites and web communication
· Recognize SQL injection and cross-site scripting attacks
· Scan for vulnerabilities with OWASP ZAP, Vega, Nessus, and MBSA
· Identify Linux vulnerabilities and password cracks
· Use Kali Linux for advanced pen testing
· Apply general hacking technique ssuch as fake Wi-Fi hotspots and social engineering
· Systematically test your environment with Metasploit
· Write or customize sophisticated Metasploit exploits