Meine Filiale

Advanced Penetration Testing

Hacking the World's Most Secure Networks

Wil Allsopp

Buch (Taschenbuch, Englisch)
Buch (Taschenbuch, Englisch)
Fr. 66.90
Fr. 66.90
inkl. gesetzl. MwSt.
inkl. gesetzl. MwSt.
Versandfertig innert 1 - 2 Werktagen Versandkostenfrei
Versandfertig innert 1 - 2 Werktagen

Weitere Formate


Fr. 66.90

Accordion öffnen


ab Fr. 36.00

Accordion öffnen


Build a better defense against motivated, organized, professional attacks
Advanced Penetration Testing: Hacking the World's Most Secure Networks takes hacking far beyond Kali linux and Metasploit to provide a more complex attack simulation. Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data--even from organizations without a direct Internet connection--this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures.
Typical penetration testing consists of low-level hackers attacking a system with a list of known vulnerabilities, and defenders preventing those hacks using an equally well-known list of defensive scans. The professional hackers and nation states on the forefront of today's threats operate at a much more complex level--and this book shows you how to defend your high security network.
* Use targeted social engineering pretexts to create the initial compromise
* Leave a command and control structure in place for long-term access
* Escalate privilege and breach networks, operating systems, and trust structures
* Infiltrate further using harvested credentials while expanding control
Today's threats are organized, professionally-run, and very much for-profit. Financial institutions, health care organizations, law enforcement, government agencies, and other high-value targets need to harden their IT infrastructure and human capital against targeted advanced attacks from motivated professionals. Advanced Penetration Testing goes beyond Kali linux and Metasploit and to provide you advanced pen testing for high security networks.


Einband Taschenbuch
Seitenzahl 288
Erscheinungsdatum 14.04.2017
Sprache Englisch
ISBN 978-1-119-36768-0
Verlag John Wiley & Sons, Ltd.
Maße (L/B/H) 23.3/18.7/2 cm
Gewicht 501 g
Auflage 1. Auflage
Verkaufsrang 26358


Es wurden noch keine Bewertungen geschrieben.
  • Artikelbild-0
  • Foreword xxiii
    Introduction xxvii
    Chapter 1 Medical Records (In)security 1
    An Introduction to Simulating Advanced Persistent Threat 2
    Background and Mission Briefi ng 2
    Payload Delivery Part 1: Learning How to Use the VBA Macro 5
    How NOT to Stage a VBA Attack 6
    Examining the VBA Code 11
    Avoid Using Shellcode 11
    Automatic Code Execution 13
    Using a VBA/VBS Dual Stager 13
    Keep Code Generic Whenever Possible 14
    Code Obfuscation 15
    Enticing Users 16
    Command and Control Part 1: Basics and Essentials 19
    The Attack 23
    Bypassing Authentication 23
    Summary 27
    Exercises 28
    Chapter 2 Stealing Research 29
    Background and Mission Briefi ng 30
    Payload Delivery Part 2: Using the
    Java Applet for Payload Delivery 31
    Java Code Signing for Fun and Profit 32
    Writing a Java Applet Stager 36
    Create a Convincing Pretext 39
    Signing the Stager 40
    Notes on Payload Persistence 41
    Microsoft Windows 41
    Linux 42
    OSX 45
    Command and Control Part 2: Advanced Attack Management 45
    Adding Stealth and Multiple System Management 45
    Implementing a Command Structure 47
    Building a Management Interface 48
    The Attack 49
    Situational Awareness 50
    Using AD to Gather Intelligence 50
    Analyzing AD Output 51
    Attack Against Vulnerable Secondary System 52
    Credential Reuse Against Primary Target System 53
    Summary 54
    Exercises 55
    Chapter 3 Twenty-First Century Heist 57
    What Might Work? 57
    Nothing Is Secure 58
    Organizational Politics 58
    APT Modeling versus Traditional Penetration Testing 59
    Background and Mission Briefi ng 59
    Command and Control Part III: Advanced Channels and Data Exfi ltration 60
    Notes on Intrusion Detection and the Security Operations Center 64
    The SOC Team 65
    How the SOC Works 65
    SOC Reaction Time and Disruption 66
    IDS Evasion 67
    False Positives 67
    Payload Delivery Part III: Physical Media 68
    A Whole New Kind of Social Engineering 68
    Target Location Profi ling 69
    Gathering Targets 69
    The Attack 72
    Summary 75
    Exercises 75
    Chapter 4 Pharma Karma 77
    Background and Mission Briefi ng 78
    Payload Delivery Part IV: Client-Side Exploits 1 79
    The Curse That Is Flash 79
    At Least You Can Live Without It 81
    Memory Corruption Bugs: Dos and Don'ts 81
    Reeling in the Target 83
    Command and Control Part IV: Metasploit Integration 86
    Metasploit Integration Basics 86
    Server Confi guration 86
    Black Hats/White Hats 87
    What Have I Said About AV? 88
    Pivoting 89
    The Attack 89
    The Hard Disk Firewall Fail 90
    Metasploit Demonstration 90
    Under the Hood 91
    The Benefits of Admin 92
    Typical Subnet Cloning 96
    Recovering Passwords 96
    Making a Shopping List 99
    Summary 101
    Exercises 101
    Chapter 5 Guns and Ammo 103
    Background and Mission Briefing 104
    Payload Delivery Part V: Simulating a Ransomware Attack 106
    What Is Ransomware? 106
    Why Simulate a Ransomware Attack? 107
    A Model for Ransomware Simulation 107
    Asymmetric Cryptography 108
    Remote Key Generation 109
    Targeting Files 110
    Requesting the Ransom 111
    Maintaining C2 111
    Final Thoughts 112
    Command and Control Part V: Creating a Covert C2 Solution 112
    Introducing the Onion Router 112
    The Torrc File 113
    Configuring a C2 Agent to Use the Tor Network 115
    Bridges 115
    New Strategies in Stealth and Deployment 116
    VBA Redux: Alternative Command-Line Attack Vectors 116
    PowerShell 117
    FTP 117
    Windows Scripting Host (WSH) 118
    BITSadmin 118
    Simple Payload Obfuscation 119
    Alternative Strategies in Antivirus Evasion 121
    The Attack 125
    Gun Design Engineer Answers Your Questions 126
    Identifying the Players 127
    Smart(er) VBA Document Deployment 128
    Email and Saved Passwords 131
    Keyloggers and Cookies 132
    Bringing It All Together 133
    Summary 134
    Exercises 135
    Chapter 6 Criminal Intelligence 137
    Payload Delivery Part VI: Deploying with HTA 138
    Malware Detection 140
    Privilege Escalation in Microsoft Windows 141
    Escalating Privileges with Local Exploits 143
    Exploiting Automated OS Installations 147
    Exploiting the Task Scheduler 147
    Exploiting Vulnerable Services 149
    Hijacking DLLs 151
    Mining the Windows Registry 154
    Command and Control Part VI: The Creeper Box 155
    Creeper Box Specifi cation 155
    Introducing the Raspberry Pi and Its Components 156
    GPIO 157
    Choosing an OS 157
    Configuring Full-Disk Encryption 158
    A Word on Stealth 163
    Configuring Out-of-Band Command and Control Using 3G/4G 164
    Creating a Transparent Bridge 168
    Using a Pi as a Wireless AP to Provision Access by Remote
    Keyloggers 169
    The Attack 171
    Spoofing Caller ID and SMS Messages 172
    Summary 174
    Exercises 174
    Chapter 7 War Games 175
    Background and Mission Briefi ng 176
    Payload Delivery Part VII: USB Shotgun Attack 178
    USB Media 178
    A Little Social Engineering 179
    Command and Control Part VII: Advanced Autonomous Data Exfiltration 180
    What We Mean When We Talk About "Autonomy" 180
    Means of Egress 181
    The Attack 185
    Constructing a Payload to Attack a Classified Network 187
    Stealthy 3G/4G Software Install 188
    Attacking the Target and Deploying the Payload 189
    Efficient "Burst-Rate" Data Exfiltration 190
    Summary 191
    Exercises 191
    Chapter 8 Hack Journalists 193
    Briefing 193
    Advanced Concepts in Social Engineering 194
    Cold Reading 194
    C2 Part VIII: Experimental Concepts in Command and Control 199
    Scenario 1: C2 Server Guided Agent Management 199
    Scenario 2: Semi-Autonomous C2 Agent Management 202
    Payload Delivery Part VIII: Miscellaneous Rich Web Content 205
    Java Web Start 205
    Adobe AIR 206
    A Word on HTML5 207
    The Attack 207
    Summary 211
    Exercises 211
    Chapter 9 Northern Exposure 213
    Overview 214
    Operating Systems 214
    Red Star Desktop 3.0 215
    Red Star Server 3.0 219
    North Korean Public IP Space 221
    The North Korean Telephone System 224
    Approved Mobile Devices 228
    The "Walled Garden": The Kwangmyong Intranet 230
    Audio and Video Eavesdropping 231
    Summary 233
    Exercises 234
    Index 235