دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
برای ارتباط با ما می توانید از طریق شماره موبایل زیر از طریق تماس و پیامک با ما در ارتباط باشید
در صورت عدم پاسخ گویی از طریق پیامک با پشتیبان در ارتباط باشید
برای کاربرانی که ثبت نام کرده اند
درصورت عدم همخوانی توضیحات با کتاب
از ساعت 7 صبح تا 10 شب
ویرایش: 1
نویسندگان: Raymond Nutting. William MacCormack
سری:
ISBN (شابک) : 1260456749, 9781260456745
ناشر: McGraw-Hill Education
سال نشر: 2020
تعداد صفحات: 768
زبان: English
فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 49 مگابایت
در صورت تبدیل فایل کتاب GPEN GIAC Certified Penetration Tester All-in-One Exam Guide به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب راهنمای آزمون همه کاره تست نفوذ گواهی شده GPEN GIAC نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
Title Page Copyright Page Dedication Contents Acknowledgments Introduction Objectives Map: GPEN Exam Chapter 1 Planning and Preparation Penetration Testing Methodologies Penetration Testing Execution Standard NIST Technical Guide to Information Security Testing and Assessment Penetration Testing Framework Open Source Security Testing Methodology Manual OWASP Web Security Testing Guide MITRE ATT&CK CAPEC Pre-engagement Activities Testing Phases Rules of Engagement Scope Other Pre-engagement Documentation Third-Party Providers Chapter Review Questions Answers Chapter 2 Reconnaissance Open Source Intelligence Organizational Culture Social Media Behavior Information Technology Discovery Methods Regional Internet Registries Querying DNS Records Search Engines OSINT Collection Tools Metadata Analysis Chapter Review Questions Answers Chapter 3 Initial Access Exploitation Categories Server-Side Exploitation Client-Side Exploitation Privilege Escalation Network Basics and Not-So-Basics TCP Three-Way Handshake TCP and IP Headers Scanning and Host Discovery Monitoring Network Scans Lab 3-1: Using Wireshark Nmap Introduction Ping Sweeping Network Mapping Port Scanning Vulnerability Scanning Lab 3-2: Scanning with Nmap Lab 3-3: Vulnerability Scanning with Nessus Packet Crafting with Scapy Lab 3-4: Scapy Introductory Lab 3-5: Evil Scapy Scripting Web Application Penetration Testing Web Application Vulnerabilities Lab 3-6: BeEF Basics Lab 3-7: OWASP ZAP SQL Injection Attacks Lab 3-8: SQLi Lab 3-9: Blind SQLi and Sqlmap Command Injection Lab 3-10: Command Injection Client-Side Attacks Lab 3-11: Stored XSS Time-Saving Tips Chapter Review Questions Answers Chapter 4 Execution Command-Line Interface Linux CLI Windows CLI Scripting Declaring Methods and Variables Looping and Flow Control Error and Exception Handling Metasploit Framework (MSF) MSF Components Lab 4-1: Navigating the MSFconsole Service-Based Exploitation Lab 4-2: Exploiting SMB with Metasploit Lab 4-3: Exploiting ProFTPD with Metasploit Metasploit Meterpreter Lab 4-4: Upgrading to a Meterpreter Shell Chapter Review Questions Answers Chapter 5 Persistence, Privilege Escalation, and Evasion Persistence Windows Persistence Lab 5-1: Scheduled Tasks Lab 5-2: Configuring a Callback via Windows Services Lab 5-3: Persistence with PowerShell Empire Linux Persistence Privilege Escalation Lab 5-4: Linux Privilege Escalation Lab 5-5: Windows Information Gathering and Privilege Escalation Evasion In Memory vs. On Disk Disk Location Code Obfuscation Lab 5-6: Windows Defender Evasion Chapter Review Questions Answers Chapter 6 Credential Access Windows Password Types NTLM Challenge-Response Protocol NTLMv1 and LM NTLMv2 Kerberos Unix/Linux Password Types Message-Digest Algorithms Secure Hash Algorithms Types of Password Attacks Password Cracking John the Ripper Hashcat Harvesting Credentials Exfiltration from the Local Host Lab 6-1: Extract SAM from the Windows Registry Lab 6-2: Hashdump Lab 6-3: Dump Credentials from Memory Exfil from the Local Network Lab 6-4: Responder Chapter Review Questions Answers Chapter 7 Discovery and Lateral Movement Discovery Windows Situational Awareness Lab 7-1: Recon with PowerView Lab 7-2: Recon with Empire Lab 7-3: Information Gathering with SharpHound Linux Situational Awareness Lateral Movement Linux Pivoting Lab 7-4: Port Forwarding Windows Pivoting Lab 7-5: Pass-the-Hash Lab 7-6: Built-in Tools Lab 7-7: Lateral Movement, Owning the Domain Chapter Review Questions Answers Chapter 8 Data Collection and Exfiltration Data Collection Data from Local System Data from Information Repositories Data Exfiltration with Frameworks Lab 8-1: Exfilling Data with Metasploit Input and Screen Capture Clipboard Data Lab 8-2: Exfilling Data with Empire Exfilling Sensitive Files Timestomping Data Exfiltration with Operating System Tools Scheduled Transfer Lab 8-3: Exfilling Data Using Linux Cron Jobs Lab 8-4: Exfilling Data Using Windows Scheduled Tasks Chapter Review Questions Answers Chapter 9 Writing and Communicating the Pentest Report The Pentest Report Report Writing Best Practices Preparing to Write the Report Writing the Report Report Handling Chapter Review Questions Answers Appendix A Penetration Testing Tools and References Credential Testing Tools Debuggers Evasion and Code Obfuscation Networking Tools Penetration Testing Frameworks Reconnaissance (OSINT) Remote Access Tools Social Engineering Tools Virtual Machine Software Vulnerability and Exploitation Research Vulnerability Scanners Web and Database Tools Wireless Testing Tools Appendix B Setting Up a Basic GPEN Lab What You Need Home Base (Host Machine) and Domain Controller Windows Clients CentOS VM with Web Apps Kali Linux Attack VM Backing Up with VM Snapshots Metasploitable VMs Complete Lab Setup Appendix C Capstone Project Capstone Tasks Exercise One: Reconnaissance Exercise Two: Initial Access Exercise Three: Exploit Chaining Exercise Four: Exploit Chaining Redux Capstone Hints Exercise One: Reconnaissance Exercise Two: Initial Access Exercise Three: Exploit Chaining Exercise Four: Exploit Chaining Redux Capstone Walkthrough Exercise One: Reconnaissance Exercise Two: Initial Access Exercise Three: Exploit Chaining Exercise Four: Exploit Chaining Redux Appendix D About the Online Content System Requirements Your Total Seminars Training Hub Account Privacy Notice Single User License Terms and Conditions TotalTester Online Other Book Resources Technical Support Glossary Index