دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب Nmap Network Exploration and Security Auditing Cookbook
دانلود کتاب کتاب آشپزی اکتشاف و حسابرسی امنیت شبکه Nmap
مشخصات کتاب
Nmap Network Exploration and Security Auditing Cookbook
دسته بندی: امنیت ویرایش: 3 نویسندگان: Paulino Calderon سری: ISBN (شابک) : 1838649352, 9781838649357 ناشر: Packt Publishing سال نشر: 2021 تعداد صفحات: 436 زبان: English فرمت فایل : PDF (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود) حجم فایل: 30 مگابایت
قیمت کتاب (تومان) : 88,000
کلمات کلیدی مربوط به کتاب کتاب آشپزی اکتشاف و حسابرسی امنیت شبکه Nmap: پایگاه های داده، امنیت، برنامه های کاربردی وب، MySQL، MongoDB، کتاب آشپزی، HTTP، Apache Cassandra، CouchDB، Redis، بهترین روش ها، امنیت شبکه، Microsoft Windows، Microsoft SQL Server، اسکن آسیب پذیری، سرورهای وب، اتوماسیون، تزریق SQL، SMTP، Lua، Shodan، SCADA، XSS، Samba، فایروال ها، Brute Force، ایمیل، گزارش، اسکن شبکه، گزارش آسیب پذیری، Zenmap، اسکریپت، Ndiff، Nping، Nmap، Ncrack، Ncat
در صورت تبدیل فایل کتاب Nmap Network Exploration and Security Auditing Cookbook به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب کتاب آشپزی اکتشاف و حسابرسی امنیت شبکه Nmap نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی درمورد کتاب به خارجی
فهرست مطالب
Cover Title Page Copyright and Credits Contributors Table of Contents Preface Chapter 1: Nmap Fundamentals Technical requirements Building Nmap\'s source code Getting ready How to do it... How it works... There\'s more... Finding online hosts How to do it... How it works... There\'s more... Listing open ports on a target How to do it... How it works... There\'s more... Fingerprinting OSes and services running on a target How to do it... How it works... There\'s more... Using NSE scripts against a target host How to do it... How it works... There\'s more... Scanning random targets on the internet How to do it... How it works... There\'s more... Collecting signatures of web servers How to do it... How it works... There\'s more... Scanning with Rainmap Lite Getting ready How to do it... How it works... There\'s more... Chapter 2: Getting Familiar with Nmap\'s Family Monitoring servers remotely with Nmap and Ndiff Getting ready How to do it... How it works... There\'s more... Crafting ICMP echo replies with Nping How to do it... How it works... There\'s more... Managing multiple scanning profiles with Zenmap How to do it... How it works... There\'s more... Running Lua scripts against a network connection with Ncat How to do it... How it works... There\'s more... Discovering systems with weak passwords with Ncrack Getting ready How to do it... How it works... There\'s more... Using Ncat to diagnose a network client How to do it... How it works... There is more... Defending against Nmap service detection scans How to do it... How it works... There\'s more... Chapter 3: Network Scanning Discovering hosts with TCP SYN ping scans How to do it... How it works... There\'s more... Discovering hosts with TCP ACK ping scans How to do it... How it works... There\'s more... Discovering hosts with UDP ping scans How to do it... How it works... There\'s more... Selecting ports in UDP ping scans Discovering hosts with ICMP ping scans How to do it... How it works... There\'s more... Discovering hosts with SCTP INIT ping scans How to do it... How it works... There\'s more... Discovering hosts with IP protocol ping scans How to do it... How it works... There\'s more... Discovering hosts with ARP ping scans How to do it... How it works... There\'s more... Performing advanced ping scans How to do it... How it works... There\'s more... Discovering hosts with broadcast ping scans How to do it... How it works... There\'s more... Scanning IPv6 addresses How to do it... How it works... There\'s more... Spoofing the origin IP of a scan Getting ready How to do it... How it works… There\'s more... Using port scanning for host discovery How to do it... How it works... There\'s more... Chapter 4: Reconnaissance Tasks Performing IP address geolocation Getting ready How to do it... How it works... There\'s more... Getting information from WHOIS records How to do it... How it works... There\'s more... Obtaining traceroute geolocation information How to do it... How it works... There\'s more... Querying Shodan to obtain target information Getting ready How to do it... How it works... There\'s more... Collecting valid email accounts and IP addresses from web servers How to do it... How it works... There\'s more... Discovering hostnames pointing to the same IP address How to do it... How it works... There\'s more... Discovering hostnames by brute-forcing DNS records How to do it... How it works... There\'s more... Matching services with public vulnerability advisories and picking the low-hanging fruit How to do it... How it works... There\'s more... Chapter 5: Scanning Web Servers Listing supported HTTP methods How to do it... How it works... There\'s more... Discovering interesting files and folders on web servers How to do it... How it works... There\'s more... Brute forcing HTTP authentication How to do it... How it works... There\'s more... Brute forcing web applications How to do it... How it works... There\'s more... Detecting web application firewalls How to do it... How it works... There\'s more... Detecting possible XST vulnerabilities How to do it... How it works... There\'s more... Detecting XSS vulnerabilities How to do it... How it works... There\'s more... Finding SQL injection vulnerabilities How to do it... How it works... There\'s more… Finding web applications with default credentials How to do it... How it works... There\'s more... Detecting insecure cross-domain policies How to do it... How it works... There\'s more... Detecting exposed source code control systems How to do it... How it works... There\'s more... Auditing the strength of cipher suites in SSL servers How to do it... How it works... There\'s more... Chapter 6: Scanning Databases Listing MySQL databases How to do it… How it works... There\'s more... Listing MySQL users How to do it... How it works… There\'s more... Listing MySQL variables How to do it... How it works... There\'s more... Brute forcing MySQL passwords How to do it... How it works... There\'s more... Finding root accounts with an empty password in MySQL servers How to do it... How it works... There\'s more... Detecting insecure configurations in MySQL servers How to do it... How it works... There\'s more... Brute forcing Oracle passwords How to do it... How it works... There\'s more... Brute forcing Oracle SID names How to do it... How it works... There\'s more... Retrieving information from MS SQL servers How to do it... How it works... There\'s more... Brute forcing MS SQL passwords How to do it... How it works... There\'s more... Dumping password hashes of MS SQL servers How to do it... How it works... There\'s more... Running commands through xp_cmdshell in MS SQL servers How to do it... How it works... There\'s more... Finding system administrator accounts with empty passwords in MS SQL servers How to do it... How it works... There\'s more... Obtaining information from MS SQL servers with NTLM enabled How to do it... How it works... There\'s more... Retrieving MongoDB server information How to do it... How it works... There\'s more... Detecting MongoDB instances with no authentication enabled How to do it... How it works... There\'s more... Listing MongoDB databases How to do it... How it works... There\'s more... Listing CouchDB databases How to do it... How it works... There\'s more... Retrieving CouchDB database statistics How to do it... How it works... There\'s more... Detecting Cassandra databases with no authentication enabled How to do it... How it works... There\'s more... Brute forcing Redis passwords How to do it... How it works... There\'s more... Chapter 7: Scanning Mail Servers Detecting SMTP open relays How to do it... How it works... There\'s more... Brute-forcing SMTP passwords How to do it... How it works... There\'s more... Detecting suspicious SMTP servers How to do it... How it works... There\'s more... Enumerating SMTP usernames How to do it... How it works... There\'s more... Brute-forcing IMAP passwords How to do it... How it works... There\'s more... Retrieving the capabilities of an IMAP server How to do it... How it works... There\'s more... Brute-forcing POP3 passwords How to do it... How it works... There\'s more... Retrieving the capabilities of a POP3 server How to do it... How it works... There\'s more... Retrieving information from SMTP servers with NTLM authentication How to do it... How it works... There\'s more... Chapter 8: Scanning Windows Systems Obtaining system information from SMB How to do it... How it works... There\'s more... Detecting Windows clients with SMB signing disabled How to do it... How it works... There\'s more... Detecting IIS web servers that disclose Windows 8.3 names How to do it... How it works... There\'s more... Detecting Windows hosts vulnerable to MS08-067 and MS17-010 How to do it... How it works... There\'s more... Retrieving the NetBIOS name and MAC address of a host How to do it... How it works... There\'s more... Enumerating user accounts of Windows targets How to do it... How it works... There\'s more... Enumerating shared folders How to do it... How it works... There\'s more... Enumerating SMB sessions How to do it... How it works... There\'s more... Finding domain controllers How to do it... How it works... There\'s more… Detecting the Shadow Brokers\' DOUBLEPULSAR SMB implants How to do it... How it works... There\'s more... Listing supported SMB protocols How to do it... How it works... There\'s more... Detecting vulnerabilities using the SMB2/3 boot-time field How to do it... How it works... There\'s more... Detecting whether encryption is enforced in SMB servers How to do it... How it works... There\'s more... Chapter 9: Scanning ICS/SCADA Systems Finding common ports used in ICS/SCADA systems How to do it... How it works... There\'s more... Finding HMI systems How to do it... How it works... There\'s more... Enumerating Siemens SIMATIC S7 PLCs How to do it... How it works... There\'s more... Enumerating Modbus devices How to do it... How it works... There\'s more... Enumerating BACnet devices How to do it... How it works... There\'s more... Enumerating Ethernet/IP devices How to do it... How it works... There\'s more... Enumerating Niagara Fox devices How to do it... How it works... There\'s more... Enumerating ProConOS devices How to do it... How it works... There\'s more... Enumerating Omrom PLC devices How to do it... How it works... There\'s more... Enumerating PCWorx devices How to do it... How it works... Chapter 10: Scanning Mainframes Listing CICS transaction IDs in IBM mainframes How to do it... How it works... There\'s more... Enumerating CICS user IDs for the CESL/CESN login screen How to do it... How it works... There\'s more... Brute-forcing z/OS JES NJE node names How to do it... How it works... There\'s more... Enumerating z/OS TSO user IDs How to do it... How it works... There\'s more... Brute-forcing z/OS TSO accounts How to do it... How it works... There\'s more... Listing VTAM application screens How to do it... How it works... There\'s more... Chapter 11: Optimizing Scans Skipping phases to speed up scans How to do it... How it works... There\'s more... Selecting the correct timing template How to do it... How it works... There\'s more... Adjusting timing parameters How to do it... There\'s more... Adjusting performance parameters How to do it... How it works... There\'s more... Adjusting scan groups How to do it... There\'s more... Distributing a scan among several clients using dnmap Getting ready How to do it... How it works... There\'s more... Chapter 12: Generating Scan Reports Saving scan results in a normal format How to do it... How it works... There\'s more... Saving scan results in an XML format How to do it... How it works... There\'s more... Saving scan results to a SQLite database Getting ready How to do it... How it works... There\'s more... Saving scan results in a grepable format How to do it... How it works... There\'s more... Generating a network topology graph with Zenmap How to do it... How it works... There\'s more... Generating HTML scan reports Getting ready How to do it... How it works... There\'s more... Reporting vulnerability checks How to do it... How it works... There\'s more... Generating PDF reports with fop Getting ready How to do it... How it works... There\'s more... Saving NSE reports in Elasticsearch Getting ready How to do it... How it works... There\'s more... Visualizing Nmap scan results with IVRE Getting ready How to do it... How it works... There\'s more... Chapter 13: Writing Your Own NSE Scripts Making HTTP requests to identify vulnerable Supermicro IPMI/BMC controllers How to do it... How it works... There\'s more... Sending UDP payloads using NSE sockets How to do it... How it works... There\'s more... Generating vulnerability reports in NSE scripts How to do it... How it works... There\'s more... Exploiting an SMB vulnerability How to do it... How it works... There\'s more... Writing brute-force password auditing scripts How to do it... How it works... There\'s more... Crawling web servers to detect vulnerabilities How to do it... How it works... There\'s more... Working with NSE threads, condition variables, and mutexes in NSE How to do it... How it works... There\'s more... Writing a new NSE library in Lua How to do it... How it works... There\'s more... Writing a new NSE library in C/C++ How to do it... How it works... There\'s more... Getting your scripts ready for submission How to do it... How it works... There\'s more... Chapter 14: Exploiting Vulnerabilities with the Nmap Scripting Engine Generating vulnerability reports in NSE scripts How to do it... How it works... There\'s more... Writing brute-force password auditing scripts How to do it... How it works... There\'s more... Crawling web servers to detect vulnerabilities How to do it... How it works... There\'s more... Exploiting SMB vulnerabilities How to do it... How it works... There\'s more... Appendix A– HTTP, HTTP Pipelining, and Web Crawling Configuration Options HTTP user agent HTTP pipelining Configuring the NSE httpspider library Appendix B – Brute-Force Password Auditing Options Brute modes Appendix C – NSE Debugging Debugging NSE scripts Exception handling Appendix D – Additional Output Options Saving output in all formats Appending Nmap output logs Including debugging information in output logs Including the reason for a port or host state OS detection in verbose mode Appendix E – Introduction to Lua Flow control structures Conditional statements – if, then, elseif Loops – while Loops – repeat Loops – for Data types String handling Character classes Magic characters Patterns Captures Repetition operators Concatenation Finding substrings String repetition String length Formatting strings Splitting and joining strings Common data structures Tables Arrays Linked lists Sets Queues Custom data structures I/O operations Modes Opening a file Reading a file Writing a file Closing a file Coroutines Creating a coroutine Executing a coroutine Determining the current coroutine Getting the status of a coroutine Yielding a coroutine Metatables Arithmetic metamethods Relational metamethods Things to remember when working with Lua Comments Dummy assignments Indexes Semantics Coercion Safe language Booleans Appendix F – References and Additional Reading Other Books You May Enjoy Index
نظرات کاربران
کتاب های مرتبط
دانلود کتاب Software Systems Safety
دانلود کتاب Seguridad en Equipos Informáticos
دانلود کتاب Building Virtual Pentesting Labs for Advanced Penetration Testing: Build intricate virtual architecture to practice any penetration testing technique virtually
دانلود کتاب Encyclopedia of Cyber Warfare
دانلود کتاب Umstrittene Partnerschaft : Cybersicherheit, Internet Governance und Datenschutz in der transatlantischen Zusammenarbeit
دانلود کتاب Linux Server Hacks: 100 Industrial-Strength Tips and Tricks
دانلود کتاب Developing Feeds with RSS and Atom
دانلود کتاب Hacker's Blackbook
