Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework - Brossura

Informazioni sull?autore

JESSEY BULLOCK is a Senior Application Security Engineer with a game company. Having previously worked at both NGS and iSEC Partners as a consultant, he has a deep understanding of application security and development, operating systems internals, and networking protocols. Jessey has experience working across multiple industry sectors, including health care, education, and security. Jessey holds multiple security certifications, including CISSP, CCNA, CWNA, GCFE, CompTIA Security+, CompTIA A+, OSCP, GPEN, CEH, and GXPN. JEFF T. PARKER is a seasoned IT security consultant with a career spanning 3 countries and as many Fortune 1OO companies. Now in Halifax, Canada, Jeff enjoys life most with his two young children, hacking professionally while they're in school.

Dalla quarta di copertina

An essential guide to network security and the feature-packed Wireshark toolset

Open source protocol analyzer Wireshark is the de facto analysis tool across many fields, including the security field. Wireshark provides a powerful feature set that allows you to inspect your network at a microscopic level. The diverse features and support for numerous protocols make Wireshark an invaluable security tool, but also difficult or intimidating for newcomers to learn. Wireshark for Security Professionals is the answer, helping you to leverage Wireshark and related tools such as the command line TShark application quickly and effectively. Coverage includes a complete primer on Metasploit, the powerful offensive tool, as well as Lua, the popular scripting language.

This highly practical guide gives you the insight you need to successfully apply what you've learned in the real world. Examples show you how Wireshark is used in an actual network with the provided Docker virtual environment, and basic networking and security principles are explained in detail to help you understand the why along with the how. Using the Kali Linux penetration testing distribution in combination with the virtual lab and provided network captures, you can follow along with the numerous examples or even start practicing right away in a safe network environment. The hands-on experience is made even more valuable by the emphasis on cohesive application, helping you exploit and expand Wireshark's full functionality by extending Wireshark or integrating it with other security tools.

With coverage of both offensive and defensive security tools and techniques, Wireshark for Security Professionals shows you how to secure any network as you learn to:

• Understand the basics of Wireshark and the related toolset as well as the Metasploit Framework
• Explore the Lua scripting language and how it can be used to extend Wireshark
• Perform common offensive and defensive security research tasks with Wireshark
• Gain hands-on experience in a Docker virtual lab environment that replicates real-world enterprise networks
• Capture packets using advanced MitM techniques
• Customize the provided source code to expand your toolset