Advanced Penetration Testing: Hacking the World's Most Secure Networks - Brossura

Wil Allsopp is an IT security expert with 20 years experience, specializing in red team engagements, penetration testing, vulnerability assessment, security audits, secure source code review, social engineering, and advanced persistent threats. He has performed ethical hacking and penetration testing for numerous Fortune 100 companies.

HOW TO ESTABLISH AN IMPENETRABLE LINE OF DEFENSE USING EVERYTHING IN THE PROFESSIONAL HACKER'S BAG OF TRICKS

Typical penetration testing is highly formulaic and involves little more than time-limited network and application security audits. If they are to have any hope of defending their assets against attacks by today's highly motivated professional hackers, high-value targets will have to do a better job of hardening their IT infrastructures. And that can only be achieved by security analysts and engineers fully versed in the professional hacker's manual of dirty tricks and penetration techniques.

Written by a top security expert who has performed hacking and penetration testing for Fortune 100 companies worldwide, Advanced Penetration Testing: Hacking the World's Most Secure Networks schools you in advanced techniques for targeting and compromising high-security environments that aren't taught in any certification prep or covered by common defense scanners. Author Wil Allsopp goes well beyond Kali linux and Metasploit to provide a complex, highly realistic attack simulation. Taking a multidisciplinary approach combining social engineering, programming, and vulnerability exploits, he teaches you how to:

• Discover and create attack vectors
• Move unseen through a target enterprise and reconnoiter networks, operating systems, and test structures
• Employ social engineering strategies to create an initial compromise
• Establish a beachhead and leave a robust command-and-control structure in place
• Use advanced data exfiltration techniques?even against targets without direct Internet connections
• Utilize advanced methods for escalating privilege
• Infiltrate deep into networks and operating systems using harvested credentials
• Create custom code using VBA, Windows® Scripting Host, C, Java®, JavaScript®, Flash, and more