O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Penetration Tester's Open Source Toolkit, 3rd Edition

Book Description

Penetration Tester’s Open Source Toolkit, Third Edition, discusses the open source tools available to penetration testers, the ways to use them, and the situations in which they apply.
The book consists of 10 chapters that focus on a specific area of penetration testing: tools of the trade; reconnaissance; scanning and enumeration; client-side attacks and human weaknesses; hacking database services; Web server and Web application testing; network devices; enterprise application testing; wireless penetrating testing; and building penetration test labs. Each chapter is organized to discuss objectives associated with the focus area, an approach to penetration testing of that area, core technologies for penetration testing, and open source tools that can be used to perform penetration testing. The chapters also include case studies where the tools that are discussed are applied.
This book is for people who are interested in penetration testing or professionals engaged in penetration testing. Those working in the areas of database, network, system, or application administration, as well as architects, can gain insights into how penetration testers perform testing in their specific areas of expertise and learn what to expect from a penetration test. This book can also serve as a reference for security or audit professionals.

  • Details current open source penetration testing tools
  • Presents core technologies for each type of testing and the best tools for the job
  • New to this edition: Enterprise application testing, client-side attacks and updates on Metasploit and Backtrack

Table of Contents

  1. Cover image
  2. Table of Contents
  3. Frontmatter
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. Introduction
  8. About the Author
  9. About the Technical Editor
  10. Chapter 1. Tools of the trade
  11. 1.1. Objectives
  12. 1.2. Approach
  13. 1.3. Core technologies
  14. 1.4. Open source tools
  15. 1.5. Case study: the tools in action
  16. 1.6. Hands-on challenge
  17. Chapter 2. Reconnaissance
  18. 2.1. Objective
  19. 2.2. A methodology for reconnaissance
  20. 2.3. Intelligence gathering
  21. 2.4. Footprinting
  22. 2.5. Human recon
  23. 2.6. Verification
  24. 2.7. Case study: the tools in action
  25. 2.8. Hands-on challenge
  26. Chapter 3. Scanning and enumeration
  27. 3.1. Objectives
  28. 3.2. Scanning
  29. 3.3. Enumeration
  30. 3.4. Case studies: the tools in action
  31. 3.5. Hands-on challenge
  32. Chapter 4. Client-side attacks and human weaknesses
  33. 4.1. Objective
  34. 4.2. Phishing
  35. 4.3. Social network attacks
  36. 4.4. Custom malware
  37. 4.5. Case study: the tools in action
  38. 4.6. Hands-on challenge
  39. Chapter 5. Hacking database services
  40. 5.1. Objective
  41. 5.2. Core technologies
  42. 5.3. Microsoft SQL Server
  43. 5.4. Oracle database management system
  44. 5.5. Case study: the tools in action
  45. 5.6. Hands-on challenge
  46. Chapter 6. Web server and web application testing
  47. 6.1. Objective
  48. 6.2. Approach
  49. 6.3. Core technologies
  50. 6.4. Open source tools
  51. 6.5. Case study: the tools in action
  52. 6.6. Hands-on challenge
  53. Chapter 7. Network devices
  54. 7.1. Objectives
  55. 7.2. Approach
  56. 7.3. Core technologies
  57. 7.4. Open source tools
  58. 7.5. Case study: the tools in action
  59. 7.6. Hands-on challenge
  60. Chapter 8. Enterprise application testing
  61. 8.1. Objective
  62. 8.2. Core technologies
  63. 8.3. Approach
  64. 8.4. Open source tools
  65. 8.5. Case study: the tools in action
  66. 8.6. Hands-on challenge
  67. Chapter 9. Wireless penetration testing
  68. 9.1. Objective
  69. 9.2. Approach
  70. 9.3. Core technologies
  71. 9.4. Open source tools
  72. 9.5. Case study: the tools in action
  73. 9.6. Hands-on challenge
  74. Chapter 10. Building penetration test labs
  75. 10.1. Objectives
  76. 10.2. Approach
  77. 10.3. Core technologies
  78. 10.4. Open source tools
  79. 10.5. Case study: the tools in action
  80. 10.6. Hands-on challenge
  81. Index