Capturas de pantalla:
Descripción
This is an Advanced Network Server Penetration Testing Guide which provides detailed guide on Modern Modes of Network Server Penetration Testing.
The content of this guide include:
1. Hacking concepts and phases 2. Passive reconnaissance & Active reconnaissance 3. Port scanning & Network scanning 4. Vulnerability scanning & Maintaining access 5. White box pentesting, Black box pentesting & Gray box pentesting 6. Red teaming, Blue teaming & Purple teaming 7. Using theHarvester tool for Open Source intelligence gathering. 8. Installing Nexpose for Modern Server Penetration Testing 9. Advanced Linux Exploitation 10. Linux attack vectors - Network, Host & Application Threats 11. Linux enumeration with LinEnum 12. OS detection with Nmap 13. Exploiting Linux services - X11 service, Wildcards, SUID abuse & Linux kernel exploitation 14. Linux privilege checker 15. Linux kernel exploitation 16. UserLand versus kernel land 17. Linux kernel vulnerabilities 18. Memory corruption & Kernel Stack vulnerabilities 19. Linux Exploit Suggester 20. Linux return oriented programming 21. Linux hardening 22. Corporate Network and Database Exploitation 23. Insecure SNMP configuration 24. Database server exploitations 25. TCP communication 26. ICMP scanning 27. SSDP scanning 28. UDP Scanning 29. Host-based & Network-based Intrusion detection systems 30. Machine learning for intrusion detection 31. Insecure SNMP configuration 32. DNS security 33. DNS attacks 34. Sniffing attacks - ARP Poisoning & MAC spoofing 35. WireShark & DDoS attacks - SYN flooding, ICMP flood attack 36. Defending against DDoS attacks 37. Software-Defined Network penetration testing 38. SDN attacks & SDNs penetration testing 39. Attacks on database servers - Excessive privileges, SQL injection, Weak authentication & Exposure of backup data 40. Active Directory and Kerberos - Active Directory attacks 41. Lightweight Directory Access Protocol 42. PowerShell and Active Directory 43. Using PowerView for Active Directory Attack 44. Dumping all domain credentials with Mimikatz 45. Dumping LSASS memory with Task Manager (get domain admin credentials) 46. Dumping Active Directory domain credentials from an NTDS.dit file 47. Docker & Kernel Exploitation 48. Building a penetration testing laboratory 49. Exploiting Git and Continuous Integration Servers 50. Installing Jenkins 51. Continuous integration attacks 52. Continuous integration server penetration testing 53. Continuous security with Zed Attack Proxy 54. Metasploit and PowerShell for Post-Exploitation 55. Nishang PowerShell for penetration testing and offensive security 56. Dissecting Metasploit Framework 57. Bypassing antivirus with the Veil-Framework 58. Writing your own Metasploit module 59. Weaponized PowerShell with Metasploit 60. PowerSploit - AntivirusBypass, Exfiltration, Persistence, PowerUp, PowerView 61. Defending against PowerShell attacks 62. VLAN Exploitation 63. MAC attack 64. DHCP attacks 65. DHCP starvation 66. Rogue DHCP server 67. VLAN hopping attacks 68. Spanning Tree Protocol attacks 69. VoIP Exploitation 70. RTP/RTCP 71. Secure Real-time Transport Protocol 72. Eavesdropping 73. SIP registration hijacking 74. Spam over Internet Telephony 75. VoLTE attacks 76. SiGploit – Telecom Signaling Exploitation Framework 77. Insecure VPN Exploitation 78. Cryptographic attacks - Brute force attack (BFA) & Dictionary attack, Birthday attack, 79. Routing and Router Vulnerabilities 80. Exploiting routing protocols 81. OSPF attacks 82. MaxAge LSAs, Seq++ attack, Persistent poisoning & Internet of Things Exploitation