Présentation de l'éditeur
This tutorial will immerse you in the fascinating environment of penetration testing. Thoroughly practical and written for ease of understanding, it will give you the insights and knowledge you need to start using BackBox.
- Experience the real world of penetration testing with Backbox Linux using live, practical examples
- Gain an insight into auditing and penetration testing processes by reading though live sessions
- Learn how to carry out your own testing using the latest techniques and methodologies
BackBox is an amazing Linux security distribution designed to keep in mind the needs of security and system administration specialists. It has been developed to perform penetration tests and security assessments. Designed to be fast and easy to use while providing a minimal yet complete desktop environment, Backbox comes with its own software repositories and is continually updated to the latest stable version of the most widely used and best-known ethical hacking tools.
This book provides an exciting introduction to BackBox Linux in order give you familiarity with and understanding of this amazing Linux security distro, making you feel comfortable with both the subject of pen-testing and BackBox. The book progresses through topics based on standard cases of penetration testing from the initial steps to the final procedures.
This book will help you discover the exciting world of penetration testing through a series of step-by-step, practical lessons. Penetration Testing with BackBox is organized into eight chapters. Starting with an introduction to BackBox Linux in order to give you a solid grounding of this amazing Linux security distro, including both its design philosophy and feature set, before moving on to practical tutorials in using BackBox. The book is arranged in a chronological order based on standard cases of penetration testing. For those more experienced in the use of penetration testing tools, each chapter can be read independently, providing a detailed overview of how BackBox will augment your arsenal of tools at each step of the penetration testing process.
Throughout this book, you will be given a clear picture of IT security cases by having one of the most popular topics of penetration testing demonstrated in a user-friendly way. By the end of the book, you will have learned all the fundamental skills needed to use BackBox for ethical hacking.
What you will learn from this book
- Perform reconnaissance and collect information about an unknown system
- Perform vulnerability scanning, management, and assessment, as well as understand false positives
- Understand how SQL injection attacks work and find injectable pages on a web server
- Sniff the network to capture sensitive data and learn different methods of privilege escalation
- Maintain permanent access on a target server once access is initially granted
- Use exploitation tools like Metasploit to exploit the reported vulnerabilities
- Learn how to document and generate reports from the entire auditing process
This practical book outlines the steps needed to perform penetration testing using BackBox. It explains common penetration testing scenarios and gives practical explanations applicable to a real-world setting.
Who this book is written for
This book is written primarily for security experts and system administrators who have an intermediate Linux capability. However, because of the simplicity and user-friendly design, it is also suitable for beginners looking to understand the principle steps of penetration testing.
Biographie de l'auteur
Stefan Umit Uygur
Stefan Umit Uygur has been an IT System and Security engineer for 14 years. He is an extremely motivated open source software evangelist with a passion for sharing knowledge and working in a community environment. He is highly experienced in Penetration Testing and Vulnerability Analysis, Management, and Assessment. He has been involved in many open source software projects, for example BackBox, where he is part of the core team. He has helped to promote the free software culture around the world by participating and organizing international confere nces. He significantly contributes to shedding the false and negative perceptions around hacking and hackers by promoting the hacker world in a positive light. He explains in detail the real world of hacking, hackers' motivations, and their philosophy, ethics, and freedom. These activities are promoted mainly through national and international magazines, and in particular, during the conferences that he participates. Along with his professional activities, he has contributed to the Linux magazine, the PenTest magazine, and a few other small, periodic, technical publications.
However, his main passion is continuous collaboration with the community as he believes in the community more than anything else. He strongly feels that knowledge shouldn't be owned by a few people, but should be the heritage of the entire collective. He is always grateful to the community for the skills and the knowledge he possesses. One of the definitions he gives to the community is that it is the real school and university where one truly learns.