All
All analysis Bug Bounty ceh cissp Cyclic Redundancy Check css ecsa exploit google-hacking hacking html Kali Linux machine-learning metasploit Offensive Security red-team shell web-design wireless
Menu
[ PDF ] The Hacker Playbook 2 - Practical Guide To Penetration Testing

[ PDF ] The Hacker Playbook 2 - Practical Guide To Penetration Testing

Categories hacking , kali-linux , red-team
Description Download Report
quang cao

[ PDF ] The Hacker Playbook 2 - Practical Guide To Penetration Testing
This is the second iteration of The Hacker Playbook (THP). For those that read the first book, this is an extension of that book. Below is an overview of all of the new vulnerabilities and attacks that will be discussed. In addition to the new content, attacks and techniques from the first book, which are still relevant today, are included to eliminate the need to refer back to the first book. So, what’s new?

Some of the updated attacks from the last year and a half include:

  • Heartbleed
  • ShellShock
  • Kerberos issues (Golden Ticket/Skeleton Key)
  • PTH Postgres
  • New Spear Phishing
  • Better/Cheaper Dropboxes
  • Faster/Smarter Password Cracking
  • New WIFI attacks
  • Tons of PowerShell scripts
  • Privilege Escalation Attacks
  • Mass network compromises
  • Moving laterally smarter
  • Burp Modules
  • Printer Exploits
  • Backdoor Factory
  • ZAP Proxy
  • Sticky Keys
  • NoSQL Injection
  • Commercial Tools (Cobalt Strike, Canvas, Core Impact)
  • Lab sections
  • And so much more

In addition to describing the attacks that have changed in the last couple years, I have attempted to incorporate all of the comments and recommendations received from readers of the first book into this second book. A more in-depth look into how to set up a lab environment in which to test your attacks is also given, along with the newest tips and tricks of penetration testing. Lastly, I tried to make this version easier to follow since many schools have incorporated my book into their curricula. Whenever possible, I have added lab sections that help provide a way to test a vulnerability or exploit.

What’s not different? One of my goals from the first book was to make this as “real world” as possible. I really tried to stay away from theoretical attacks and focused on what I have seen from personal experience and what actually worked. The second goal was to strengthen your core understanding as a penetration tester. In other words, I wanted to encourage you to use different methods to boost your value to your current or future company or client. Just running a vulnerability scanner and submitting that as your report provides no real benefit to a company. Also, penetration tests with an extremely limited scope will give a false sense of security. To THP1 readers, rest assured that although you may find some familiar information, there is a great deal of new information in THP2, which has double the content compared to its predecessor. Additionally, by popular demand, I have created a slew of scripts and tools to help you in your hacking adventure. This was probably one of the top requests by readers, so I have included a ton of scripts located in my Github (https://github.com/cheetz) and tried to make it easier to follow.

For those who did not read the first book, you might be wondering what experience I have as a penetration tester. My background comes from eight years of penetration testing for major financial institutions, large utility companies, Fortune 500 entertainment companies, and government organizations. I have also spent years teaching offensive network security, spoken at Toorcon/Derbycon/BayThreat, been referenced in many security publications, and currently run a security community of over 300 members in Southern California. My hope is that you will be able to take what I have learned and incorporate it into your own security lifestyle. From a technical standpoint, many tools and attacks have changed in the past couple years. With attacks like pass-the-hash, and with Group Policy Preferences getting patched, the process and methods of attackers have changed.

One important note is that I am using both commercial tools and open source. For every commercial tool, I try to give an open source counterpart. I occasionally run into some pentesters that say they only use open source tools. As a penetration tester, I find this a hard statement to take. If you are supposed to emulate a “real world” attack, the “bad guys” do not have these restrictions, then you need to use any tool that works to get the job done.

Who is this book intended for? You need to have some experience with Microsoft Active Directory, a solid understanding of Linux, some networking background, some coding experience (Bash, Python, Perl, Ruby, PHP, C, or anything along that line), and using security tools like vulnerability scanners and exploit tools (i.e. Metasploit). If you don’t have the background, but are interested in getting into security, I would suggest making sure you have the basics down. You can’t just jump into security without the basic knowledge of how things work first.

This book is not just for those looking to get into or who currently are in the offensive fields. This book provides valuable information and insight for incident responders as well, as they need to know how attackers think and what methods they use.

Lastly, I want to discuss a bit about the difference between researchers and penetration testers. Many times, these two professions blend together, as both need to be knowledgeable in both areas.

However, in this book, I separate the two areas slightly and focus on penetration testing. To clarify, in this book, a researcher is one who focuses on a single or limited scope and spends more time reversing the application/protocol/OS. Their goal is to discover an unknown exploit for that particular vulnerability. On the other hand (and remember this is a generalization), a penetration tester takes what is already known to compromise systems and applications. There will always be some overlap–a pentester will still fuzz vulnerabilities (for example, web parameters) and find zerodays–but he/she might not spend as much time finding all the issues as a researcher might.

Newer Home Older
Recommend See all
Offensive Security - Wireless Attacks - WiFu version 3.0 pdf
Offensive Security - Wireless Attacks - WiFu version 3.0 pdf kali-linux
Advanced Windows Exploitation Techniques by Offensive Security pdf
Advanced Windows Exploitation Techniques by Offensive Security pdf exploit
Real World Bug Hungting A Field Guide to Web Hacking by Peter Yaworski
Real World Bug Hungting A Field Guide to Web Hacking by Peter Yaworski bug-bounty
Google Hacking for Penetration Testers Third Edition by Johnny Long - Bill Gardner - Justin Brown pdf
Google Hacking for Penetration Testers Third Edition by Johnny Long - Bill Gardner - Justin Brown pdf google-hacking
CEH Certified Ethical Hacker All-in-One Exam Guide, Fourth Edition by Matt Walker
CEH Certified Ethical Hacker All-in-One Exam Guide, Fourth Edition by Matt Walker ceh
[ PDF ] The Hacker Playbook 3: Practical Guide To Penetration Testing
[ PDF ] The Hacker Playbook 3: Practical Guide To Penetration Testing hacking
Penetration Testing with Kali Linux by Offensive Security Pdf
Penetration Testing with Kali Linux by Offensive Security Pdf hacking
The Hacker’s Handbook The Strategy behind Breaking into and Defending Networks
The Hacker’s Handbook The Strategy behind Breaking into and Defending Networks crc
Kali Linux Cookbook pdf
Kali Linux Cookbook pdf hacking
Machine Learning for Hackers by Drew Conway and John Myles White
Machine Learning for Hackers by Drew Conway and John Myles White hacking