What do you think?
Rate this book
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
The information security field has grown by leaps and bounds over the last decade. Everyday more people around the globe gain access to the internet and not all of them with good intentions. The need for penetration testers has grown now that the security industryhas had time to mature. Simply running a vulnerability scanner is a thing of the past and is no longer an effective method of determining a business's true security posture. Learn effective penetration testing skills so that you can effectively meet and manage the rapidly changing security needs of your company.
Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.
The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You'll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution.
Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more.
Advanced Penetration Testing for Highly-Secured Environments will teach you how to efficiently and effectively ensure the security posture of environments that have been secured using IDS/IPS, firewalls, network segmentation, hardened system configurations and more. The stages of a penetration test are clearly defined and addressed using step-by-step instructions that you can follow on your own virtual lab.
The book follows the standard penetration testing stages from start to finish with step-by-step examples. The book thoroughly covers penetration test expectations, proper scoping and planning, as well as enumeration and footprinting. You'll learn how to clean up and compile proof of concept, exploit code from the web, advanced web application testing techniques, client side attacks, post exploitation strategies, detection avoidance methods, generation of well defined reports and metrics, and setting up a penetration testing virtual lab that mimics a secured environment. The book closes by issuing a challenge to your skills and ability to perform a full penetration test against a fictional corporation; followed by a detailed walk through of the solution.
Advanced Penetration Testing for Highly-Secured Environments is packed with detailed examples that reinforce enumeration, exploitation, post-exploitation, reporting skills and more.
414 pages, Paperback
First published May 16, 2012
10 people are currently reading
108 people want to read
About the author
Lee Allen
3 booksLibrarian Note: There is more than one author in the Goodreads database with this name.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 9 of 9 reviews
September 21, 2012
This book is pretty good for learning more about the nuts and bolts of pen-testing (like if you do security for a company and don't actually get to do the sexier pentest stuff.
Covers how to set up your own virtual lab, getting as complex as you need (including firewalls and all other fun stuff.)
If your spouse or SO is into security too, this is a great book for "together" projects.
Yep, I'm a dork.
Covers how to set up your own virtual lab, getting as complex as you need (including firewalls and all other fun stuff.)
If your spouse or SO is into security too, this is a great book for "together" projects.
Yep, I'm a dork.
November 1, 2017
Very good book for beginners. I'm not sure why it uses "Advanced" in the title. I'm not very experienced with pen-testing myself, but I thought the outline and guidance given on the step by step recommended processes to pen-testing were explained well, but appeared to be simple examples of vulnerabilities that are already well known, and therefore not likely to be seen in a "Highly-Secured Environment". The clear explanations given were sufficient to help somebody interested in pen-testing to get started, and build a good foundation. The title, in my opinion, is a bit mis-leading. You'll be walked through vulnerabilities and examples of older operating systems, but good luck using this book to actually penetrate a highly secure environment. But you will have a good push to head in that direction. Overall it's a book and I'd recommend it. The reading for some of these types of books can be overly complicated and dry, but this one was not like that.
July 23, 2017
Covers a lot of territory very well...
May 20, 2014
I started reading the book as advised from friend before starting OSCP Certification ,
it's really cool , contain amazing info and scenarios
the reason i didn't give it 5 stars is the lake of IDS evasion and also the very less post exploitation techniques
But the book is really great and highly recommended for infosec guys
it's really cool , contain amazing info and scenarios
the reason i didn't give it 5 stars is the lake of IDS evasion and also the very less post exploitation techniques
But the book is really great and highly recommended for infosec guys
February 2, 2016
Very technical with all the command line items in current applications to do specific functions.
The three sections I enjoyed the most were:
1) NMap - excellent coverage of the applications and all the command line combinations that can be used.
2) Web Site scraping - I was very interested in the section on how to detect load balancers in NMap.
3) Sample Pen Test Report.
The three sections I enjoyed the most were:
1) NMap - excellent coverage of the applications and all the command line combinations that can be used.
2) Web Site scraping - I was very interested in the section on how to detect load balancers in NMap.
3) Sample Pen Test Report.
September 14, 2013
İ spend tow day's to read this book from cover to cover and its was really so exeited to read and i really recommend every pentester to read this book .. İt open ur eyes for eveything and its easy to reconized and understand all the information inside of it ;)
April 14, 2013
Bastante útil sobre el cómo y con qué documentar.
August 28, 2017
As a complete novice in this field I must say, I've learned a lot! It covers many things from rules of engagement to penetration itself. After reading this one should take time to think about security of one's system and how easy it could be to penetrate it.
Read
August 9, 2018Location: GG5 IRC
Accession No: DL030057
Accession No: DL030057
Displaying 1 - 9 of 9 reviews