|
Penetration testers are faced with a combination of firewalls, intrusion detection
systems, host-based protection, hardened systems, and teams of knowledgeable
analysts that pour over data collected by their security information management
systems. In an environment such as this, simply running automated tools will
typically yield few results. The false sense of this security can easily result in the
loss of critical data and resources.
Advanced Penetration Testing for Highly Secured Environments provides guidance
on going beyond the basic automated scan. It will provide you with a stepping
stone which can be used to take on the complex and daunting task of effectively
measuring the entire attack surface of a traditionally secured environment.
Advanced Penetration Testing for Highly Secured Environments uses only freely available
tools and resources to teach these concepts. One of the tools we will be using is the
well-known penetration testing platform BackTrack. BackTrack's amazing team of
developers continuously update the platform to provide some of the best security
tools available. Most of the tools we will use for simulating a penetration test are
contained on the most recent version of BackTrack.
The Penetration Testing Execution Standard (PTES), http://www.penteststandard.
org, is used as a guideline for many of our stages. Although not
everything within the standard will be addressed, we will attempt to align the
knowledge in this book with the basic principles of the standard when possible.
Advanced Penetration Testing for Highly Secured Environments provides step-by-step
instructions on how to emulate a highly secured environment on your own
equipment using VirtualBox, pfSense, snort, and similar technologies. This enables
you to practice what you have learned throughout the book in a safe environment.
You will also get a chance to witness what security response teams may see on
their side of the penetration test while you are performing your testing! |