Ethical Hacking and Penetration Testing Guide



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə2/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   2   3   4   5   6   7   8   9   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Trademark Notice:
Product or corporate names may be trademarks or registered trademarks, and are used only for 
identification and explanation without intent to infringe.
Visit the Taylor & Francis Web site at
http://www.taylorandfrancis.com
and the CRC Press Web site at
http://www.crcpress.com


v
Contents
Preface ............................................................................................................................. xxiii
Acknowledgments .............................................................................................................xxv
Author .............................................................................................................................xxvii
 1 
Introduction to Hacking ..............................................................................................1
Important Terminologies ................................................................................................... 2
Asset ......................................................................................................................... 2
Vulnerability ............................................................................................................. 3
Threat ....................................................................................................................... 3
Exploit ...................................................................................................................... 3
Risk .......................................................................................................................... 3
What Is a Penetration Test? ...................................................................................... 3
Vulnerability Assessments versus Penetration Test .................................................... 3
Preengagement.......................................................................................................... 3
Rules of Engagement ................................................................................................ 4
Milestones ................................................................................................................ 4
Penetration Testing Methodologies ........................................................................... 5
OSSTMM ................................................................................................................ 5
NIST ........................................................................................................................ 6
OWASP .................................................................................................................... 7
Categories of Penetration Test ............................................................................................ 7
Black Box.................................................................................................................. 7
White Box ................................................................................................................ 7
Gray Box .................................................................................................................. 7
Types of Penetration Tests ........................................................................................ 7
Network Penetration Test ................................................................................ 8
Web Application Penetration Test ................................................................... 8
Mobile Application Penetration Test ............................................................... 8
Social Engineering Penetration Test ................................................................ 8
Physical Penetration Test ................................................................................. 8
Report Writing ......................................................................................................... 8
Understanding the Audience .................................................................................... 9


vi
◾ 
Contents
Executive Class ................................................................................................ 9
Management Class .......................................................................................... 9
Technical Class ................................................................................................ 9
Writing Reports ................................................................................................................10
Structure of a Penetration Testing Report .........................................................................10
Cover Page ...............................................................................................................10
Table of Contents ....................................................................................................10
Executive Summary .................................................................................................11
Remediation Report ............................................................................................... 12
Vulnerability Assessment Summary ................................................................................. 12
Tabular Summary ....................................................................................................13
Risk Assessment ................................................................................................................14
Risk Assessment Matrix ...........................................................................................14
Methodology ....................................................................................................................14
Detailed Findings ....................................................................................................15
Description .....................................................................................................15
Explanation ....................................................................................................16
Risk ................................................................................................................16
Recommendation ...........................................................................................16
Reports ....................................................................................................................17
Conclusion ........................................................................................................................17

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   2   3   4   5   6   7   8   9   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin