The Art of Network Penetration Testing: How to Take Over Any Company in the World

  • 5h 9m
  • Royce Davis
  • Manning Publications
  • 2020

Network penetration testing is about more than just getting through a perimeter firewall. The biggest security threats facing a modern enterprise are inside the network, where attackers can rampage through sensitive data by exploiting weak access controls and poorly patched software. Designed for up-and-coming security professionals.

The Art of Network Penetration Testing teaches you how to take over an enterprise network from the inside. It lays out every stage of an internal security assessment step-by-step, showing you how to identify weaknesses before a malicious invader can do real damage.

After setting up a virtual environment to use as your lab, you'll work step-by-step through every stage of a professional pentest, from information- gathering to seizing control of a vulnerable system.

You'll learn a repeatable process you can use to identify vulnerable targets within a typical enterprise environment, perform controlled exploitation of critical security weaknesses, elevate network level privileges, and pivot laterally through the network. Finally, you'll learn how to write-up your findings in a clear and actionable report, to ensure that remediated systems can be protected against the weaknesses you've identified.

About the Author

Royce Davis is a principal red team engineer and accomplished information security consultant who has attacked and successfully penetrated hundreds of complex enterprise networks belonging to some of the largest companies in the world.

He is the co-founder of Pentestgeek[.]com where he has created numerous educational resources helping students learn about ethical hacking and penetration testing.

In this Book

  • About This Book
  • Network Penetration Testing
  • Discovering Network Hosts
  • Discovering Network Services
  • Discovering Network Vulnerabilities
  • Attacking Vulnerable Web Services
  • Attacking Vulnerable Database Services
  • Attacking Unpatched Services
  • Windows Post-Exploitation
  • Linux or UNIX Post-Exploitation
  • Controlling the Entire Network
  • Post-Engagement Cleanup
  • Writing a Solid Pentest Deliverable