ebook img

ETHICAL HACKING 101: How to conduct professional pentestings in 21 days or less! PDF

334 Pages·2015·24.65 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview ETHICAL HACKING 101: How to conduct professional pentestings in 21 days or less!

ETHICAL HACKING 101 How to conduct professional pentestings in 21 days or less! Understanding the hacker´s mind, making reconnaissance, scanning and enumeration, exploiting vulnerabilities, writing a professional report and more! By: Karina Astudillo B. http://www.SeguridadInformaticaFacil.com ETHICAL HACKING 101 How to conduct professional pentestings in 21 days or less! Understanding the hacker´s mind, making reconnaissance, scanning and enumeration, exploiting vulnerabilities, writing a professional report and more! Karina Astudillo B. http://www.SeguridadInformaticaFacil.com Copyright © Karina Astudillo B., 2015 Translated and Updated from the Spanish First Edition (IEPI Registration, Certificate No. GYE-004179) Note: All rights reserved. No part of this book shall be reproduced, distributed, or transmitted in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher and the author, exception made of brief quotes or quotations included in media articles or reviews. All trademarks mentioned in this book belong to their respective owners and are used here for informational purposes only. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been made in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein. To my family, especially my parents Laura and Pancho, for their unconditional love and support. To my business partner and dear friend, Cecibel Andrée, for encouraging my crazy dreams and knowing the proper time for bringing me back to Earth. Contents at a glance Preface Chapter 1 – Introduction to Ethical Hacking Chapter 2 - Reconnaissance or footprinting Chapter 3 - Scanning Chapter 4 - Enumeration Chapter 5 - Exploitation or hacking Chapter 6 - Writing the audit report without suffering a mental breakdown Chapter 7 - Relevant international certifications Final Recommendations Please leave us a review About the author Glossary of technical terms Appendix A: Tips for successful laboratories Notes and references Preface Information security has gained popularity in recent years and has gone from being considered a cost, to be seen as an investment by managers of companies and organizations worldwide. In some countries this has happened very fast, in others the pace has been slower; but ultimately we all converged in a digital world where information is the most valuable intangible asset that we have. And being an asset, we must protect it from loss, theft, misuse, etc. It is here that plays an important role a previously unknown actor: the ethical hacker. The role of the ethical hacker is to make - from the point of view of a cracker - a controlled attack over the client’s IT infrastructure, detecting and exploiting potential vulnerabilities that could allow penetrating the target network’s defenses, but without damaging the services and systems audited. And all this for the sole purpose of alerting the client’s organization of present security risks and how to fix them. This individual must have the ability to know when it is best not to exploit a security hole and when it is safe to run an exploit to demonstrate the vulnerability severity. It’s a mix between the criminal mind of Hannibal, the actions of Mother Teresa and the professional background of a true nerd! But where are these heroes? The answer to this question becomes increasingly difficult if we believe in the studies made by leading consulting firms, which indicate that each year the gap between demand and offer of certified information security professionals widens. And it is for this reason that it becomes essential to discover professional technology enthusiasts, but especially with high ethical and moral values, to be ready to accept the challenge of becoming pentesters. This book is for them. No previous knowledge of ethical hacking is required, the book has an introductory level and therefore starts from scratch in that area; however, it is essential to have a background in computational systems and information technologies. What are the requirements? • Understand the OSI model and its different layers. • Possess notions about the TCP/IP architecture (IPv4 addressing, subnetting, routing, protocols such as ARP, DNS, HTTP, SMTP, DHCP, etc.). • Know how to use and manage Windows and Linux systems. How the book is divided? The book unfolds in seven chapters and it is estimated that the student will spend about 21 days to complete it, with minimal time commitment of 2 hours per day. Nonetheless, the reader is free to move at their own pace and take more or less time. My only suggestion is that the student completes all the proposed laboratories, even with different target operating systems. Always remember, “Practice makes the master”1. Chapter 1 - Introduction to Ethical Hacking covers the basics about this profession and describes the different types of pentesting. It also includes tips on how to conduct the initial phase of gathering information in order to prepare a proposal adjusted to our client’s needs. Chapter 2 - Reconnaissance reviews methodologies that help the ethical hacker to discover the environment of the target network, as well as useful software tools and commands. Emphasis is done on the use of Maltego and Google Hacking techniques to successfully conduct this phase. In Chapters 3 and 4, Scanning and Enumeration techniques used by ethical hackers and crackers are described for detecting the services present in the target hosts and discern what operating systems and applications our victims use. The successful execution of these stages provides the pentester with helpful resources for enumerating user accounts, groups, shared folders, registry keys, etc., in order to detect potential security holes to be exploited later. We’ll cover the usage of popular software tools such as NMAP port scanner and OpenVAS and Nexpose vulnerability analyzers under the famous Kali Linux distro (former Backtrack). Chapter 5 - Hacking, key concepts are covered in this chapter as pentesting frameworks and hacking mechanisms. Here we’ll perform step-by-step labs using the Metasploit Framework and its various interfaces. Detailed workshops for key attacks such as man in the middle, phishing, malware injection, wireless hacking, and so on are also included. In the labs we’ll use popular applications such as Ettercap, Wireshark, Aircrack- ng suite and the Social Engineering Toolkit (SET). Then, in Chapter 6 - Writing the audit report without suffering a mental breakdown, tips are given to make this phase as painless as possible for the auditor, while at the same time suggestions are made to deliver a useful report for our client’s top management. Later, in Chapter 7 - relevant international certifications, we review information security and ethical hacking top certifications that would be useful for the curriculum of a pentester. We also believe that, despite being a book of hacking, the same could not be complete without including at each stage of the “circle of hacking” relevant defense mechanisms that may be suggested to the client in the audit report. Finally, in Appendix A - Tips for successful laboratories, hardware and software requirements are shown to successfully run the workshops and provide the reader guidelines on where to download the installers for the required operating systems. Thanks for purchasing this book! I wish you nothing but success in your new career as a Professional Ethical Hacker. Chapter 1 – Introduction to Ethical Hacking When we talk about ethical hacking, we mean the act of making controlled penetration tests on computer systems; it means that the consultant or pentester, acting from the point of view of a cracker, will try to find vulnerabilities in the audited computers that can be exploited, providing - in some cases - access to the affected system; but always in a controlled environment and never jeopardizing the operation of the computer services being audited. It is important to emphasize that while there is no doubt that the pentester should possess sound knowledge of technology to perform ethical hacking, computer knowledge is not enough to run successfully an audit of this type. It is also required to follow a methodology that enables us to keep our work in order to maximize our time in the operational phase, in addition to applying our common sense and experience. Even though, unfortunately the experience and common sense cannot be transferred in a book, I will do my best to convey the methodology and best practices that I have acquired over the years of practice as an information security auditor. Phases of hacking Both the auditor and the cracker follow a logical sequence of steps when conducting a hacking. These grouped steps are called phases. There is a general consensus among the entities and information security professionals that these phases are 5 in the following order: 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Maintaining Access 5-> Erasing Clues Usually these phases are represented as a cycle that is commonly called “the circle of hacking” (see Figure 1) with the aim of emphasizing that the cracker can continue the process over and over again. Though, information security auditors who perform ethical hacking services present a slight variation in the implementation phases like this: 1-> Reconnaissance 2-> Scanning 3-> Gaining Access 4-> Writing the Report 5-> Presenting the Report In this way, ethical hackers stop at Phase 3 of the “circle of hacking” to report their findings and make recommendations to the client.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.