Conducting Network Penetration and Espionage in a Global Environment

Penetration testing remains one of the best ways to test the security of private, government, military and corporate computer networks. This book provides step-by-step instruction on how to use tools, available mostly for free, to perform effective penetration tests of today’s computer networks. Covering basic and advanced tools and procedures, it categorizes tools according to their use within the standard testing framework. Readers will learn how to perform an organized and efficient penetration test as well as techniques used to bypass anti-virus software and capture keystrokes of remote systems.

When it’s all said and done, penetration testing remains the most effective way to identify security vulnerabilities in computer networks. Conducting Network Penetration and Espionage in a Global Environment provides detailed guidance on how to perform effective penetration testing of computer networks—using free, open source, and commercially available tools, including Backtrack, Metasploit, Wireshark, Nmap, Netcat, and Nessus. It also considers exploits and other programs using Python, PERL, BASH, PHP, Ruby, and Windows PowerShell.

The book taps into Bruce Middleton’s decades of experience with computer security, including penetration testing of military networks, the White House, utilities, manufacturing facilities, CIA headquarters, the Defense Information Systems Agency, and NASA. Mr. Middleton begins with a chapter on defensive measures/privacy issues and then moves on to describe a cyber-attack on one of his labs and how he responded to the attack.

Next, the book explains how to research a target without directly "touching" that target. Once you’ve learned all you can, the text describes how to gather even more information using a more direct approach. From there, it covers mathematical analysis, considers target exploitation, and discusses Chinese and Syrian cyber-attacks.

Providing authoritative guidance on cyberforensics, reverse engineering, and penetration testing, the book categorizes testing tools according to their use within the standard penetration testing framework. For each of the above-mentioned categories, you will find basic and advanced tools and procedures to help you identify security vulnerabilities in today’s networks.

After reading this book, you will understand how to perform an organized and efficient penetration test. You will also learn techniques used to bypass anti-virus software and capture keystrokes of remote systems. Explaining how to put together your own penetration testing lab, the text concludes by describing how to utilize various iPhone apps to perform reconnaissance activities on wireless networks.