Penetration Testing Basics

1. Front Matter

   Pages i-xv

   PDF

2. What Is Penetration Testing?

   • Ric Messier

   Pages 1-11

3. Digging for Information

   • Ric Messier

   Pages 13-24

4. What’s Open?

   • Ric Messier

   Pages 25-40

5. Vulnerabilities

   • Ric Messier

   Pages 41-53

6. Exploitation

   • Ric Messier

   Pages 55-78

7. Breaking Web Sites

   • Ric Messier

   Pages 79-101

8. Reporting

   • Ric Messier

   Pages 103-110

9. Back Matter

   Pages 111-114

   PDF

Learn how to break systems, networks, and software in order to determine where the bad guys might get in. Once the holes have been determined, this short book discusses how they can be fixed. Until they have been located, they are exposures to your organization. By reading Penetration Testing Basics, you'll gain the foundations of a simple methodology used to perform penetration testing on systems and networks for which you are responsible. 


What You Will Learn

• Identify security vulnerabilities
• Use some of the top security tools to identify holes
• Read reports from testing tools
• Spot and negate common attacks
• Identify common Web-based attacks and exposures as well as recommendations for closing those holes

Who This Book Is For


Anyone who has some familiarity with computers and an interest in information security and penetration testing. 

• penetration
• testing
• software
• unit test
• test driven
• tdd
• systems
• programming
• coding
• breaking

“This volume is easy to read and quite pedagogical, which is maybe its greatest strength, together with putting together some examples and preparing the reader for them. Therefore, it is strongly recommended to chief information officers and IT operations and network operations directors, to ensure in-house information security processes are comprehensive enough. Next, it is also strongly recommended as a supplementary practice-oriented textbook for students in computer and information security, to guide them along in their perfection of this art.” (L.-F. Pau, Computing Reviews, April, 2017)

• Winooski, USA

  Ric Messier

Ric Messier, MS, GCIH, GSEC, CEH, CISSP is the program director for Cyber Security, Computer Forensics and Digital Investigations and the Economic Crime Investigation bachelors' degree programs, as well as the Digital Forensic Science master's degree program at Champlain College.


Messier has been involved in the networking and security arena since the early 1980s. He has worked at large Internet service providers and small software companies developing knowledge and experience about a range of topics related to networking and security. Messier has also been involved on incident response teams and has been consulted on forensic investigations for large companies.


An established expert in the field and author, Messier has published several articles for Hackin9 Magazine, has developed number of video training titles with O'Reilly Media and has written a number of books on information security. 
 

Policies and ethics