Our Recent Posts

Tags

Review + Study Notes: Patrick Engebretson -- The Basics of Hacking and Penetration Testing -- Ethica

This book was recommended to me (Lehan Edirisinghe, CEO Cyberspace Command) by IT experts. I strongly recommend this book to those interested in cybersecurity, as a starting point.

You can find this book on Amazon: https://www.amazon.com/dp/1597496553?tag=hacking-books-20

It is useful to read and learn the basics of hacking, if unsure where to begin; you want to enjoy a challenge; you want to understand how to gain access to networks using cool tools or processes; you want to know about offensive security; you want to see how it all fits together.

There are 7 chapters:

(1) What is Pen Testing

(2) Reconnaissance

(3) Scanning

(4) Exploitation

(5) Web-based exploitation

(6) Maintaining access with backdoors and rootkits

(7) Wrapping up the Pen Test

I cannot copy paste or rewrite in my own words the content of this book. But I can review these chapters critically as the CEO of Cyberspace Command.

(1) Chapter 1: What is penetration testing?

[1] Introduction to Backtrack Linux: Tools. Lots of tools.

1. Tools mentioned are free.

2. APTs are explained.

3. How to get network mapping tool Cheops.

[2] Working with Backtrack: Starting the engine

[3] The use and creation of a hacking lab

[4] Phases of a penetration test

[5] Chapter review

[6] Summary

(2) Chapter 2: Reconnaissance

[1] Introduction

[2] HTTrack: Website Copier

[3] Google directives -- practicing your Google-Fu

[4] The harvester: discovering and leveraging e-mail addresses

[5] Whois

[6] Netcraft

[7] Host

[8] Extracting information from DNS

[9] Extracting information from e-mail servers

[10] MetaGooFil

[11] Social engineering

[12] Sifting through the Intel to find attackable targets

[13] How do I practice this step?

[14] Where do I go from here?

[15] Summary

(3) Chapter 3: Scanning

[1] Introduction

[2] Pings and ping sweeps

[3] Port scanning

[4] Vulnerability scanning

[5] How do I practice this step?

[6] Where do I go from here?

[7] Summary

(4) Chapter 4: Exploitation

[1] Introduction

[2] Gaining access to remote services with Medusa

[3] Metasploit: Hacking, Hugh Jackman Style!

[4] John the Ripper: King of the password crackers

[5] Password resetting: kind of like driving a bulldozer through the side of a building

[6[ Sniffing network traffic

[7] Macof: making shicken salad out of chicken sh*t

[8] Fast-Track Autopwn: breaking out the M-60

[9] How do I practice this step?

[10] Where do I go from here?

[11] Summary

(5) Chapter 5: Web-based Exploitation

[1] Introduction

[2] Interrogating web servers: Nikto

[3] Websecurify: automated web vulnerability scanning

[4] Spidering: crawling your target's website

[5] Intercepting requests with webscarab

[6] Code injection attacks

[7] Cross-site scripting: browsers that trust sites

[8] How do I practice this step?

[9] Where do I go from here?

[10] Summary

(6) Chapter 6: Maintaining Access with Backdoors and Rootkits

[1] Introduction

[2] Netcat: the Swiss army knife

[3] Netcat's Cryptic cousin: Cryptcat

[4] Netbus: A classic

[5] Rootkits

[6] Detecting and defending against rootkits

[7] How do I practice this step?

[8] Where do I go from here?

[9[ Summary

(7) Chapter 7: Wrapping up the Penetration Test

[1] Introduction

[2] Writing the penetration testing report

[3] You don't have to go home but you can't stay here

[4] Where do I go from here?

[5] Wrap up

[6] The circle of life

[7] Summary

Vision: Easy Cyber Tech

Mission: Better, Safer Lives 

Values: Integrity Service Excellence 

  • Facebook
  • Instagram
  • Twitter
  • LinkedIn
  • YouTube

Copyright © 2018–​​2021 Cyberspace Command (Private) Limited and its affiliates, licensors or contributors. All rights reserved. We use cookies to help provide our service and tailor content. By continuing to use our website you agree to our use of cookies.