Harpreet Singh, Himanshu Sharma
SKU: 9788196994723
ISBN: 9788196994723
eISBN: 9788196994747
Rights: Worldwide
Author Name: Harpreet Singh, Himanshu Sharma
Publishing Date: 04-March-2024
Dimension: 7.5*9.25 Inches
Binding: Paperback
Page Count: 434
Key Features
Explore sophisticated methods to network compromises, including establishing persistent access, lateral movement, and privilege escalation.
Delve into methodologies for ethical hacking across various components, from routers and services to databases and Active Directory.
Reinforce your skills through handson examples, realworld case scenarios, and insights from seasoned penetration testers, ensuring practical and applicable knowledge in every lesson.
Book Description
Embark on an immersive journey into the world of ethical hacking with "Infrastructure Attack Strategies for Ethical Hacking". From the initial stages of reconnaissance and enumeration to advanced techniques like attacking routers, databases, and Microsoft Windows systems, this handbook equips you with the skills needed for a comprehensive infrastructure compromise.
Encompassing both external and internal enumeration techniques, the book delves into attacking routers and services, establishing footholds, privilege escalation, lateral movement, and exploiting databases and Active Directory. You will gain proficiency in methodologies and tools for ethically compromising systems, navigating through networks, collecting intelligence, and providing effective remediation advice.
This handbook places a strong emphasis on interactive learning, focusing on playing with hashes, tickets, and keys. With its practical approach and expert guidance, this book serves as an invaluable resource, empowering you to confidently master advanced infrastructure attack strategies and bolster your cybersecurity expertise.
What you will learn
Master the intricacies of infrastructure attacks and ethical system compromise techniques.
Execute external and internal network reconnaissance to collect intelligence and pinpoint potential attack vectors.
Utilize routers, services, databases, and Active Directory to secure initial access, establish persistence, and enable lateral movement.
Systematically enumerate Windows and Linux systems, escalating privileges and extracting sensitive data with precision.
Employ advanced pivoting techniques to traverse internal networks laterally.
Conduct a thorough assessment of organizational security, showcasing the impact of vulnerabilities, and offering comprehensive remediation strategies.
WHO IS THIS BOOK FOR?
This book caters to information security professionals, ethical hackers, and penetration testers seeking to enhance their expertise in infrastructure attacks. Ideal for those with a foundational understanding of networking, operating systems, and penetration testing methodologies, it serves as an invaluable resource for individuals aiming to delve into advanced techniques for infrastructure attacks and further solidify their skill set.
2. Initial Reconnaissance and Enumeration
3. Attacking Routers
4. Looking for a Foothold
5. Getting Shells
6. Enumeration On Microsoft Windows
7. Enumeration on Linux
8. Internal Network Reconnaissance
9. Lateral Movement
10. Achieving Firstlevel Pivoting
11. Attacking Databases
12. AD Reconnaissance and Enumeration
13. Path to Domain Admin
14. Playing with Hashes and Tickets
Index
Himanshu Sharma is an experienced cybersecurity professional and ethical hacker with over 8 years of experience. He cofounded a cybersecurity company and currently serves as the Head of Security at 5ireChain. Himanshu holds certifications such as Certified Red Team Operator (CRTO), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), and others.
He has been credited by several major tech companies such as Microsoft, Apple, Facebook, eBay, and AT&T for responsibly disclosing vulnerabilities. Himanshu is also a prolific speaker and trainer, delivering talks and training at prestigious conferences such as Blackhat, Hack in the Box, RSA, SINCON, and many more.
Harpreet Singh is a seasoned cybersecurity expert with over a decade of dedicated service in Ethical Hacking, Penetration Testing, Vulnerability Research, and Red Teaming. He is the esteemed author of Hands On: Web Penetration Testing with Metasploit and Hands On: Red Team Tactics, which serve as essential guides for professionals in the cybersecurity domain.
As a recognized authority in cybersecurity, Harpreet has shared his profound knowledge and insights as a technical speaker at notable international conferences, including PassTheSalt (2021), where he discussed innovative strategies and techniques in the field of cybersecurity.
Harpreet holds prestigious certifications that testify to his expertise and commitment to the cybersecurity industry, including Offensive Security Exploit Developer (OSED), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), and Certified Red Team Operator (CRTO).
____________________________________________________________________________________________
____________________________________________________________________________________________
Yashdeep Saini is a security engineer at VMware Inc., working within the VSRC (VMware Security Response Center) group, with around 6 years of experience.
His daytoday work primarily involves dabbling with Oday or Iday vulnerability research. Additionally, he possesses prior experience in VAPT as well as RedTeam Assessments.
He holds a Master's degree in Information Security and has obtained security certifications such as Offensive Security Wireless Professional (OSWP), Offensive Security Certified Professional (OSCP), Certified Red Team Professional (CRTP), Offensive Security Web Expert (OSWE), and Offensive Security Exploit Developer (OSED). Furthermore, he has expertise in Linux/Windows kernel internals. In the past, he has delivered talks at international conferences , such as PassTheSaIt, while also contributing regularly to local chapters/meetups of the Null Security Community.
As for personal interests, he loves to play with system internals and lowlevel binary exploitation.