- Learning Penetration Testing with Python
- Christopher Duffy
- 284字
- 2021-07-09 21:52:52
Chapter 1. Understanding the Penetration Testing Methodology
Before jumping in too quick, in this chapter, we will actually define what penetration testing is and is not, what the Penetration Testing Execution Standard (PTES) is, and the tools that would be used. This information will be useful as a guideline for future engagements that you may be part of. This chapter will help guide new assessors and organizations who want to set up their own engagements. If you want to jump right into the code and the nitty gritty details, I suggest jumping to Chapter 2, The Basics of Python Scripting. I caution you though that the benefit of reading this chapter is that it will provide a framework and mindset that will help you to separate a script kiddie from a professional. So, let's start with what a penetration test is.
Most important, these tools and techniques should only be executed in environments you own or have permission to run these tools in. Never practice these techniques in environments in which you are not authorized to do so; remember that penetration testing without permission is illegal, and you can go to jail for it.
Note
To practice what is listed in the initial chapters, install a virtualization suite such as VMware Player (http://www.vmware.com/products/player) or Oracle VirtualBox (http://www.oracle.com/technetwork/server-storage/virtualbox/downloads/index.html). Create Virtual Machines (VMs) out of the current version of Kali Linux (https://www.kali.org/downloads/), Samurai Web Testing Framework (http://samurai.inguardians.com/), and Metasploitable (http://www.offensive-security.com/metasploit-unleashed/Requirements). You can execute tests against these by using the Metasploitable box from the Kali system. The last link provided has a number of tutorials and configuration notes related to these tools; if additional tool are necessary for each chapter, they will be highlighted there.
- R語言數(shù)據(jù)分析從入門到精通
- 高效微控制器C語言編程
- Windows系統(tǒng)管理與服務(wù)配置
- 跟“龍哥”學(xué)C語言編程
- Clojure for Domain:specific Languages
- Java:Data Science Made Easy
- The Computer Vision Workshop
- 大數(shù)據(jù)分析與應(yīng)用實(shí)戰(zhàn):統(tǒng)計機(jī)器學(xué)習(xí)之?dāng)?shù)據(jù)導(dǎo)向編程
- C#應(yīng)用程序設(shè)計教程
- 零基礎(chǔ)入門學(xué)習(xí)Python(第2版)
- 一本書講透Java線程:原理與實(shí)踐
- 從零開始學(xué)Android開發(fā)
- C++ System Programming Cookbook
- Oracle 12c從入門到精通(視頻教學(xué)超值版)
- 大話C語言