امن افزار رایکا

فهرست مطالب کتاب Advanced Penetration Testing:

Introduction

Coming Full Circle

Advanced Persistent Threat (APT)

Next Generation Technology

“Hackers”

Forget Everything You Think You Know About Penetration Testing

How This Book Is Organized

Chapter 1. Medical Records (In)security

An Introduction to Simulating Advanced Persistent Threat

Background and Mission Briefing

Payload Delivery – Part I: Learning How to Use the VBA Macro

Command and Control – Part I: Basics and Essentials

The Attack

Summary

Exercises

Chapter 2. Stealing Research

Background and Mission Briefing

Payload Delivery – Part II: Using the Java Applet for Payload Delivery

Notes on Payload Persistence

Command and Control – Part II: Advanced Attack Management

The Attack

Summary

Exercises

Chapter 3. Twenty-First Century Heist

What Might Work?

Nothing Is Secure

Organizational Politics

APT Modeling Versus Traditional Penetration Testing

Background and Mission Briefing

Command and Control – Part III: Advanced Channels and Data

Exfiltration

Payload Delivery – Part III: Physical Media

The Attack

Summary

Exercises

Chapter 4. Pharma Karma

Background and Mission Briefing

Payload Delivery – Part IV: Client-Side Exploits

Command and Control – Part IV: Metasploit Integration

The Attack

Summary

Exercises

Chapter 5. Guns and Ammo

Background and Mission Briefing

Payload Delivery – Part V: Simulating a Ransomware Attack

Command and Control – Part V: Creating a Covert C2 Solution

New Strategies in Stealth and Deployment

The Attack

Summary

Exercises

Chapter 6. Criminal Intelligence

Payload Delivery – Part VI: Deploying with HTA

Privilege Escalation in Microsoft Windows

Command and Control – Part VI: The Creeper Box

The Attack

Summary

Exercises

Chapter 7. War Games

Background and Mission Briefing

Payload Delivery – Part VII: USB Shotgun Attack

Command and Control – Part VII: Advanced Autonomous Data

Exfiltration

The Attack

Summary

Exercises

Chapter 8. Hack Journalists

Briefing

Advanced Concepts in Social Engineering

Command and Control – Part VIII: Experimental Concepts

Payload Delivery – Part VIII: Miscellaneous Rich Web Content

The Attack

Summary

Exercises

Chapter 9. Northern Exposure

Overview

Operating Systems

North Korean Public IP Space

The North Korean Telephone System

Approved Mobile Devices

The “Walled Garden”: The Kwangmyong Intranet

Audio and Video Eavesdropping

Summary

Exercises

End User License Agreement