A Packet Publishing é sem sombra de dúvida a maior editora que publica livros focados em TI do mundo.

A sua série de livros sobre segurança é referência de estudos para milhares de profissionais, onde há poucas horas foi liberado o Penetration Testing: A Survival Guide para “consulta“. Ele se diz ser um curso em 3 módulos.

O livro propõem ensinar aos leitores os seguintes tópicos:

Exploit several common Windows network vulnerabilities
Recover lost files, investigate successful hacks, and discover hidden data in innocent-looking files
Expose vulnerabilities present in web servers and their applications using server-side attacks
Use SQL and cross-site scripting (XSS) attacks
Check for XSS flaws using the burp suite proxy
Acquaint yourself with the fundamental building blocks of Android Apps in the right way
Take a look at how your personal data can be stolen by malicious attackers
See how developers make mistakes that allow attackers to steal data from phones

Vejam como é abrangente o conteúdo do livro…

Part I. Module 1
Chapter 1. Sharpening the Saw
Chapter 2. Information Gathering and Vulnerability Assessment
Chapter 3. Exploitation Tools (Pwnage)
Chapter 4. Web Application Exploitation
Chapter 5. Sniffing and Spoofing
Chapter 6. Password Attacks
Chapter 7. Windows Privilege Escalation
Chapter 8. Maintaining Remote Access
Chapter 9. Reverse Engineering and Stress Testing
Chapter 10. Forensics

Part II. Module 2
Chapter 1. Introduction to Penetration Testing and Web Applications
Chapter 2. Setting up Your Lab with Kali Linux
Chapter 3. Reconnaissance and Profiling the Web Server
Chapter 4. Major Flaws in Web Applications
Chapter 5. Attacking the Server Using Injection-based Flaws
Chapter 6. Exploiting Clients Using XSS and CSRF Flaws
Chapter 7. Attacking SSL-based Websites
Chapter 8. Exploiting the Client Using Attack Frameworks
Chapter 9. AJAX and Web Services – Security Issues
Chapter 10. Fuzzing Web Applications

Part III. Module 3
Chapter 1. Setting Up the Lab
Chapter 2. Android Rooting
Chapter 3. Fundamental Building Blocks of Android Apps
Chapter 4. Overview of Attacking Android Apps
Chapter 5. Data Storage and Its Security
Chapter 6. Server-Side Attacks
Chapter 7. Client-Side Attacks – Static Analysis Techniques
Chapter 8. Client-Side Attacks – Dynamic Analysis Techniques
Chapter 9. Android Malware
Chapter 10. Attacks on Android Devices

 

Bons estudos..