About This Book
- Put the skills of the experts to the test with these tough and customisable pentesting projects
- Develop each challenge to suit your specific training, testing, or client engagement needs
- Hone your skills, from wireless attacks to social engineering, without the need to access live systems
Who This Book Is For
If you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.
What You Will Learn
- Set up vulnerable services for both Windows and Linux
- Create dummy accounts for social engineering manipulation
- Set up Heartbleed replication for vulnerable SSL servers
- Develop full-size labs to challenge current and potential testers
- Construct scenarios that can be applied to Capture the Flag style challenges
- Add physical components to your scenarios and fire USB missile launchers at your opponents
- Challenge your own projects with a best-practice exploit guide to each scenario
In Detail
As attackers develop more effective and complex ways to compromise computerized systems, penetration testing skills and tools are in high demand. A tester must have varied skills to combat these threats or fall behind. This book provides practical and customizable guides to set up a variety of exciting challenge projects that can then be tested with Kali Linux.
Learn how to create, customize, and exploit penetration testing scenarios and assault courses. Start by building flawed fortresses for Windows and Linux servers, allowing your testers to exploit common and not-so-common vulnerabilities to break down the gates and storm the walls. Mimic the human element with practical examples of social engineering projects. Facilitate vulnerable wireless and mobile installations and cryptographic weaknesses, and replicate the Heartbleed vulnerability. Finally, combine your skills and work to create a full red-team assessment environment that mimics the sort of corporate network encountered in the field.