About the Book
From reconnaissance to post-exploitation, learn different exploitation techniques and attack chains on infrastructures including external and internal network, wireless, cloud network, Active Directories, and databases
Key Features
Discover cutting-edge attack tools and techniques to exploit Linux and Windows-based systems
Learn how to deal with difficult network attacks with security controls in place
Master tools and techniques to put exploits and vulnerabilities into a real-world perspective
Book DescriptionIf you're a pentester, red teamer, or a cybersecurity specialist or analyst, Infrastructure Attacks for Ethical Hackers will guide you in learning various attack techniques and toolsets to test the security of an organization.
Starting with the fundamentals of infrastructure attacks, you'll explore initial recon and enumeration techniques for external network attacks. You'll then get to grips with OS enumeration, privilege escalation, and multiple defense evasion techniques, along with techniques that can be used for situational awareness inside the network. The book also covers Active Directory concepts, enumeration, and attacks that can be leveraged to compromise Domain Controllers. As you advance, the book introduces the concepts of cloud computing servers, architecture, usage, recon, and attacks on cloud infrastructure such as AWS, Azure, and GCP. Finally, you'll learn the art of attacking a network of ICS, including SCADA systems and IoT devices.
By the end of this ethical hacking book, you'll be confident in performing advanced-level network attacks and be able to use multiple toolsets for your penetration testing projects such as Metasploit, Covenant, .NET binaries, and Mimikatz.
What you will learn
Understand the mindset of experts for infrastructure attacks
Get to grips with performing router exploitation
Exploit network services and third-party applications using Metasploit
Master the art of escalating privileges for Windows and Linux machines
Discover the concepts of Active Directory and its enumeration
Get hands-on skills working on Mimikatz, Ticket Granting System, and Kerberos attacks
Explore different methods to attack cloud environments
Who This Book Is ForThis book is for ethical hackers, penetration testers, security analysts, red teamers, and anyone looking to learn about infrastructure attacks. Basic knowledge of ethical hacking and networking, along with hands-on experience of working with multiple tools such as Nmap, Metasploit, Wireshark, and so on, is expected. Basic Linux and Windows knowledge will also be useful.
Table of Contents:
Table of Contents
An Introduction to Infrastructure Attacks
Initial Reconnaissance and Enumeration
IEEE 802.11 Wireless Attacks
Attacking Routers
Client Side Attacks using OSINT
Looking for the foothold
Enumeration – Microsoft Windows
Enumeration, Evasion, and Escalation on Microsoft Windows
Enumeration, Evasion, and Escalation on Linux
Internal Network Reconnaissance and Enumeration
Lateral Movement - Microsoft Windows
Lateral Movement - Linux
Attacking Databases
An Introduction to Active Directory
The Path to Domain Admin
Advanced Active Directory attacks
Attacks on AWS
Attacks on Azure
Attacks on Google Cloud and others
Container Breakouts - Docker and Kubernetes
Attacking SCADA and IoT Devices
About the Author :
Harpreet is a professional with 8+ years of experience in the field of Ethical Hacking, Penetration Testing, Vulnerability Research & Red Teaming. He is the author of "Hands-On: Web Penetration Testing with Metasploit" and "Hands-On: Red Team Tactics" published by Packt Publishing. He's also an OSCP, OSWP, CRTP certified professional. Over the years of his experience, Harpreet has acquired the Offensive & Defensive skill set. He is a professional who specializes in Wireless & network exploitation including but not limited to Mobile exploitation, Web Application exploitation and he has also performed few Red Team Engagements in Banks & Financial Groups. Himanshu Sharma has been in the field of security since 2009 and has been listed in the halls of fame of Apple, Google, Microsoft, Facebook, and many more. He has helped celebrities such as Harbhajan Singh in recovering their hacked accounts. He has been a speaker at various conferences worldwide such as BotConf, CONFidence, Hack In the Box, SINCON, Sec-T, Hackcon, and numerous others. Currently, he is the co-founder of BugsBounty. He also authored multiple bestsellers titled "Kali Linux - An Ethical Hacker's Cookbook", " Hands-On Red Team Tactics" and "Hands-On Web Pentesting with Metasploit."
