Uygulamalı Sızma Testleri Pentest Lab

Applied Penetration Tests Pentest Lab - Ecir Uğur Küçüksille Applied Penetration Tests Pentest Lab - Ecir Uğur Küçüksille & M. Ali Yalçınkaya


The Essential Reference Source for Those Who Want to Specialize in Penetration Testing!
The penetration testing laboratory discussed in the book is the virtual laboratory that contains the most components among the laboratories in the literature. In today's world, cyber attackers discover new security vulnerabilities every day and use them to target the information systems of institutions. In this case, the importance of penetration tests and the need for security experts have also increased. In order to meet this need, a virtual penetration testing laboratory has been created in this book where researchers and students can conduct penetration testing experiments. The created virtual penetration testing laboratory has the feature of being the virtual laboratory that contains the most components among the laboratories in the literature. Within the scope of the created virtual penetration testing laboratory, all the basic components within an institution's network have been virtualized using VMware Workstation and GNS3 software. In addition, a four-step penetration testing methodology has been presented in this study to be used in penetration tests to be performed for an institution and each step has been examined in detail. Using the methodology in question, 10 different penetration tests were performed on the components located on the virtual penetration test laboratory and reported step by step. In this study; in addition to web application tests, wireless network tests, social engineering tests and client-based tests, unlike similar studies, tests were performed on components such as routers, firewalls, intrusion detection systems, database management systems, web application firewalls and VoIP communication networks. Thanks to this study, people who want to specialize in the field of penetration tests will be able to configure a penetration test laboratory consisting entirely of virtual systems and will have the opportunity to test the most common types of attacks carried out against institutions on the laboratory in question. In addition, this study aimed to eliminate the lack of technical resources in information security courses in departments providing education in the field of computers.

BOOK CONTENTS
• Penetration Tests in Ensuring Corporate Information Security
• Design and Setup of Virtual Penetration Testing Laboratory
• Virtual Penetration Testing Laboratory Setup Procedures
• Practical Penetration Testing on Virtual Penetration Testing Laboratory
• Web Application Firewall (WAF) Bypass Tests
• Penetration Tests for Wireless Networks
• Client Based Penetration Testing and Social Engineering Testing
• Penetration Tests Using Physical Attack Tools
• Penetration Tests Conducted from the Institution's Internal Network
• Penetration Tests for VoIP Communication Systems
• Penetration Tests for Database Management Systems
• Reporting of Data Obtained After Tests and Presentation of Security Measures

DVD CONTENT
• Firewall Penetration Tests
• IDS Bypass Tests
• Penetration Tests for Wireless Networks
• Penetration Tests Conducted from the Intra-Corporate Network
• Social Engineering Tests
• Penetration Tests for Database Management Systems
• Voip Penetration Tests
• Web Application Security Testing
• Router Penetration Tests