Recommended resources for learning penetration testing!

What tutorials or books would you recommend for a beginner who wants to learn the basics of penetration testing?

Thanks!

1 Like

Irish,

Before you start any penetration testing, be sure that you know the legal ramifications because, if you touch someone else’s server, that’s ILLEGAL.

Okay, once past that, there are several books on penetration testing which rely on BackTrack (http://backtrack-linux.org/) as it’s a single compilation of “network management and testing tools” that there is - many from the “black hat” side of things but great for testing using what hackers use. IMHO, though, setup a virtual machine environment on your computer and install there to test against your own computer or LAN.

Of course, there is a course for you to investigate: Google CEH and look there.

Regards,

DK

Thanks for the warning dklynn. I won’t be going near anyone else’s server, I want to learn how to protect my own sites, by learning how hackers could attack them and then how to protect them.

there are several books on penetration testing which rely on BackTrack (http://backtrack-linux.org/) as it’s a single compilation of “network management and testing tools” that there is - many from the “black hat” side of things but great for testing using what hackers use. IMHO, though, setup a virtual machine environment on your computer and install there to test against your own computer or LAN.

I’ve been looking at the books available on the subject and noticed that a lot of them rely on BackTrack. I’m not the most technical person and have never used Linux. Is it difficult to get BackTrack up and running on my Windows machine?

EDIT: As I’m not familiar with Linux should I consider using an application that will run on Windows, such as Metasploit or something else that you could recommend?

I’ve been skimming through Patrick Engebretson’s book “The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy” and some of it makes frightening reading for a website owner.

That course looks very interesting but at close to $800 it’s a bit expensive for my needs, at least for the moment.

Resolved via PM.

All,

Security PROTECTION is something to spread knowledge of but hacking is not - primarily for legal reasons.

To respond to a hack attack:

[indent]1. Immediatly delete all FTP access except one (master for the account).

  1. Change the master password (cPanel and FTP) to a VERY STRONG one using an http://strongpasswordgenerator.com password of sufficient length.

  2. Use maldet scans (on an Apache server) which find and report all forms of malware (viruses, worms and SCRIPTS which can cause problems). This will enable you to find and remove scripts which can be embedded in html, php and js scripts. Repeat the maldet scans until there are no files detected then add a CRON to run maldet scans on a regular basis. Be aware that recovery will primarily consist of DELETING all html, php and js files and replacing them with originals (from your master copies).

  3. Additionally, I use a CRON to SHA1 hash verify that files have remain unchanged over the last xx hours for “peace of mind.”

  4. Database: If you are running WordPress or the like (database verification for admin accounts), create a new admin and delete all other admin records.

  5. Uploaded files: Be sure to do a thorough check of any file uploaded to your website (I limit uploaded files to images and they are resized by GD before being saved to my “webspace”).

  6. Update all “canned scripts” (e.g., WP, Zencart, etc.) and be sure that they’re kept updated in order to prevent further attacks via security problems discovered in those scripts.[/indent]

There is a place for penetration testing (with a tool like BackTrack) but it is something best left to the sysadmins of your host (or a security professional if you own your server). In fact, you are not allowed to use those tools or techniques on others’ servers. If you do, you will be identified as a hacker, your IP address will be blocked and you will be reported to authorities for prosecution. The anti-hacking laws are beginning to be enforced and you will (and should) be harshly punished.

Regards,

DK