دانلود کتاب Cybersecurity – Attack and Defense Strategies: Counter modern threats and employ state-of-the-art tools and techniques to protect your organization against cybercriminals, 2nd Edition

فهرست مطالب :

Cover Copyright Packt Page Contributors Table of Contents Preface Chapter 1: Security Posture The current threat landscape The credentials – authentication and authorization Apps Data Cybersecurity challenges Old techniques and broader results The shift in the threat landscape Enhancing your security posture Cloud Security Posture Management The Red and Blue Teams Assume breach Summary References Chapter 2: Incident Response Process The incident response process Reasons to have an IR process in place Creating an incident response process Incident response team Incident life cycle Handling an incident Best practices to optimize incident handling Post-incident activity Real-world scenario Lessons learned Incident response in the cloud Updating your IR process to include cloud Appropriate toolset IR Process from the Cloud Solution Provider (CSP) perspective Summary References Chapter 3: What is a Cyber Strategy? Introduction Why do we need to build a cyber strategy? How to build a cyber strategy Understand the business Understand threats and risks Document Best cyber attack strategies (Red Team) External testing strategies Internal testing strategies Blind testing strategy Targeted testing strategy Best cyber defense strategies (Blue Team) Defense in depth Defense in breadth Summary Further reading Chapter 4: Understanding the Cybersecurity Kill Chain Introducing the Cyber Kill Chain Reconnaissance Weaponization Privilege Escalation Vertical privilege escalation Horizontal privilege escalation Exfiltration Sustainment Assault Obfuscation Obfuscation Techniques Dynamic code obfuscation Hiding Trails Threat Life Cycle Management Data Collection Phase Discovery Phase Qualification Phase Investigation Phase Neutralization Phase Recovery Phase Shared files Tools used in the Cyber Kill Chain Phases Nmap Zenmap Metasploit John the Ripper Hydra Wireshark Aircrack-ng Nikto Kismet Airgeddon Deauther Board Mitigations against wireless attacks EvilOSX Cybersecurity Kill Chain Summary Lab – Hacking Wireless Network/s via Evil Twin Attack The Lab Scenario Step 1 - Ensure you have all required hardware and software for the "simulated attack" Step 2 - Install Airgeddon in Kali Step 3 - Configure Airgeddon Step 4 - Select target Step 5 - Gathering the handshake Step 6 - Set the phishing page Step 7 - Capturing the network credentials Lab Summary References Further Reading Chapter 5: Reconnaissance External reconnaissance Webshag PhoneInfoga Email harvester – TheHarvester Web Browser Enumeration Tools Penetration Testing Kit Netcraft Dumpster diving Social media Social engineering Pretexting Diversion theft Phishing Keepnet Labs Water holing Baiting Quid pro quo Tailgating Internal reconnaissance Airgraph-ng Sniffing and scanning Prismdump Tcpdump Nmap Wireshark Scanrand Masscan Cain and Abel Nessus Metasploit Aircrack-ng Wardriving Hak5 Plunder Bug CATT Canary token links Summary LAB Google Hacking: Part 1: Hacking personal information Part 2: Hacking Servers References Chapter 6: Compromising the System Analyzing current trends Extortion attacks Data manipulation attacks IoT device attacks Backdoors Mobile device attacks Hacking everyday devices Hacking the cloud The appeal of cloud attacks Cloud Hacking Tools CloudTracker OWASP DevSlop Tool Cloud security recommendations Phishing Exploiting a vulnerability Hot Potato Zero-day WhatsApp vulnerability (CVE-2019-3568) Chrome zero-day vulnerability (CVE-2019-5786) Windows 10 Privilege escalation Windows privilege escalation vulnerability (CVE20191132) Fuzzing Source code analysis Types of zero-day exploits Buffer overflows Structured exception handler overwrites Performing the steps to compromise a system Deploying payloads Installing and using a vulnerability scanner Using Metasploit Compromising operating systems Compromising a remote system Compromising web-based systems Mobile phone (iOS / Android attacks) Exodus SensorID iPhone hack by Cellebrite Man-in-the-disk Spearphone (loudspeaker data capture on Android) Tap n Ghost Red and Blue Team Tools for Mobile Devices Snoopdroid Androguard Frida Cycript iOS Implant Teardown Lab Building a Red Team PC in Windows Lab 2: Hack those websites (legally!) bWAPP HackThis!! OWASP Juice Shop Project Try2Hack Google Gruyere Damn Vulnerable Web Application (DVWA) Summary References Further reading Chapter 7: Chasing a User's Identity Identity is the new perimeter Strategies for compromising a user's identity Gaining access to the network Harvesting credentials Hacking a user's identity Brute force Social engineering Pass the hash Identity theft through mobile devices Other methods for hacking an identity Summary References Chapter 8: Lateral Movement Infiltration Network mapping Avoiding alerts Performing lateral movement Think like a Hacker Port scans Sysinternals File shares Windows DCOM Remote Desktop PowerShell Windows Management Instrumentation Scheduled tasks Token stealing Stolen credentials Removable media Tainted Shared Content Remote Registry TeamViewer Application deployment Network Sniffing ARP spoofing AppleScript and IPC (OSX) Breached host analysis Central administrator consoles Email pillaging Active Directory Admin shares Pass the ticket Pass the hash (PtH) Winlogon Lsass.exe Process Security Accounts Manager (SAM) database Domain Active Directory Database (NTDS.DIT): Credential Manager (CredMan) store: PtH Mitigation Recommendations Lab Hunting Malware without antivirus Summary References Further Reading Chapter 9: Privilege Escalation Infiltration Horizontal privilege escalation Vertical Privilege Escalation Avoiding alerts Performing Privilege Escalation Exploiting unpatched operating systems Access token manipulation Exploiting accessibility features Application shimming Bypassing user account control DLL injection DLL search order hijacking Dylib hijacking Exploration of vulnerabilities Launch daemon Hands-on example of Privilege Escalation on a Windows target Privilege escalation techniques Dumping the SAM file Rooting Android Using the /etc/passwd file Extra window memory injection Hooking New services Scheduled tasks Windows Boot Sequence Startup items Startup 101 Sudo caching Additional tools for privilege escalation 0xsp Mongoose v1.7 Conclusion and lessons learned Summary Lab 1 Lab 2 PART 2, Dumping Hashes with PowerSploit Lab 3: HackTheBox References Chapter 10: Security Policy Reviewing your security policy Educating the end user Social media security guidelines for users Security awareness training Policy enforcement Application whitelisting Hardening Monitoring for compliance Continuously driving security posture enhancement via security policy Summary References Chapter 11: Network Segmentation The defense in depth approach Infrastructure and services Documents in transit Endpoints Physical network segmentation Discovering your network Securing remote access to the network Site-to-site VPN Virtual network segmentation Zero trust network Planning zero trust network adoption Hybrid cloud network security Cloud network visibility Summary References Chapter 12: Active Sensors Detection capabilities Indicators of compromise Intrusion detection systems Intrusion prevention system Rule-based detection Anomaly-based detection Behavior analytics on-premises Device placement Behaviour analytics in a hybrid cloud Azure Security Center Analytics for PaaS workloads Summary References Chapter 13: Threat Intelligence Introduction to threat intelligence Open source tools for threat intelligence Free threat intelligence feeds Microsoft threat intelligence Azure Sentinel Leveraging threat intelligence to investigate suspicious activity Summary References Chapter 14: Investigating an Incident Scoping the issue Key artifacts Investigating a compromised system on-premises Investigating a compromised system in a hybrid cloud Integrating Azure Security Center with your SIEM for Investigation Proactive investigation (threat hunting) Lessons learned Summary References Chapter 15: Recovery Process Disaster recovery plan The disaster recovery planning process Forming a disaster recovery team Performing risk assessment Prioritizing processes and operations Determining recovery strategies Collecting data Creating the DR plan Testing the plan Obtaining approval Maintaining the plan Challenges Contingency planning IT contingency planning process Development of the contingency planning policy Conducting business impact analysis Identifying the preventive controls Business continuity vs Disaster recovery Developing recovery strategies Live recovery Plan maintenance Cyber Incident Recovery Examples from the field Risk management tools RiskNAV IT Risk Management App Best practices for recovery planning Disaster recovery best practices On-Premises On the cloud Hybrid Cyber-resilient recommendations Summary Resources for DR Planning References Further Reading: Chapter 16: Vulnerability Management Creating a vulnerability management strategy Asset inventory Information management Risk assessment Scope Collecting data Analysis of policies and procedures Vulnerability analysis Threat analysis Analysis of acceptable risks Vulnerability assessment Reporting and remediation tracking Response planning Vulnerability management tools Asset inventory tools Peregrine tools LANDesk Management Suite StillSecure McAfee's Enterprise Information management tools Risk assessment tools Vulnerability assessment tools Reporting and remediation tracking tools Response planning tools Implementation of vulnerability management Best practices for vulnerability management Vulnerability management tools Intruder Patch Manager Plus InsightVM Azure Threat & Vulnerability Management Implementing vulnerability management with Nessus OpenVAS Qualys Acunetix LABS Lab 1: Performing an online vulnerability scan with Acunetix Lab 2: Network security scan with GFI LanGuard Summary References Chapter 17: Log Analysis Data correlation Operating system logs Windows logs Linux logs Firewall logs Web server logs Amazon Web Services (AWS) logs Accessing AWS logs from Azure Sentinel Azure Activity logs Accessing Azure Activity logs from Azure Sentinel Summary References Other Books You May Enjoy Index