6 Part 2: Putting Security Testing in Motion Chapter 5: Information Gathering Gathering Public Information Mapping the Network Chapter 6: Social Engineering Introducing Social Engineering Starting Your Social Engineering Tests Knowing Why Attackers Use Social Engineering Understanding the Implications Performing Social Engineering Attacks Social Engineering Countermeasures Chapter 7: Physical Security Identifying Basic Physical Security Vulnerabilities Pinpointing Physical Vulnerabilities in Your Office Chapter 8: Passwords Understanding Password Vulnerabilities Cracking Passwords General Password Cracking Countermeasures Securing Operating Systems
7 Part 3: Hacking Network Hosts Chapter 9: Network Infrastructure Systems Understanding Network Infrastructure Vulnerabilities Choosing Tools Scanning, Poking, and Prodding the Network Detecting Common Router, Switch, and Firewall Weaknesses Putting Up General Network Defenses Chapter 10: Wireless Networks Understanding the Implications of Wireless Network Vulnerabilities Choosing Your Tools Discovering Wireless Networks Discovering Wireless Network Attacks and Taking Countermeasures Chapter 11: Mobile Devices Sizing Up Mobile Vulnerabilities Cracking Laptop Passwords Cracking Phones and Tablets
8 Part 4: Hacking Operating Systems Chapter 12: Windows Introducing Windows Vulnerabilities Choosing Tools Gathering Information About Your Windows Vulnerabilities Detecting Null Sessions Checking Share Permissions Exploiting Missing Patches Running Authenticated Scans Chapter 13: Linux and macOS Understanding Linux Vulnerabilities Choosing Tools Gathering Information About Your System Vulnerabilities Finding Unneeded and Unsecured Services Securing the .rhosts and hosts.equiv Files Assessing the Security of NFS Checking File Permissions Finding Buffer Overflow Vulnerabilities Checking Physical Security Performing General Security Tests Patching
9 Part 5: Hacking Applications Chapter 14: Communication and Messaging Systems Introducing Messaging System Vulnerabilities Recognizing and Countering Email Attacks Understanding VoIP Chapter 15: Web Applications and Mobile Apps Choosing Your Web Security Testing Tools Seeking Out Web Vulnerabilities Minimizing Web Security Risks Uncovering Mobile App Flaws Chapter 16: Databases and Storage Systems Diving Into Databases Following Best Practices for Minimizing Database Security Risks Opening Up About Storage Systems Following Best Practices for Minimizing Storage Security Risks