Leverage Wireshark, Lua and Metasploit to solve any security challenge
Wireshark is arguably one of the most versatile networking tools available, allowing microscopic examination of almost any kind of network activity. This book is designed to help you quickly navigate and leverage Wireshark effectively, with a primer for exploring the Wireshark Lua API as well as an introduction to the Metasploit Framework.
Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to any Infosec position, providing detailed, advanced content demonstrating the full potential of the Wireshark tool. Coverage includes the Wireshark Lua API, Networking and Metasploit fundamentals, plus important foundational security concepts explained in a practical manner. You are guided through full usage of Wireshark, from installation to everyday use, including how to surreptitiously capture packets using advanced MiTM techniques. Practical demonstrations integrate Metasploit and Wireshark demonstrating how these tools can be used together, with detailed explanations and cases that illustrate the concepts at work. These concepts can be equally useful if you are performing offensive reverse engineering or performing incident response and network forensics. Lua source code is provided, and you can download virtual lab environments as well as PCAPs allowing them to follow along and gain hands on experience. The final chapter includes a practical case study that expands upon the topics presented to provide a cohesive example of how to leverage Wireshark in a real world scenario. * Understand the basics of Wireshark and Metasploit within the security space * Integrate Lua scripting to extend Wireshark and perform packet analysis * Learn the technical details behind common network exploitation * Packet analysis in the context of both offensive and defensive security research
Wireshark is the standard network analysis tool used across many industries due to its powerful feature set and support for numerous protocols. When used effectively, it becomes an invaluable tool for any security professional, however the learning curve can be steep. Climb the curve more quickly with the expert insight and comprehensive coverage in Wireshark for Security Professionals.Klappentext:
An essential guide to network security and the feature-packed Wireshark toolset
Open source protocol analyzer Wireshark is the de facto analysis tool across many fields, including the security field. Wireshark provides a powerful feature set that allows you to inspect your network at a microscopic level. The diverse features and support for numerous protocols make Wireshark an invaluable security tool, but also difficult or intimidating for newcomers to learn. Wireshark for Security Professionals is the answer, helping you to leverage Wireshark and related tools such as the command line TShark application quickly and effectively. Coverage includes a complete primer on Metasploit, the powerful offensive tool, as well as Lua, the popular scripting language.
This highly practical guide gives you the insight you need to successfully apply what you've learned in the real world. Examples show you how Wireshark is used in an actual network with the provided Docker virtual environment, and basic networking and security principles are explained in detail to help you understand the why along with the how. Using the Kali Linux penetration testing distribution in combination with the virtual lab and provided network captures, you can follow along with the numerous examples or even start practicing right away in a safe network environment. The hands-on experience is made even more valuable by the emphasis on cohesive application, helping you exploit and expand Wireshark's full functionality by extending Wireshark or integrating it with other security tools.
With coverage of both offensive and defensive security tools and techniques, Wireshark for Security Professionals shows you how to secure any network as you learn to:
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
Buchbeschreibung Wiley John & Sons Mai 2017, 2017. Taschenbuch. Buchzustand: Neu. 233x187x17 mm. Neuware - Master Wireshark to solve real-world security problemsIf you don't already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment. Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples. Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, and the Metasploit Framework, the open-source framework for security testing. Lab-based virtual systems generate network traffic for analysis, investigation and demonstration. In addition to following along with the labs you will be challenged with end-of-chapter exercises to expand on covered material. Lastly, this book explores Wireshark with Lua, the light-weight programming language. Lua allows you to extend and customize Wireshark's features for your needs as a security professional. Lua source code is available both in the book and online. Lua code and lab source code are available online through GitHub, which the book also introduces. The book's final two chapters greatly draw on Lua and TShark, the command-line interface of Wireshark. By the end of the book you will gain the following: Master the basics of Wireshark Explore the virtual w4sp-lab environment that mimics a real-world network Gain experience using the Debian-based Kali OS among other systems Understand the technical details behind network attacks Execute exploitation and grasp offensive and defensive activities, exploring them through Wireshark Employ Lua to extend Wireshark features and create useful scripts To sum up, the book content, labs and online material, coupled with many referenced sources of PCAP traces, together present a dynamic and robust manual for information security professionals seeking to leverage Wireshark. 272 pp. Englisch. Artikel-Nr. 9781118918210