Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released—a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on.
What’s inside
The book demystifies how authentication and authorization actually work in practice—Kerberos, NTLM, tokens, SIDs, SPNs—and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts.
Who it serves
Security engineers, detection analysts, incident responders, red/purple teamers, architects, admins—anyone responsible for the safety and reliability of Windows environments.
Key takeaways
Clear mental models for AD, GPOs, trusts, and admin protocols
A safe, reproducible offline lab and build scripts
Curated Windows Event and Sysmon IDs that surface meaningful behaviors
Practical hardening: tiering, LAPS hygiene, Credential Guard, auditing that works
Reporting patterns that tie technical signal to business risk
Chapter 0 — Foundations & Acronyms
Chapter 1 — Assessment Mindset & Methodology
Chapter 2 — Building the Safe Lab
Chapter 3 — Identity 101 in Windows Domains
Chapter 4 — Kerberos in the Real World
Chapter 5 — NTLM and Legacy Realities
Chapter 6 — Directory Objects, Delegations & RBAC
Chapter 7 — Group Policy Deep Dive
Chapter 8 — Trusts, Forests, and Boundaries
Chapter 9 — Name Resolution & Identity Discovery
Chapter 10 — Admin Protocols I: SMB, RPC/DCOM
Chapter 11 — Admin Protocols II: WMI & WinRM
Chapter 12 — Remote Access: RDP & NLA
Chapter 13 — Secrets & Protections: LSASS, LSA, SSO
Chapter 14 — Telemetry Architecture
Chapter 15 — SIEM/EDR/UEBA Integration
Chapter 16 — Behaviors that Matter (MITRE ATT&CK)
Chapter 17 — Hardening the Enterprise
Chapter 18 — Designing for Resilience
Chapter 19 — Executive Reporting & Risk Communication
Chapter 20 — Putting It All Together
Appendices
A. Checklists & Templates (Scope, ROE, Evidence Logs)
B. Event ID & Sysmon Quick Reference
C. Lab Topologies & Build Scripts (Safe, Offline)
"synopsis" may belong to another edition of this title.
Seller: California Books, Miami, FL, U.S.A.
Condition: New. Print on Demand. Seller Inventory # I-9798264400940
Seller: Grand Eagle Retail, Bensenville, IL, U.S.A.
Paperback. Condition: new. Paperback. Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on.What's insideThe book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, SPNs-and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts.Who it servesSecurity engineers, detection analysts, incident responders, red/purple teamers, architects, admins-anyone responsible for the safety and reliability of Windows environments.Key takeawaysClear mental models for AD, GPOs, trusts, and admin protocolsA safe, reproducible offline lab and build scriptsCurated Windows Event and Sysmon IDs that surface meaningful behaviorsPractical hardening: tiering, LAPS hygiene, Credential Guard, auditing that worksReporting patterns that tie technical signal to business riskChapter 0 - Foundations & AcronymsChapter 1 - Assessment Mindset & MethodologyChapter 2 - Building the Safe LabChapter 3 - Identity 101 in Windows DomainsChapter 4 - Kerberos in the Real WorldChapter 5 - NTLM and Legacy RealitiesChapter 6 - Directory Objects, Delegations & RBACChapter 7 - Group Policy Deep DiveChapter 8 - Trusts, Forests, and BoundariesChapter 9 - Name Resolution & Identity DiscoveryChapter 10 - Admin Protocols I: SMB, RPC/DCOMChapter 11 - Admin Protocols II: WMI & WinRMChapter 12 - Remote Access: RDP & NLAChapter 13 - Secrets & Protections: LSASS, LSA, SSOChapter 14 - Telemetry ArchitectureChapter 15 - SIEM/EDR/UEBA IntegrationChapter 16 - Behaviors that Matter (MITRE ATT&CK)Chapter 17 - Hardening the EnterpriseChapter 18 - Designing for ResilienceChapter 19 - Executive Reporting & Risk CommunicationChapter 20 - Putting It All TogetherAppendicesA. Checklists & Templates (Scope, ROE, Evidence Logs)B. Event ID & Sysmon Quick ReferenceC. Lab Topologies & Build Scripts (Safe, Offline) This item is printed on demand. Shipping may be from multiple locations in the US or from the UK, depending on stock availability. Seller Inventory # 9798264400940
Seller: PBShop.store UK, Fairford, GLOS, United Kingdom
PAP. Condition: New. New Book. Shipped from UK. Established seller since 2000. Seller Inventory # L2-9798264400940
Quantity: Over 20 available
Seller: CitiRetail, Stevenage, United Kingdom
Paperback. Condition: new. Paperback. Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on.What's insideThe book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, SPNs-and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts.Who it servesSecurity engineers, detection analysts, incident responders, red/purple teamers, architects, admins-anyone responsible for the safety and reliability of Windows environments.Key takeawaysClear mental models for AD, GPOs, trusts, and admin protocolsA safe, reproducible offline lab and build scriptsCurated Windows Event and Sysmon IDs that surface meaningful behaviorsPractical hardening: tiering, LAPS hygiene, Credential Guard, auditing that worksReporting patterns that tie technical signal to business riskChapter 0 - Foundations & AcronymsChapter 1 - Assessment Mindset & MethodologyChapter 2 - Building the Safe LabChapter 3 - Identity 101 in Windows DomainsChapter 4 - Kerberos in the Real WorldChapter 5 - NTLM and Legacy RealitiesChapter 6 - Directory Objects, Delegations & RBACChapter 7 - Group Policy Deep DiveChapter 8 - Trusts, Forests, and BoundariesChapter 9 - Name Resolution & Identity DiscoveryChapter 10 - Admin Protocols I: SMB, RPC/DCOMChapter 11 - Admin Protocols II: WMI & WinRMChapter 12 - Remote Access: RDP & NLAChapter 13 - Secrets & Protections: LSASS, LSA, SSOChapter 14 - Telemetry ArchitectureChapter 15 - SIEM/EDR/UEBA IntegrationChapter 16 - Behaviors that Matter (MITRE ATT&CK)Chapter 17 - Hardening the EnterpriseChapter 18 - Designing for ResilienceChapter 19 - Executive Reporting & Risk CommunicationChapter 20 - Putting It All TogetherAppendicesA. Checklists & Templates (Scope, ROE, Evidence Logs)B. Event ID & Sysmon Quick ReferenceC. Lab Topologies & Build Scripts (Safe, Offline) This item is printed on demand. Shipping may be from our UK warehouse or from our Australian or US warehouses, depending on stock availability. Seller Inventory # 9798264400940
Quantity: 1 available
Seller: AHA-BUCH GmbH, Einbeck, Germany
Taschenbuch. Condition: Neu. Neuware - Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on. Seller Inventory # 9798264400940