Kali Linux – Assuring Security by Penetration Testing

Kali Linux – Assuring Security by Penetration Testing
eBook: $26.99
Formats: PDF, PacktLib, ePub and Mobi formats
save 15%!
Print + free eBook + free PacktLib access to the book: $71.98    Print cover: $44.99
save 6%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Table of Contents
Sample Chapters
  • Learn penetration testing techniques with an in-depth coverage of Kali Linux distribution
  • Explore the insights and importance of testing your corporate network systems before the hackers strike
  • Understand the practical spectrum of security tools by their exemplary usage, configuration, and benefits

Book Details

Language : English
Paperback : 454 pages [ 235mm x 191mm ]
Release Date : April 2014
ISBN : 184951948X
ISBN 13 : 9781849519489
Author(s) : Lee Allen, Tedi Heriyanto, Shakeel Ali
Topics and Technologies : All Books, Networking and Servers, Open Source

Table of Contents

PART I: Lab Preparation and Testing Procedures
Chapter 1: Beginning with Kali Linux
Chapter 2: Penetration Testing Methodology
PART II: Penetration Testers Armory
Chapter 3: Target Scoping
Chapter 4: Information Gathering
Chapter 5: Target Discovery
Chapter 6: Enumerating Target
Chapter 7: Vulnerability Mapping
Chapter 8: Social Engineering
Chapter 9: Target Exploitation
Chapter 10: Privilege Escalation
Chapter 11: Maintaining Access
Chapter 12: Documentation and Reporting
PART III: Extra Ammunition
Appendix A: Supplementary Tools
Appendix B: Key Resources
  • Chapter 1: Beginning with Kali Linux
    • A brief history of Kali Linux
    • Kali Linux tool categories
    • Downloading Kali Linux
    • Using Kali Linux
      • Running Kali using Live DVD
      • Installing Kali on a hard disk
        • Installing Kali on a physical machine
        • Installing Kali on a virtual machine
      • Installing Kali on a USB disk
    • Configuring the virtual machine
      • VirtualBox guest additions
      • Setting up networking
        • Setting up a wired connection
        • Setting up a wireless connection
        • Starting the network service
      • Configuring shared folders
      • Saving the guest machine state
      • Exporting a virtual machine
    • Updating Kali Linux
    • Network services in Kali Linux
      • HTTP
      • MySQL
      • SSH
    • Installing a vulnerable server
    • Installing additional weapons
      • Installing the Nessus vulnerability scanner
      • Installing the Cisco password cracker
    • Summary
  • Chapter 2: Penetration Testing Methodology
    • Types of penetration testing
      • Black box testing
      • White box testing
    • Vulnerability assessment versus penetration testing
    • Security testing methodologies
      • Open Source Security Testing Methodology Manual (OSSTMM)
        • Key features and benefits
      • Information Systems Security Assessment Framework (ISSAF)
        • Key features and benefits
      • Open Web Application Security Project (OWASP)
        • Key features and benefits
      • Web Application Security Consortium Threat Classification (WASC-TC)
        • Key features and benefits
    • Penetration Testing Execution Standard (PTES)
      • Key features and benefits
    • General penetration testing framework
      • Target scoping
      • Information gathering
      • Target discovery
      • Enumerating target
      • Vulnerability mapping
      • Social engineering
      • Target exploitation
      • Privilege escalation
      • Maintaining access
      • Documentation and reporting
    • The ethics
    • Summary
  • Chapter 3: Target Scoping
    • Gathering client requirements
      • Creating the customer requirements form
      • The deliverables assessment form
    • Preparing the test plan
      • The test plan checklist
    • Profiling test boundaries
    • Defining business objectives
    • Project management and scheduling
    • Summary
  • Chapter 4: Information Gathering
    • Using public resources
    • Querying the domain registration information
    • Analyzing the DNS records
      • host
      • dig
      • dnsenum
      • dnsdict6
      • fierce
      • DMitry
      • Maltego
    • Getting network routing information
      • tcptraceroute
      • tctrace
    • Utilizing the search engine
      • theharvester
      • Metagoofil
    • Summary
  • Chapter 5: Target Discovery
    • Starting off with target discovery
    • Identifying the target machine
      • ping
      • arping
      • fping
      • hping3
      • nping
      • alive6
      • detect-new-ip6
      • passive_discovery6
      • nbtscan
    • OS fingerprinting
      • p0f
      • Nmap
    • Summary
  • Chapter 6: Enumerating Target
    • Introducing port scanning
      • Understanding the TCP/IP protocol
      • Understanding the TCP and UDP message format
    • The network scanner
      • Nmap
        • Nmap target specification
        • Nmap TCP scan options
        • Nmap UDP scan options
        • Nmap port specification
        • Nmap output options
        • Nmap timing options
        • Nmap useful options
        • Nmap for scanning the IPv6 target
        • The Nmap scripting engine
        • Nmap options for Firewall/IDS evasion
      • Unicornscan
      • Zenmap
      • Amap
    • SMB enumeration
    • SNMP enumeration
      • onesixtyone
      • snmpcheck
    • VPN enumeration
      • ike-scan
    • Summary
  • Chapter 7: Vulnerability Mapping
    • Types of vulnerabilities
      • Local vulnerability
      • Remote vulnerability
    • Vulnerability taxonomy
    • Open Vulnerability Assessment System (OpenVAS)
      • Tools used by OpenVAS
    • Cisco analysis
      • Cisco auditing tool
      • Cisco global exploiter
    • Fuzz analysis
      • BED
      • JBroFuzz
    • SMB analysis
      • Impacket Samrdump
    • SNMP analysis
      • SNMP Walk
    • Web application analysis
      • Database assessment tools
        • DBPwAudit
        • SQLMap
        • SQL Ninja
      • Web application assessment
        • Burp Suite
        • Nikto2
        • Paros proxy
        • W3AF
        • WafW00f
        • WebScarab
    • Summary
  • Chapter 8: Social Engineering
    • Modeling the human psychology
    • Attack process
    • Attack methods
      • Impersonation
      • Reciprocation
      • Influential authority
    • Scarcity
    • Social relationship
    • Social Engineering Toolkit (SET)
      • Targeted phishing attack
    • Summary
  • Chapter 9: Target Exploitation
    • Vulnerability research
    • Vulnerability and exploit repositories
    • Advanced exploitation toolkit
      • MSFConsole
      • MSFCLI
      • Ninja 101 drills
        • Scenario 1
        • Scenario 2
        • Scenario 3
        • Scenario 4
      • Writing exploit modules
    • Summary
  • Chapter 10: Privilege Escalation
    • Privilege escalation using a local exploit
    • Password attack tools
      • Offline attack tools
        • hash-identifier
        • Hashcat
        • RainbowCrack
        • samdump2
        • John
        • Johnny
        • Ophcrack
        • Crunch
      • Online attack tools
        • CeWL
        • Hydra
        • Medusa
    • Network spoofing tools
      • DNSChef
        • Setting up a DNS proxy
        • Faking a domain
      • arpspoof
      • Ettercap
    • Network sniffers
      • dsniff
      • tcpdump
      • Wireshark
    • Summary
  • Chapter 11: Maintaining Access
    • Using operating system backdoors
      • Cymothoa
      • Intersect
      • The Meterpreter backdoor
    • Working with tunneling tools
      • dns2tcp
      • iodine
        • Configuring the DNS server
        • Running the iodine server
        • Running the iodine client
      • ncat
      • proxychains
      • ptunnel
      • socat
        • Getting HTTP header information
        • Transferring files
      • sslh
      • stunnel4
    • Creating web backdoors
      • WeBaCoo
      • weevely
      • PHP Meterpreter
    • Summary
  • Chapter 12: Documentation and Reporting
    • Documentation and results verification
    • Types of reports
      • The executive report
      • The management report
      • The technical report
    • Network penetration testing report (sample contents)
    • Preparing your presentation
    • Post-testing procedures
    • Summary
  • Appendix A: Supplementary Tools
    • Reconnaissance tool
    • Vulnerability scanner
      • NeXpose Community Edition
        • Installing NeXpose
        • Starting the NeXpose community
        • Logging in to the NeXpose community
        • Using the NeXpose community
    • Web application tools
      • Golismero
      • Arachni
      • BlindElephant
    • Network tool
      • Netcat
        • Open connection
        • Service banner grabbing
        • Simple chat server
        • File transfer
        • Portscanning
        • Backdoor shell
        • Reverse shell
    • Summary
  • Appendix B: Key Resources
    • Vulnerability disclosure and tracking
      • Paid incentive programs
    • Reverse engineering resources
    • Penetration testing learning resources
    • Exploit development learning resources
    • Penetration testing on a vulnerable environment
      • Online web application challenges
      • Virtual machines and ISO images
    • Network ports

Lee Allen

Lee Allen is currently working as a security architect at a prominent university. Throughout the years, he has continued his attempts to remain up to date with the latest and greatest developments in the security industry and the security community. He has several industry certifications including the OSWP and has been working in the IT industry for over 15 years.

Lee Allen is the author of Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide, Packt Publishing.

Tedi Heriyanto

Tedi Heriyanto currently works as a principal consultant in an Indonesian information security company. In his current role, he has been engaged with various penetration testing assignments in Indonesia and other countries. In his previous role, he was engaged with several well-known business institutions across Indonesia and overseas. Tedi has an excellent track record in designing secure network architecture, deploying and managing enterprise-wide security systems, developing information security policies and procedures, performing information security audits and assessments, and providing information security awareness training. In his spare time, he manages to research, learn, and participate in the Indonesian Security Community activities and has a blog http://theriyanto.wordpress.com. He shares his knowledge in the security fi eld by writing several information security books.

Shakeel Ali

Shakeel Ali is a Security and Risk Management consultant at Fortune 500. Previously, he was the key founder of Cipher Storm Ltd., UK. His expertise in the security industry markedly exceeds the standard number of security assessments, audits, compliance, governance, and forensic projects that he carries out in day-to-day operations. He has also served as a Chief Security Officer at CSS Providers SAL. As a senior security evangelist and having spent endless nights without taking a nap, he provides constant security support to various businesses, educational organizations, and government institutions globally. He is an active, independent researcher who writes various articles and whitepapers and manages a blog at Ethical-Hacker.net. Also, he regularly participates in BugCon Security Conferences held in Mexico, to highlight the best-of-breed cyber security threats and their solutions from practically driven countermeasures.
Sorry, we don't have any reviews for this title yet.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


- 2 submitted: last submission 30 Apr 2014

Errata Type: Code Related | Errata Page: 40

To test whether your MySQL has already started, you can use the MySQL client to connect to the server. We define the username (root) and the password to log in to the MySQL server:
mysql -u root –p

This should be as follows:

To test whether your MySQL has already started, you can use the MySQL

client to connect to the server. We define the username (root) to log in to the MySQL server. The default MySQL in Kali does not have a password set yet:

mysql -u root


Errata Type: Code Related | Errata Page: 46

Run the following commands:
make installh


This should be as follows:

Run the following commands:
make install

Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

Kali Linux – Assuring Security by Penetration Testing +    Haskell Data Analysis Cookbook =
50% Off
the second eBook
Price for both: $41.55

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • Develop the Kali Linux environment in your test lab by installing, configuring, running, and updating its core system components
  • Perform a formal Kali Linux testing methodology
  • Scope your target with definitive test requirements, limitations, business objectives, and schedule the test plan
  • Exercise a number of security tools from Kali Linux, logically divided into subcategories of testing methodology
  • Practice the processes of reconnaissance, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, and maintaining access to target for evaluation purposes
  • Document, report, and present your verified test results to the relevant authorities in a formal reporting structure

In Detail

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement.

Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.


Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux testing process or study parts of it individually.

Who this book is for

If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, this book is for you.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software