Mastering Kali Linux for Advanced Penetration Testing


Mastering Kali Linux for Advanced Penetration Testing
eBook: $32.99
Formats: PDF, PacktLib, ePub and Mobi formats
$28.05
save 15%!
Print + free eBook + free PacktLib access to the book: $87.98    Print cover: $54.99
$83.04
save 6%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Conduct realistic and effective security tests on your network
  • Demonstrate how key data systems are stealthily exploited, and learn how to identify attacks against your own systems
  • Use hands-on techniques to take advantage of Kali Linux, the open source framework of security tools

Book Details

Language : English
Paperback : 356 pages [ 235mm x 191mm ]
Release Date : June 2014
ISBN : 1782163123
ISBN 13 : 9781782163121
Author(s) : Robert W. Beggs
Topics and Technologies : All Books, Open Source


Table of Contents

Preface
Part 1: The Attacker's Kill Chain
Chapter 1: Starting with Kali Linux
Chapter 2: Identifying the Target – Passive Reconnaissance
Chapter 3: Active Reconnaissance and Vulnerability Scanning
Chapter 4: Exploit
Chapter 5: Post Exploit – Action on the Objective
Chapter 6: Post Exploit – Persistence
Part 2: The Delivery Phase
Chapter 7: Physical Attacks and Social Engineering
Chapter 8: Exploiting Wireless Communications
Chapter 9: Reconnaissance and Exploitation of Web-based Applications
Chapter 10: Exploiting Remote Access Communications
Chapter 11: Client-side Exploitation
Appendix: Installing Kali Linux
Index
  • Chapter 1: Starting with Kali Linux
    • Kali Linux
    • Configuring network services and secure communications
      • Adjusting network proxy settings
      • Securing communications with Secure Shell
    • Updating Kali Linux
      • The Debian package management system
        • Packages and repositories
        • Dpkg
        • Using Advanced Packaging Tools
    • Configuring and customizing Kali Linux
      • Resetting the root password
      • Adding a non-root user
      • Speeding up Kali operations
      • Sharing folders with Microsoft Windows
      • Creating an encrypted folder with TrueCrypt
    • Managing third-party applications
      • Installing third-party applications
      • Running third-party applications with non-root privileges
    • Effective management of penetration tests
    • Summary
  • Chapter 2: Identifying the Target – Passive Reconnaissance
    • Basic principles of reconnaissance
    • Open Source intelligence
    • DNS reconnaissance and route mapping
      • WHOIS
      • DNS reconnaissance
        • IPv4
        • IPv6
      • Mapping the route to the target
    • Obtaining user information
      • Gathering names and e-mail addresses
    • Profiling users for password lists
    • Summary
  • Chapter 3: Active Reconnaissance and Vulnerability Scanning
    • Stealth scanning strategies
      • Adjusting source IP stack and tool identification settings
      • Modifying packet parameters
      • Using proxies with anonymity networks (Tor and Privoxy)
    • Identifying the network infrastructure
    • Enumerating hosts
      • Live host discovery
    • Port, operating system, and service discovery
      • Port scanning
      • Fingerprinting the operating system
      • Determining active services
    • Employing comprehensive reconnaissance applications
      • nmap
      • The recon-ng framework
      • Maltego
    • Vulnerability scanning
    • Summary
  • Chapter 4: Exploit
    • Threat modeling
    • Using online and local vulnerability resources
      • The Metasploit Framework
      • Exploiting a vulnerable application
    • Exploiting multiple targets with Armitage
      • Team testing with Armitage
      • Scripting the Armitage attack
    • Bypassing IDs and antivirus detection
    • Summary
  • Chapter 5: Post Exploit – Action on the Objective
    • Bypassing Windows User Account Control
    • Conducting a rapid reconnaissance of a compromised system
      • Using the WMIC scripting language
    • Finding and taking sensitive data – pillaging the target
    • Creating additional accounts
    • Using Metasploit for post-exploit activities
    • Escalating user privileges on a compromised host
    • Replaying authentication tokens using incognito
      • Manipulating access credentials with Windows Credential Editor
      • Escalating from Administrator to SYSTEM
    • Accessing new accounts with horizontal escalation
    • Covering your tracks
    • Summary
  • Chapter 6: Post Exploit – Persistence
    • Compromising the existing system and application files for remote access
      • Remotely enabling the Telnet service
      • Remotely enabling Windows Terminal Services
      • Remotely enabling Virtual Network Computing
    • Using persistent agents
      • Employing Netcat as a persistent agent
    • Maintaining persistence with the Metasploit Framework
      • Using the metsvc script
      • Using the persistence script
    • Creating a standalone persistent agent with Metasploit
    • Redirecting ports to bypass network controls
      • Example 1 – simple port redirection
      • Example 2 – bidirectional port redirection
    • Summary
  • Chapter 7: Physical Attacks and Social Engineering
    • Social Engineering Toolkit
      • Spear Phishing Attack
      • Using a website attack vector – Java Applet Attack Method
      • Using a website attack vector – Credential Harvester Attack Method
      • Using a website attack vector – Tabnabbing Attack Method
      • Using a website attack vector - Multi-Attack Web Method
    • Using the PowerShell alphanumeric shellcode injection attack
    • Hiding executables and obfuscating the attacker's URL
    • Escalating an attack using DNS redirection
    • Physical access and hostile devices
      • Raspberry Pi attack vectors
    • Summary
  • Chapter 8: Exploiting Wireless Communications
    • Configuring Kali for wireless attacks
    • Wireless reconnaissance
      • Kismet
    • Bypassing a Hidden Service Set Identifier
    • Bypassing the MAC address authentication
    • Compromising a WEP encryption
    • Attacking WPA and WPA2
      • Brute-force attacks
      • Attacking wireless routers with Reaver
    • Cloning an access point
    • Denial-of-service attacks
    • Summary
  • Chapter 9: Reconnaissance and Exploitation of Web-based Applications
    • Conducting reconnaissance of websites
    • Vulnerability scanners
      • Extending the functionality of traditional vulnerability scanners
      • Extending the functionality of web browsers
      • Web-service-specific vulnerability scanners
    • Testing security with client-side proxies
    • Server exploits
    • Application-specific attacks
      • Brute-forcing access credentials
      • Injection attacks against databases
    • Maintaining access with web backdoors
    • Summary
  • Chapter 10: Exploiting Remote Access Communications
    • Exploiting operating system communication protocols
      • Compromising Remote Desktop Protocol
      • Compromising Secure Shell
    • Exploiting third-party remote access applications
    • Attacking Secure Sockets Layer
      • Configuring Kali for SSLv2 scanning
      • Reconnaissance of SSL connections
      • Using sslstrip to conduct a man-in-the-middle attack
      • Denial-of-service attacks against SSL
    • Attacking an IPSec Virtual Private Network
      • Scanning for VPN gateways
      • Fingerprinting the VPN gateway
      • Capturing pre-shared keys
      • Performing offline PSK cracking
      • Identifying default user accounts
    • Summary
  • Chapter 11: Client-side Exploitation
    • Attacking a system using hostile scripts
      • Conducting attacks using VBScript
      • Attacking systems using Windows PowerShell
    • The Cross-Site Scripting Framework
    • The Brower Exploitation Framework – BeEF
      • Installing and configuring the Browser Exploitation Framework
    • A walkthrough of the BeEF browser
      • Integrating BeEF and Metasploit attacks
      • Using BeEF as a tunneling proxy
    • Summary
  • Appendix: Installing Kali Linux
    • Downloading Kali Linux
    • Basic Installation of Kali Linux
      • Installing Kali Linux to a virtual machine
      • Full disk encryption and nuking the master key
    • Setting up a test environment
      • Vulnerable operating systems and applications

Robert W. Beggs

Robert W. Beggs is the founder and CEO of Digital Defence, a company that specializes in preventing and responding to information security incidents. He has more than 15 years of experience in the technical leadership of security engagements, including penetration testing of wired and wireless networks, incident response, and data forensics.

Robert is a strong evangelist of security and is a cofounder of Toronto Area Security Klatch, the largest known vendor-independent security user group in North America. He is a member on the advisory board of the SecTor Security Conference as well as on several academic security programs. He is an enthusiastic security trainer and has taught graduates, undergraduates, and continuing education students courses in information security at several Canadian universities.

Robert holds an MBA in Science and Technology from Queen's University and is a Certified Information Systems Security Professional.

Sorry, we don't have any reviews for this title yet.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


Errata

- 2 submitted: last submission 03 Jul 2014

Page no. 264 | Errata type: Code

The command root@kali:~# -L user.lst –V –x '6:8:aA1 !@#$' <IP address> SSH

should be

root@kali:~# hydra -L user.lst -V –x '6:8:aA1 !@#$' <IP address> SSH

Page no. 23 | Errata type: Code

The line:

Updating the source.list file can be done from the command line (echo deb
http://http.kali.org/kiali kali main contrib non-free >>
/etc/apt/sources.list), or by using a text editor.

Should be:

Updating the source.list file can be done from the command line (echo deb
http://http.kali.org/kali kali main contrib non-free >>
/etc/apt/sources.list), or by using a text editor.

Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

Mastering Kali Linux for Advanced Penetration Testing +    Building Virtual Pentesting Labs for Advanced Penetration Testing =
50% Off
the second eBook
Price for both: $47.10

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

  • Employ the methods used by real hackers effectively, to ensure the most effective penetration testing of your network
  • Select and configure the most effective tools from Kali Linux to test network security
  • Employ stealth to avoid detection in the network being tested
  • Recognize when stealthy attacks are being used against your network
  • Exploit networks and data systems using wired and wireless networks as well as web services
  • Identify and download valuable data from target systems
  • Maintain access to compromised systems
  • Use social engineering to compromise the weakest part of the network—the end users

In Detail

Mastering Kali Linux for Advanced Penetration Testing will teach you the kill chain perspective in assessing network security—from selecting the most effective tools, to rapidly compromising network security, to highlighting the techniques used to avoid detection.

This book will take you, as a tester, through the reconnaissance, exploitation, and post-exploitation activities used by penetration testers and hackers. After learning the hands-on techniques to perform an effective and covert attack, specific routes to the target will be examined, including bypassing physical security. You will also get to grips with concepts such as social engineering, attacking wireless networks, web services, and remote access connections. Finally, you will focus on the most vulnerable part of the network—directly attacking the end user.

This book will provide all the practical knowledge needed to test your network's security using a proven hacker's methodology.

Approach

This book provides an overview of the kill chain approach to penetration testing, and then focuses on using Kali Linux to provide examples of how this methodology is applied in the real world. After describing the underlying concepts, step-by-step examples are provided that use selected tools to demonstrate the techniques.

Who this book is for

If you are an IT professional or a security consultant who wants to maximize the success of your network testing using some of the advanced features of Kali Linux, then this book is for you. This book will teach you how to become an expert in the pre-engagement, management, and documentation of penetration testing by building on your understanding of Kali Linux and wireless concepts.

Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software