Cloud & Networking
Reader small image

You're reading from  Kali Linux Cookbook - Second Edition

Product typeBook
Published inSep 2017
Publisher
ISBN-139781784390303
Edition2nd Edition
Tools
Kali Linux
Concepts
Network Security
Right arrow
Authors (2):
Corey Schultz
Corey Schultz
author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

Bob Perciaccante
Bob Perciaccante
author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

View More author details
Right arrow

Installing OWASP-BWA

The Open Web Application Security Project (OWASP), is a global community that focuses on security awareness and the development of secure applications. While this may be thought of as a single application or platform, OWASP is actually a collection of projects that can focus on any number of aspects of applications security. For this recipe, we will focus on the OWASP Broken Web Application (BWA) project to provide us with a standardized platform for the testing of our tools in later chapters.

Getting ready

To install the OWASP-BWA image, we will need to do the following:

How to do it...

To install OWASP-BWA into our VirtualBox environment, we will do the following:

  1. Unzip the ZIP file containing the OWASP-BWA files into a location you will reference in the next few steps.
  2. From the console of VirtualBox, on the upper left, we will select the New icon to begin the creation of a new virtual machine.

  1. We will name our new virtual machine OWASP-BWA, and define it as a 64 bit Ubuntu Linux system:
    Creating a virtual machine for OWASP-BWA
  2. Leave the default memory allocation as 1024 MB, and click Next.
  3. You will now select Use existing virtual hard disk and navigate to the directory where you unpacked OWASP-BWA. From that directory, select the following and click Create:
Selection of OWASP-BWA virtual disk
  1. Once you have created the virtual machine, we will need to make sure that the correct network interface has been designated. Right-click on on our new host on the left, and select Settings. Navigate to Network and ensure that the Adapter 1 is attached to the Host-only Adapter, and that the other adapters are not enabled:
Designating the network adapter for OWASP-BWA in VirtualBox
  1. Once complete, start the new virtual machine and ensure that it boots properly.
It is very likely that fsck will run when first started due to the length of time since last run. You can allow this to complete to ensure there is no observed disk corruption - it only takes a few minutes.
  1. Once fully booted, login as root with the password owaspbwa.
  2. Ensure that you are receiving an IP address from DHCP by issuing ifconfig eth0 from the command line.

  1. Open a web browser, and navigate it to the IP address of the OWASP-BWA guest. Ensure that you are able to see the different projects within OWASP-BWA. If you are able to see the following web page, you have successfully configured OWASP-BWA:
Confirmation of services running on OWASP-BWA
Previous Page
Chapter 2 of 11, Page 11
Next Page
You have been reading a chapter from
Kali Linux Cookbook - Second Edition
Published in: Sep 2017Publisher: ISBN-13: 9781784390303
© 2017 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (2)

author image
Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.
Read more about Corey Schultz

author image
Bob Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.
Read more about Bob Perciaccante

Other recommended products

Related to this chapter

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.

BookDec 2017210 pages
Kali Linux Intrusion and Exploitation Cookbook

Kali Linux Intrusion and Exploitation Cookbook

Born from it predecessor, Kali Linux 2.0 is the most popular Linux distribution designed for security professionals who build defensive strategies around their systems with an offensive mindset. This book aims at introducing you to the most common and not -so- common pre-installed penetration testing tools and create custom complex images in the form of easy to follow recipes. Right Information gathering, vulnerability assessment & penetration testing for Web, wired and wireless Network this book will help you get grips on exploiting vulnerabilities in your system and fix those security anomalies in no time.

BookApr 2017512 pages
Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

BookSep 2018304 pages
Learn Penetration Testing

Learn Penetration Testing

A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.

BookMay 2019424 pages
Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

BookApr 2020246 pages
Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

BookNov 2019550 pages
Applied Network Security

Applied Network Security

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.

BookApr 2017350 pages
Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

BookFeb 2018426 pages
Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

This book is designed to help you learn the basics, it assumes that you have no prior knowledge in hacking, and by the end of it you'll be at a high intermediate level being able launch attacks and hack computer systems just like black-hat hackers do, not only that but you'll also learn how to secure systems from these attacks.

BookJul 2018564 pages5
Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

BookJul 2017190 pages
Kali Linux Network Scanning Cookbook

Kali Linux Network Scanning Cookbook

With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

BookMay 2017634 pages
Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing

This book is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques. It offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

BookOct 2018528 pages

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2