Kali Linux – Assuring Security by Penetration Testing

With Kali Linux you can test the vulnerabilities of your network and then take steps to secure it. This engaging tutorial is a comprehensive guide to this penetration testing platform, specially written for IT security professionals.

Kali Linux – Assuring Security by Penetration Testing

Starting
Lee Allen, Tedi Heriyanto, Shakeel Ali

With Kali Linux you can test the vulnerabilities of your network and then take steps to secure it. This engaging tutorial is a comprehensive guide to this penetration testing platform, specially written for IT security professionals.
$26.99
$44.99
RRP $26.99
RRP $44.99
eBook
Print + eBook
$12.99 p/month

Want this title & more? Subscribe to PacktLib

Enjoy full and instant access to over 2000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.
Code Files
+ Collection
Free sample

Book Details

ISBN 139781849519489
Paperback454 pages

About This Book

  • Learn penetration testing techniques with an in-depth coverage of Kali Linux distribution
  • Explore the insights and importance of testing your corporate network systems before the hackers strike
  • Understand the practical spectrum of security tools by their exemplary usage, configuration, and benefits

Who This Book Is For

If you are an IT security professional who has a basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and want to use Kali Linux for penetration testing, this book is for you.

Table of Contents

Chapter 1: Beginning with Kali Linux
A brief history of Kali Linux
Kali Linux tool categories
Downloading Kali Linux
Using Kali Linux
Configuring the virtual machine
Updating Kali Linux
Network services in Kali Linux
Installing a vulnerable server
Installing additional weapons
Summary
Chapter 2: Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
Penetration Testing Execution Standard (PTES)
General penetration testing framework
The ethics
Summary
Chapter 3: Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
Chapter 4: Information Gathering
Using public resources
Querying the domain registration information
Analyzing the DNS records
Getting network routing information
Utilizing the search engine
Summary
Chapter 5: Target Discovery
Starting off with target discovery
Identifying the target machine
OS fingerprinting
Summary
Chapter 6: Enumerating Target
Introducing port scanning
The network scanner
SMB enumeration
SNMP enumeration
VPN enumeration
Summary
Chapter 7: Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
Cisco analysis
Fuzz analysis
SMB analysis
SNMP analysis
Web application analysis
Summary
Chapter 8: Social Engineering
Modeling the human psychology
Attack process
Attack methods
Scarcity
Social relationship
Social Engineering Toolkit (SET)
Summary
Chapter 9: Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
Summary
Chapter 10: Privilege Escalation
Privilege escalation using a local exploit
Password attack tools
Network spoofing tools
Network sniffers
Summary
Chapter 11: Maintaining Access
Using operating system backdoors
Working with tunneling tools
Creating web backdoors
Summary
Chapter 12: Documentation and Reporting
Documentation and results verification
Types of reports
Network penetration testing report (sample contents)
Preparing your presentation
Post-testing procedures
Summary

What You Will Learn

  • Develop the Kali Linux environment in your test lab by installing, configuring, running, and updating its core system components
  • Perform a formal Kali Linux testing methodology
  • Scope your target with definitive test requirements, limitations, business objectives, and schedule the test plan
  • Exercise a number of security tools from Kali Linux, logically divided into subcategories of testing methodology
  • Practice the processes of reconnaissance, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, and maintaining access to target for evaluation purposes
  • Document, report, and present your verified test results to the relevant authorities in a formal reporting structure

In Detail

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement.

Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

Authors

Table of Contents

Chapter 1: Beginning with Kali Linux
A brief history of Kali Linux
Kali Linux tool categories
Downloading Kali Linux
Using Kali Linux
Configuring the virtual machine
Updating Kali Linux
Network services in Kali Linux
Installing a vulnerable server
Installing additional weapons
Summary
Chapter 2: Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
Penetration Testing Execution Standard (PTES)
General penetration testing framework
The ethics
Summary
Chapter 3: Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
Chapter 4: Information Gathering
Using public resources
Querying the domain registration information
Analyzing the DNS records
Getting network routing information
Utilizing the search engine
Summary
Chapter 5: Target Discovery
Starting off with target discovery
Identifying the target machine
OS fingerprinting
Summary
Chapter 6: Enumerating Target
Introducing port scanning
The network scanner
SMB enumeration
SNMP enumeration
VPN enumeration
Summary
Chapter 7: Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Open Vulnerability Assessment System (OpenVAS)
Cisco analysis
Fuzz analysis
SMB analysis
SNMP analysis
Web application analysis
Summary
Chapter 8: Social Engineering
Modeling the human psychology
Attack process
Attack methods
Scarcity
Social relationship
Social Engineering Toolkit (SET)
Summary
Chapter 9: Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
Summary
Chapter 10: Privilege Escalation
Privilege escalation using a local exploit
Password attack tools
Network spoofing tools
Network sniffers
Summary
Chapter 11: Maintaining Access
Using operating system backdoors
Working with tunneling tools
Creating web backdoors
Summary
Chapter 12: Documentation and Reporting
Documentation and results verification
Types of reports
Network penetration testing report (sample contents)
Preparing your presentation
Post-testing procedures
Summary

Book Details

ISBN 139781849519489
Paperback454 pages
Read More