Switch to the store?

Kali Linux CTF Blueprints

More Information
Learn
  • Set up vulnerable services for both Windows and Linux
  • Create dummy accounts for social engineering manipulation
  • Set up Heartbleed replication for vulnerable SSL servers
  • Develop full-size labs to challenge current and potential testers
  • Construct scenarios that can be applied to Capture the Flag style challenges
  • Add physical components to your scenarios and fire USB missile launchers at your opponents
  • Challenge your own projects with a best-practice exploit guide to each scenario
About

As attackers develop more effective and complex ways to compromise computerized systems, penetration testing skills and tools are in high demand. A tester must have varied skills to combat these threats or fall behind. This book provides practical and customizable guides to set up a variety of exciting challenge projects that can then be tested with Kali Linux.

Learn how to create, customize, and exploit penetration testing scenarios and assault courses. Start by building flawed fortresses for Windows and Linux servers, allowing your testers to exploit common and not-so-common vulnerabilities to break down the gates and storm the walls. Mimic the human element with practical examples of social engineering projects. Facilitate vulnerable wireless and mobile installations and cryptographic weaknesses, and replicate the Heartbleed vulnerability. Finally, combine your skills and work to create a full red-team assessment environment that mimics the sort of corporate network encountered in the field.

Features
  • Put the skills of the experts to the test with these tough and customisable pentesting projects
  • Develop each challenge to suit your specific training, testing, or client engagement needs
  • Hone your skills, from wireless attacks to social engineering, without the need to access live systems
Page Count 190
Course Length 5 hours 42 minutes
ISBN 9781783985982
Date Of Publication 23 Jul 2014
Differences between Linux and Microsoft
Scenario 1 – learn Samba and other dance forms
Scenario 2 – turning on a LAMP
Scenario 3 – destructible distros
Scenario 4 – tearing it up with Telnet
Flag placement and design
Exploitation guides
Summary
Wireless environment setup
Scenario 1 – WEP, that's me done for the day
Scenario 2 – WPA-2
Scenario 3 – pick up the phone
Exploitation guides
Summary
Scenario 1 – maxss your haxss
Scenario 2 – social engineering: do no evil
Scenario 3 – hunting rabbits
Scenario 4 – I am a Stegosaurus
Exploitation guides
Summary
Crypto jargon
Scenario 1 – encode-ageddon
Scenario 2 – encode + Python = merry hell
Scenario 3 – RC4, my god, what are you doing?
Scenario 4 – Hishashin
Scenario 5 – because Heartbleed didn't get enough publicity as it is
Exploitation guides
Summary
Chapter guide
Scoring systems
Setting scenarios
Reporting
CTF-style variations
Scenario 1 – ladders, why did it have to be ladders?
Scenario 2 – that's no network, it's a space station
Summary

Authors

Cameron Buchanan

Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients across many industries. Previously, Cameron was a member of the RAF. In his spare time, he enjoys doing stupid things, such as trying to make things fly, getting electrocuted, and dunking himself in freezing cold water. He is married and lives in London.