Kali Linux Network Scanning Cookbook - Second Edition

Over 100 practical recipes that leverage custom scripts and integrated tools in Kali Linux to help you effectively master network scanning

Kali Linux Network Scanning Cookbook - Second Edition

This ebook is included in a Mapt subscription
Michael Hixon, Justin Hutchens

Over 100 practical recipes that leverage custom scripts and integrated tools in Kali Linux to help you effectively master network scanning
$0.00
$20.00
$49.99
$29.99p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Preview in Mapt

Book Details

ISBN 139781787287907
Paperback634 pages

Book Description

With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

Starting with the fundamentals of installing and managing Kali Linux, this book will help you map your target with a wide range of network scanning tasks, including discovery, port scanning, fingerprinting, and more. You will learn how to utilize the arsenal of tools available in Kali Linux to conquer any network environment. The book offers expanded coverage of the popular Burp Suite and has new and updated scripts for automating scanning and target exploitation. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed. You will cover the latest features of Kali Linux 2016.2, which includes the enhanced Sparta tool and many other exciting updates.

This immersive guide will also encourage the creation of personally scripted tools and the skills required to create them.

Table of Contents

Chapter 1: Getting Started
Introduction
Configuring a security lab with VMware Player (Windows)
Configuring a security lab with VMware Fusion (macOS)
Installing Ubuntu Server
Installing Metasploitable2
Installing Windows Server
Increasing the Windows attack surface
Installing Kali Linux
Using text editors (Vim and GNU nano)
Keeping Kali updated
Managing Kali services
Configuring and using SSH
Installing Nessus on Kali Linux
Chapter 2: Reconnaissance
Introduction
Using Google to find subdomains
Finding e-mail addresses using theHarvester
Enumerating DNS using the host command
Enumerating DNS using DNSRecon
Enumerating DNS using the dnsenum command
Chapter 3: Discovery
Introduction
Using Scapy to perform host discovery (layers 2/3/4)
Using Nmap to perform host discovery (layers 2/3/4)
Using ARPing to perform host discovery (layer 2)
Using netdiscover to perform host discovery (layer 2)
Using Metasploit to perform host discovery (layer 2)
Using hping3 to perform host discovery (layers 3/4)
Using ICMP to perform host discovery
Using fping to perform host discovery
Chapter 4: Port Scanning
Introduction
UDP port scanning
TCP port scanning
Port scanning with Scapy (UDP, stealth, connect, and zombie)
Port scanning with Nmap (UDP, stealth, connect, zombie)
Port scanning with Metasploit (UDP, stealth, and connect)
Port scanning with hping3 (stealth)
Port scanning with DMitry (connect)
Port scanning with Netcat (connect)
Port scanning with masscan (stealth)
Chapter 5: Fingerprinting
Introduction
Banner grabbing with Netcat
Banner grabbing with Python sockets
Banner grabbing with DMitry
Banner grabbing with Nmap NSE
Banner grabbing with Amap
Service identification with Nmap
Service identification with Amap
Operating system identification with Scapy
Operating system identification with Nmap
Operating system identification with xprobe2
Passive operating system identification with p0f
SNMP analysis with Onesixtyone
SNMP analysis with SNMPwalk
Firewall identification with Scapy
Firewall identification with Nmap
Firewall identification with Metasploit
Chapter 6: Vulnerability Scanning
Introduction
Vulnerability scanning with the Nmap Scripting Engine
Vulnerability scanning with MSF auxiliary modules
Creating scan policies with Nessus
Vulnerability scanning with Nessus
Vulnerability scanning with OpenVAS
Validating vulnerabilities with HTTP interaction
Validating vulnerabilities with ICMP interaction
Chapter 7: Denial of Service
Introduction
Fuzz testing to identify buffer overflows
Remote FTP service buffer-overflow DoS
Smurf DoS attack
DNS amplification DoS attacks
SNMP amplification DoS attack
SYN flood DoS attack
Sock stress DoS attack
DoS attacks with Nmap NSE
DoS attacks with Metasploit
DoS attacks with the exploit database
Chapter 8: Working with Burp Suite
Introduction
Configuring Burp Suite on Kali Linux
Defining a web application target with Burp Suite
Using Burp Suite Spider
Using Burp Suite Proxy
Using Burp Suite engagement tools
Using the Burp Suite web application scanner
Using Burp Suite Intruder
Using Burp Suite Comparer
Using Burp Suite Repeater
Using Burp Suite Decoder
Using Burp Suite Sequencer
Using Burp Suite Extender
Using Burp Suite Clickbandit
Chapter 9: Web Application Scanning
Introduction
Web application scanning with Nikto
SSL/TLS scanning with SSLScan
SSL/TLS scanning with SSLyze
GET method SQL injection with sqlmap
POST method SQL injection with sqlmap
Requesting a capture SQL injection with sqlmap
Automating CSRF testing
Validating command-injection vulnerabilities with HTTP traffic
Validating command-injection vulnerabilities with ICMP traffic
Chapter 10: Attacking the Browser with BeEF
Hooking the browser with BeEF
Collecting information with BeEF
Creating a persistent connection with BeEF
Integrating BeEF and Metasploit
Using the BeEF autorule engine
Chapter 11: Working with Sparta
Information gathering with Sparta
Creating custom commands for Sparta
Port scanning with Sparta
Fingerprinting with Sparta
Vulnerability scanning with Sparta
Web application scanning with Sparta
Chapter 12: Automating Kali Tools
Introduction 
Nmap greppable output analysis
Port scanning with NMAP NSE execution
Automate vulnerability scanning with NSE
Automate web application scanning with Nikto
Multithreaded MSF exploitation with reverse shell payload
Multithreaded MSF exploitation with backdoor executable
Multithreaded MSF exploitation with ICMP verification
Multithreaded MSF exploitation with admin account creation

What You Will Learn

  • Develop a network-testing environment to test scanning tools and techniques
  • Understand the principles of network-scanning tools by building scripts and tools
  • Identify distinct vulnerabilities in web apps and remote services and learn how they are exploited
  • Perform comprehensive scans to identify listening on TCP and UDP sockets
  • Get started with different Kali desktop environments--KDE, MATE, LXDE, and Xfce
  • Use Sparta for information gathering, port scanning, fingerprinting, vulnerability scanning, and more
  • Evaluate DoS threats and learn how common DoS attacks are performed
  • Learn how to use Burp Suite to evaluate web applications

Authors

Table of Contents

Chapter 1: Getting Started
Introduction
Configuring a security lab with VMware Player (Windows)
Configuring a security lab with VMware Fusion (macOS)
Installing Ubuntu Server
Installing Metasploitable2
Installing Windows Server
Increasing the Windows attack surface
Installing Kali Linux
Using text editors (Vim and GNU nano)
Keeping Kali updated
Managing Kali services
Configuring and using SSH
Installing Nessus on Kali Linux
Chapter 2: Reconnaissance
Introduction
Using Google to find subdomains
Finding e-mail addresses using theHarvester
Enumerating DNS using the host command
Enumerating DNS using DNSRecon
Enumerating DNS using the dnsenum command
Chapter 3: Discovery
Introduction
Using Scapy to perform host discovery (layers 2/3/4)
Using Nmap to perform host discovery (layers 2/3/4)
Using ARPing to perform host discovery (layer 2)
Using netdiscover to perform host discovery (layer 2)
Using Metasploit to perform host discovery (layer 2)
Using hping3 to perform host discovery (layers 3/4)
Using ICMP to perform host discovery
Using fping to perform host discovery
Chapter 4: Port Scanning
Introduction
UDP port scanning
TCP port scanning
Port scanning with Scapy (UDP, stealth, connect, and zombie)
Port scanning with Nmap (UDP, stealth, connect, zombie)
Port scanning with Metasploit (UDP, stealth, and connect)
Port scanning with hping3 (stealth)
Port scanning with DMitry (connect)
Port scanning with Netcat (connect)
Port scanning with masscan (stealth)
Chapter 5: Fingerprinting
Introduction
Banner grabbing with Netcat
Banner grabbing with Python sockets
Banner grabbing with DMitry
Banner grabbing with Nmap NSE
Banner grabbing with Amap
Service identification with Nmap
Service identification with Amap
Operating system identification with Scapy
Operating system identification with Nmap
Operating system identification with xprobe2
Passive operating system identification with p0f
SNMP analysis with Onesixtyone
SNMP analysis with SNMPwalk
Firewall identification with Scapy
Firewall identification with Nmap
Firewall identification with Metasploit
Chapter 6: Vulnerability Scanning
Introduction
Vulnerability scanning with the Nmap Scripting Engine
Vulnerability scanning with MSF auxiliary modules
Creating scan policies with Nessus
Vulnerability scanning with Nessus
Vulnerability scanning with OpenVAS
Validating vulnerabilities with HTTP interaction
Validating vulnerabilities with ICMP interaction
Chapter 7: Denial of Service
Introduction
Fuzz testing to identify buffer overflows
Remote FTP service buffer-overflow DoS
Smurf DoS attack
DNS amplification DoS attacks
SNMP amplification DoS attack
SYN flood DoS attack
Sock stress DoS attack
DoS attacks with Nmap NSE
DoS attacks with Metasploit
DoS attacks with the exploit database
Chapter 8: Working with Burp Suite
Introduction
Configuring Burp Suite on Kali Linux
Defining a web application target with Burp Suite
Using Burp Suite Spider
Using Burp Suite Proxy
Using Burp Suite engagement tools
Using the Burp Suite web application scanner
Using Burp Suite Intruder
Using Burp Suite Comparer
Using Burp Suite Repeater
Using Burp Suite Decoder
Using Burp Suite Sequencer
Using Burp Suite Extender
Using Burp Suite Clickbandit
Chapter 9: Web Application Scanning
Introduction
Web application scanning with Nikto
SSL/TLS scanning with SSLScan
SSL/TLS scanning with SSLyze
GET method SQL injection with sqlmap
POST method SQL injection with sqlmap
Requesting a capture SQL injection with sqlmap
Automating CSRF testing
Validating command-injection vulnerabilities with HTTP traffic
Validating command-injection vulnerabilities with ICMP traffic
Chapter 10: Attacking the Browser with BeEF
Hooking the browser with BeEF
Collecting information with BeEF
Creating a persistent connection with BeEF
Integrating BeEF and Metasploit
Using the BeEF autorule engine
Chapter 11: Working with Sparta
Information gathering with Sparta
Creating custom commands for Sparta
Port scanning with Sparta
Fingerprinting with Sparta
Vulnerability scanning with Sparta
Web application scanning with Sparta
Chapter 12: Automating Kali Tools
Introduction 
Nmap greppable output analysis
Port scanning with NMAP NSE execution
Automate vulnerability scanning with NSE
Automate web application scanning with Nikto
Multithreaded MSF exploitation with reverse shell payload
Multithreaded MSF exploitation with backdoor executable
Multithreaded MSF exploitation with ICMP verification
Multithreaded MSF exploitation with admin account creation

Book Details

ISBN 139781787287907
Paperback634 pages
Read More

Read More Reviews