Mastering Kali Linux for Advanced Penetration Testing

This book will make you an expert in Kali Linux penetration testing. It covers all the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. Full of real-world examples – an indispensable manual.

Mastering Kali Linux for Advanced Penetration Testing

Mastering
Robert W. Beggs

1 customer reviews
This book will make you an expert in Kali Linux penetration testing. It covers all the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. Full of real-world examples – an indispensable manual.
$32.99
$54.99
RRP $32.99
RRP $54.99
eBook
Print + eBook

Instantly access this course right now and get the skills you need in 2016

With unlimited access to a constantly growing library of over 3,500 courses, a subscription to Mapt gives you everything you need to get that next promotion or to land that dream job. Cancel anytime.

Code Files
+ Collection
Free Sample

Book Details

ISBN 139781782163121
Paperback356 pages

Book Description

Mastering Kali Linux for Advanced Penetration Testing will teach you the kill chain perspective in assessing network security—from selecting the most effective tools, to rapidly compromising network security, to highlighting the techniques used to avoid detection.

This book will take you, as a tester, through the reconnaissance, exploitation, and post-exploitation activities used by penetration testers and hackers. After learning the hands-on techniques to perform an effective and covert attack, specific routes to the target will be examined, including bypassing physical security. You will also get to grips with concepts such as social engineering, attacking wireless networks, web services, and remote access connections. Finally, you will focus on the most vulnerable part of the network—directly attacking the end user.

This book will provide all the practical knowledge needed to test your network's security using a proven hacker's methodology.

Table of Contents

Chapter 1: Starting with Kali Linux
Kali Linux
Configuring network services and secure communications
Updating Kali Linux
Configuring and customizing Kali Linux
Managing third-party applications
Effective management of penetration tests
Summary
Chapter 2: Identifying the Target – Passive Reconnaissance
Basic principles of reconnaissance
Open Source intelligence
DNS reconnaissance and route mapping
Obtaining user information
Profiling users for password lists
Summary
Chapter 3: Active Reconnaissance and Vulnerability Scanning
Stealth scanning strategies
Identifying the network infrastructure
Enumerating hosts
Port, operating system, and service discovery
Employing comprehensive reconnaissance applications
Vulnerability scanning
Summary
Chapter 4: Exploit
Threat modeling
Using online and local vulnerability resources
Exploiting multiple targets with Armitage
Bypassing IDs and antivirus detection
Summary
Chapter 5: Post Exploit – Action on the Objective
Bypassing Windows User Account Control
Conducting a rapid reconnaissance of a compromised system
Finding and taking sensitive data – pillaging the target
Creating additional accounts
Using Metasploit for post-exploit activities
Escalating user privileges on a compromised host
Replaying authentication tokens using incognito
Accessing new accounts with horizontal escalation
Covering your tracks
Summary
Chapter 6: Post Exploit – Persistence
Compromising the existing system and application files for remote access
Using persistent agents
Maintaining persistence with the Metasploit Framework
Creating a standalone persistent agent with Metasploit
Redirecting ports to bypass network controls
Summary
Chapter 7: Physical Attacks and Social Engineering
Social Engineering Toolkit
Using the PowerShell alphanumeric shellcode injection attack
Hiding executables and obfuscating the attacker's URL
Escalating an attack using DNS redirection
Physical access and hostile devices
Summary
Chapter 8: Exploiting Wireless Communications
Configuring Kali for wireless attacks
Wireless reconnaissance
Bypassing a Hidden Service Set Identifier
Bypassing the MAC address authentication
Compromising a WEP encryption
Attacking WPA and WPA2
Cloning an access point
Denial-of-service attacks
Summary
Chapter 9: Reconnaissance and Exploitation of Web-based Applications
Conducting reconnaissance of websites
Vulnerability scanners
Testing security with client-side proxies
Server exploits
Application-specific attacks
Maintaining access with web backdoors
Summary
Chapter 10: Exploiting Remote Access Communications
Exploiting operating system communication protocols
Exploiting third-party remote access applications
Attacking Secure Sockets Layer
Attacking an IPSec Virtual Private Network
Summary
Chapter 11: Client-side Exploitation
Attacking a system using hostile scripts
The Cross-Site Scripting Framework
The Brower Exploitation Framework – BeEF
A walkthrough of the BeEF browser
Summary

What You Will Learn

  • Employ the methods used by real hackers effectively, to ensure the most effective penetration testing of your network
  • Select and configure the most effective tools from Kali Linux to test network security
  • Employ stealth to avoid detection in the network being tested
  • Recognize when stealthy attacks are being used against your network
  • Exploit networks and data systems using wired and wireless networks as well as web services
  • Identify and download valuable data from target systems
  • Maintain access to compromised systems
  • Use social engineering to compromise the weakest part of the network—the end users

Authors

Table of Contents

Chapter 1: Starting with Kali Linux
Kali Linux
Configuring network services and secure communications
Updating Kali Linux
Configuring and customizing Kali Linux
Managing third-party applications
Effective management of penetration tests
Summary
Chapter 2: Identifying the Target – Passive Reconnaissance
Basic principles of reconnaissance
Open Source intelligence
DNS reconnaissance and route mapping
Obtaining user information
Profiling users for password lists
Summary
Chapter 3: Active Reconnaissance and Vulnerability Scanning
Stealth scanning strategies
Identifying the network infrastructure
Enumerating hosts
Port, operating system, and service discovery
Employing comprehensive reconnaissance applications
Vulnerability scanning
Summary
Chapter 4: Exploit
Threat modeling
Using online and local vulnerability resources
Exploiting multiple targets with Armitage
Bypassing IDs and antivirus detection
Summary
Chapter 5: Post Exploit – Action on the Objective
Bypassing Windows User Account Control
Conducting a rapid reconnaissance of a compromised system
Finding and taking sensitive data – pillaging the target
Creating additional accounts
Using Metasploit for post-exploit activities
Escalating user privileges on a compromised host
Replaying authentication tokens using incognito
Accessing new accounts with horizontal escalation
Covering your tracks
Summary
Chapter 6: Post Exploit – Persistence
Compromising the existing system and application files for remote access
Using persistent agents
Maintaining persistence with the Metasploit Framework
Creating a standalone persistent agent with Metasploit
Redirecting ports to bypass network controls
Summary
Chapter 7: Physical Attacks and Social Engineering
Social Engineering Toolkit
Using the PowerShell alphanumeric shellcode injection attack
Hiding executables and obfuscating the attacker's URL
Escalating an attack using DNS redirection
Physical access and hostile devices
Summary
Chapter 8: Exploiting Wireless Communications
Configuring Kali for wireless attacks
Wireless reconnaissance
Bypassing a Hidden Service Set Identifier
Bypassing the MAC address authentication
Compromising a WEP encryption
Attacking WPA and WPA2
Cloning an access point
Denial-of-service attacks
Summary
Chapter 9: Reconnaissance and Exploitation of Web-based Applications
Conducting reconnaissance of websites
Vulnerability scanners
Testing security with client-side proxies
Server exploits
Application-specific attacks
Maintaining access with web backdoors
Summary
Chapter 10: Exploiting Remote Access Communications
Exploiting operating system communication protocols
Exploiting third-party remote access applications
Attacking Secure Sockets Layer
Attacking an IPSec Virtual Private Network
Summary
Chapter 11: Client-side Exploitation
Attacking a system using hostile scripts
The Cross-Site Scripting Framework
The Brower Exploitation Framework – BeEF
A walkthrough of the BeEF browser
Summary

Book Details

ISBN 139781782163121
Paperback356 pages
Read More
From 1 reviews

Read More Reviews