An error occured adding a product to your cart, you may only have 100 items in your cart.

Mastering Kali Linux for Advanced Penetration Testing

This book will make you an expert in Kali Linux penetration testing. It covers all the most advanced tools and techniques to reproduce the methods used by sophisticated hackers. Full of real-world examples – an indispensable manual.

Mastering Kali Linux for Advanced Penetration Testing

Robert W. Beggs
June 2014

1 customer reviews

Mapt Subscription

FREE

€29.98/m after trial

eBook

€21.00

RRP €29.98

Save 29%

Print + eBook

€40.99

RRP €40.99

What do I get with a Mapt Pro subscription?

Unlimited access to all Packt’s 5,000+ eBooks and Videos
Early Access content, Progress Tracking, and Assessments
1 Free eBook or Video to download and keep every month after trial

What do I get with an eBook?

Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with Print & eBook?

Get a paperback copy of the book delivered to you
Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with a Video?

Download this Video course in MP4 format
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

€0.00

€21.00

€40.99

€29.98p/m after trial

RRP €29.98

RRP €40.99

Subscription

eBook

Print + eBook

Start 30 Day Trial

Code Files

Preview in Mapt

Book Details

ISBN 139781782163121

Paperback356 pages

Book Description

Mastering Kali Linux for Advanced Penetration Testing will teach you the kill chain perspective in assessing network security—from selecting the most effective tools, to rapidly compromising network security, to highlighting the techniques used to avoid detection.

This book will take you, as a tester, through the reconnaissance, exploitation, and post-exploitation activities used by penetration testers and hackers. After learning the hands-on techniques to perform an effective and covert attack, specific routes to the target will be examined, including bypassing physical security. You will also get to grips with concepts such as social engineering, attacking wireless networks, web services, and remote access connections. Finally, you will focus on the most vulnerable part of the network—directly attacking the end user.

This book will provide all the practical knowledge needed to test your network's security using a proven hacker's methodology.

Chapter 1: Starting with Kali Linux

Kali Linux

Configuring network services and secure communications

Updating Kali Linux

Configuring and customizing Kali Linux

Managing third-party applications

Effective management of penetration tests

Summary

Chapter 2: Identifying the Target – Passive Reconnaissance

Basic principles of reconnaissance

Open Source intelligence

DNS reconnaissance and route mapping

Obtaining user information

Profiling users for password lists

Summary

Chapter 3: Active Reconnaissance and Vulnerability Scanning

Stealth scanning strategies

Identifying the network infrastructure

Enumerating hosts

Port, operating system, and service discovery

Employing comprehensive reconnaissance applications

Vulnerability scanning

Summary

Chapter 4: Exploit

Threat modeling

Using online and local vulnerability resources

Exploiting multiple targets with Armitage

Bypassing IDs and antivirus detection

Summary

Chapter 5: Post Exploit – Action on the Objective

Bypassing Windows User Account Control

Conducting a rapid reconnaissance of a compromised system

Finding and taking sensitive data – pillaging the target

Creating additional accounts

Using Metasploit for post-exploit activities

Escalating user privileges on a compromised host

Replaying authentication tokens using incognito

Accessing new accounts with horizontal escalation

Covering your tracks

Summary

Chapter 6: Post Exploit – Persistence

Compromising the existing system and application files for remote access

Using persistent agents

Maintaining persistence with the Metasploit Framework

Creating a standalone persistent agent with Metasploit

Redirecting ports to bypass network controls

Summary

Chapter 7: Physical Attacks and Social Engineering

Social Engineering Toolkit

Using the PowerShell alphanumeric shellcode injection attack

Hiding executables and obfuscating the attacker's URL

Escalating an attack using DNS redirection

Physical access and hostile devices

Summary

Chapter 8: Exploiting Wireless Communications

Configuring Kali for wireless attacks

Wireless reconnaissance

Bypassing a Hidden Service Set Identifier

Bypassing the MAC address authentication

Compromising a WEP encryption

Attacking WPA and WPA2

Cloning an access point

Denial-of-service attacks

Summary

Chapter 9: Reconnaissance and Exploitation of Web-based Applications

Conducting reconnaissance of websites

Vulnerability scanners

Testing security with client-side proxies

Server exploits

Application-specific attacks

Maintaining access with web backdoors

Summary

Chapter 10: Exploiting Remote Access Communications

Exploiting operating system communication protocols

Exploiting third-party remote access applications

Attacking Secure Sockets Layer

Attacking an IPSec Virtual Private Network

Summary

Chapter 11: Client-side Exploitation

Attacking a system using hostile scripts

The Cross-Site Scripting Framework

The Brower Exploitation Framework – BeEF

A walkthrough of the BeEF browser

Summary

What You Will Learn

Employ the methods used by real hackers effectively, to ensure the most effective penetration testing of your network
Select and configure the most effective tools from Kali Linux to test network security
Employ stealth to avoid detection in the network being tested
Recognize when stealthy attacks are being used against your network
Exploit networks and data systems using wired and wireless networks as well as web services
Identify and download valuable data from target systems
Maintain access to compromised systems
Use social engineering to compromise the weakest part of the network—the end users

Authors

Robert W. Beggs

Robert W. Beggs is the founder and CEO of Digital Defence, a company that specializes in preventing and responding to information security incidents. He has more than 15 years of experience in the technical leadership of security engagements, including penetration testing of wired and wireless networks, incident response, and data forensics.

Robert is a strong evangelist of security and is a cofounder of Toronto Area Security Klatch, the largest known vendor-independent security user group in North America. He is a member on the advisory board of the SecTor Security Conference as well as on several academic security programs. He is an enthusiastic security trainer and has taught graduates, undergraduates, and continuing education students courses in information security at several Canadian universities.

Robert holds an MBA in Science and Technology from Queen's University and is a Certified Information Systems Security Professional.

Chapter 1: Starting with Kali Linux

Kali Linux

Configuring network services and secure communications

Updating Kali Linux

Configuring and customizing Kali Linux

Managing third-party applications

Effective management of penetration tests

Summary

Chapter 2: Identifying the Target – Passive Reconnaissance

Basic principles of reconnaissance

Open Source intelligence

DNS reconnaissance and route mapping

Obtaining user information

Profiling users for password lists

Summary

Chapter 3: Active Reconnaissance and Vulnerability Scanning

Stealth scanning strategies

Identifying the network infrastructure

Enumerating hosts

Port, operating system, and service discovery

Employing comprehensive reconnaissance applications

Vulnerability scanning

Summary

Chapter 4: Exploit

Threat modeling

Using online and local vulnerability resources

Exploiting multiple targets with Armitage

Bypassing IDs and antivirus detection

Summary

Chapter 5: Post Exploit – Action on the Objective

Bypassing Windows User Account Control

Conducting a rapid reconnaissance of a compromised system

Finding and taking sensitive data – pillaging the target

Creating additional accounts

Using Metasploit for post-exploit activities

Escalating user privileges on a compromised host

Replaying authentication tokens using incognito

Accessing new accounts with horizontal escalation

Covering your tracks

Summary

Chapter 6: Post Exploit – Persistence

Compromising the existing system and application files for remote access

Using persistent agents

Maintaining persistence with the Metasploit Framework

Creating a standalone persistent agent with Metasploit

Redirecting ports to bypass network controls

Summary

Chapter 7: Physical Attacks and Social Engineering

Social Engineering Toolkit

Using the PowerShell alphanumeric shellcode injection attack

Hiding executables and obfuscating the attacker's URL

Escalating an attack using DNS redirection

Physical access and hostile devices

Summary

Chapter 8: Exploiting Wireless Communications

Configuring Kali for wireless attacks

Wireless reconnaissance

Bypassing a Hidden Service Set Identifier

Bypassing the MAC address authentication

Compromising a WEP encryption

Attacking WPA and WPA2

Cloning an access point

Denial-of-service attacks

Summary

Chapter 9: Reconnaissance and Exploitation of Web-based Applications

Conducting reconnaissance of websites

Vulnerability scanners

Testing security with client-side proxies

Server exploits

Application-specific attacks

Maintaining access with web backdoors

Summary

Chapter 10: Exploiting Remote Access Communications

Exploiting operating system communication protocols

Exploiting third-party remote access applications

Attacking Secure Sockets Layer

Attacking an IPSec Virtual Private Network

Summary

Chapter 11: Client-side Exploitation

Attacking a system using hostile scripts

The Cross-Site Scripting Framework

The Brower Exploitation Framework – BeEF

A walkthrough of the BeEF browser

Summary

Book Details

ISBN 139781782163121

Paperback356 pages

From 1 reviews

DEAL OF THE DAY

Sign up here to get exclusive deep discounts on our latest and bestselling eBooks, delivered straight to your inbox every day.

FREE LEARNING FOREVER

Master new IT skills and unlock valuable software & web development knowledge with a FREE eBook every day.

Recommended for You

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

€ 34.78

€ 6.96

Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

May 2012

414 pages

€ 6.96

Untangle Network Security

€ 26.38

€ 18.48

Untangle Network Security

Oct 2014

368 pages

€ 18.48

Web Penetration Testing with Kali Linux

€ 28.78

€ 20.16

Web Penetration Testing with Kali Linux

Sep 2013

342 pages

€ 20.16

Kali Linux - Assuring Security by Penetration Testing

€ 23.98

€ 16.80

Kali Linux - Assuring Security by Penetration Testing

Apr 2014

454 pages

€ 16.80

Kali Linux Cookbook

€ 22.78

€ 4.56

Network Analysis using Wireshark Cookbook

€ 28.78

€ 5.76

Network Analysis using Wireshark Cookbook

Dec 2013

452 pages

€ 5.76

Mastering Kali Linux for Advanced Penetration Testing

Mastering Kali Linux for Advanced Penetration Testing

Book Details

Book Description

Table of Contents

What You Will Learn