- Home /
- Shop All /
- Networking & Security /
- IT Fundamentals /
- (Reference Guide) Mastering Kali Linux for Advanced Penetration Testing, Second Edition
Book Description
This book will take you, as a tester or security practitioner through the journey of reconnaissance, vulnerability assessment, exploitation, and post-exploitation activities used by penetration testers and hackers.
We will start off by using a laboratory environment to validate tools and techniques, and using an application that supports a collaborative approach to penetration testing. Further we will get acquainted with passive reconnaissance with open source intelligence and active reconnaissance of the external and internal networks. We will also focus on how to select, use, customize, and interpret the results from a variety of different vulnerability scanners. Specific routes to the target will also be examined, including bypassing physical security and exfiltration of data using different techniques. You will also get to grips with concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections. Later you will learn the practical aspects of attacking user client systems by backdooring executable files. You will focus on the most vulnerable part of the network—directly and bypassing the controls, attacking the end user and maintaining persistence access through social media.
You will also explore approaches to carrying out advanced penetration testing in tightly secured environments, and the book's hands-on approach will help you understand everything you need to know during a Red teaming exercise or penetration testing.
What You Will Learn
- Select and configure the most effective tools from Kali Linux to test network security
- Employ stealth to avoid detection in the network being tested
- Recognize when stealth attacks are being used against your network
- Exploit networks and data systems using wired and wireless networks as well as web services
- Identify and download valuable data from target systems
- Maintain access to compromised systems
- Use social engineering to compromise the weakest part of the network—the end users
Table of Contents
1: Goal-Based Penetration Testing
- Conceptual overview of security testing
- Failure of classical vulnerability scanning, penetration testing, and Red Team Exercises
- The testing methodology
- Introduction to Kali Linux – history and purpose
- Installing and updating Kali Linux
- Using Kali Linux from a portable device
- Installing Kali into a virtual machine
- VirtualBox
- Installing to a Docker appliance
- Installing Kali to the cloud – creating an AWS instance
- Organizing Kali Linux
- Configuring and customizing Kali Linux
- Summary
2: Open Source Intelligence and Passive Reconnaissance
- Basic principles of reconnaissance
- Google Hacking Database
- Creating custom word lists for cracking passwords
- Summary
3: Active Reconnaissance of External and Internal Networks
- Stealth scanning strategies
- DNS reconnaissance and route mapping
- Employing comprehensive reconnaissance applications
- Identifying the external network infrastructure
- Mapping beyond the firewall
- IDS/IPS identification
- Enumerating hosts
- Port, operating system, and service discovery
- Writing your own port scanner using netcat
- Large scale scanning
- Summary
4: Vulnerability Assessment
- Vulnerability nomenclature
- Local and online vulnerability databases
- Vulnerability scanning with nmap
- Web application vulnerability scanners
- Vulnerability scanners for mobile applications
- The OpenVAS network vulnerability scanner
- Specialized scanners
- Threat modelling
- Summary
5: Physical Security and Social Engineering
- Methodology and attack methods
- Physical attacks at the console
- Creating a rogue physical device
- The Social Engineering Toolkit (SET)
- Hiding executables and obfuscating the attacker's URL
- Escalating an attack using DNS redirection
- Launching a phishing attack
- Summary
6: Wireless Attacks
- Configuring Kali for wireless attacks
- Wireless reconnaissance
- Bypassing a hidden service set identifier (SSID)
- Bypassing the MAC address authentication and open authentication
- Attacking WPA and WPA2
- Denial-of-service (DoS) attacks against wireless communications
- Compromising enterprise implementations of WPA/WPA2
- Working with Ghost Phisher
- Summary
7: Reconnaissance and Exploitation of Web-Based Applications
- Methodology
- Hackers mindmap
- Conducting reconnaissance of websites
- Client-side proxies
- Application-specific attacks
- Maintaining access with web shells
- Summary
8: Attacking Remote Access
- Exploiting vulnerabilities in communication protocols
- Attacking Secure Sockets Layer (SSL)
- Attacking an IPSec virtual private network
- Summary
9: Client-Side Exploitation
- Backdooring executable files
- Attacking a system using hostile scripts
- The Cross-Site Scripting framework
- The Browser Exploitation Framework (BeEF)
- Understanding BeEF browser
- Summary
10: Bypassing Security Controls
- Bypassing Network Access Control (NAC)
- Bypassing antivirus using different frameworks
- Bypassing application-level controls
- Bypassing Windows-specific operating system controls
- Summary
11: Exploitation
- The Metasploit framework
- Exploiting targets using MSF
- Exploiting multiple targets using MSF resource files
- Exploiting multiple targets with Armitage
- Using public exploits
- Developing a Windows exploit
- Summary
12: Action on the Objective
- Activities on the compromised local system
- Horizontal escalation and lateral movement
- Summary
13: Privilege Escalation
- Overview of common escalation methodology
- Local system escalation
- Credential harvesting and escalation attacks
- Escalating access rights in Active Directory
- Compromising Kerberos - the golden ticket attack
- Summary
14: Command and Control
- Using persistent agents
- Exfiltration of data
- Summary
SKU | 031026S |
---|---|
Weight | 2.6690 |
Coming Soon | No |
Days of Training | No |
Audience | Student |
Product Family | Partnerware |
Product Type | Print Courseware |
Electronic | No |
ISBN | 1787120235 |
Language | English |
Page Count | 502 |
Curriculum Library | Linux |
Year | No |
Manufacturer's Product Code | No |
Current Revision | 1.0 |
---|---|
Revision Notes | No Revision Information Available |
Original Publication Date | 2018-10-17 00:00:00 |
-
(Reference Guide) Mastering Kali Linux for Advanced Penetration Testing, Second Edition eBook
(031026SE) Student Digital Courseware$39.99