The face of hacking and cyber crime has dramatically transformed over the past couple of decades. At the end of the 20th century, many people had no idea what cyber crime was. Those people thought that hackers were malevolent mathematical geniuses that hid in the dimly lit basements and spoke in binary. But as of late, we have seen the rise of a whole new brand of hackers. Because of the public availability of hacking software and tools, the hacker of the new era could easily be your next-door neighbor, your local gas station attendant, or even your 12-year old child. Script kiddie tools such as the Low Orbit Ion Cannon (LOIC) have been used to launch massive Distributed Denial of Service (DDoS) attacks against large corporations and organizations. This free Windows download merely requires that you enter a target URL, and it also has a graphic interface that bears a striking resemblance to a space age video game.
In a world where hacking has become so easy that a child can do it, it is absolutely essential that organizations verify their own level of protection by having their networks tested using the same tools that cyber criminals use against them. But, the basic usage of these tools is not sufficient knowledge to be an effective information security professional. It is absolutely critical that information security professionals understand the techniques that are being employed by these tools, and why these techniques are able to exploit various vulnerabilities in a network or system. A knowledge of the basic underlying principles that explains how these common attack tools work enables one to effectively use them, but more importantly, it also contributes to one's ability to effectively identify such attacks and defend against them.
The intention of this book is to enumerate and explain the use of common attack tools that are available in the Kali Linux platform, but more importantly, this book also aims to address the underlying principles that define why these tools work. In addition to addressing the highly functional tools integrated into Kali Linux, we will also create a large number of Python and bash scripts that can be used to perform similar functions and/or to streamline existing tools. Ultimately, the intention of this book is to help forge stronger security professionals through a better understanding of their adversary.
Chapter 1, Getting Started, introduces the underlying principles and concepts that will be used throughout the remainder of the book.
Chapter 2, Discovery Scanning, covers techniques and scanning tools that can be used to identify live systems on a target network, by performing layer 2, layer 3, and layer 4 discovery.
Chapter 3, Port Scanning, includes techniques and scanning tools that can be used to enumerate running UDP and TCP services on a target system.
Chapter 4, Fingerprinting, explains techniques and scanning tools that can be used to identify the operating system and services running on a target system.
Chapter 5, Vulnerability Scanning, covers techniques and scanning tools that can be used to identify and enumerate potential vulnerabilities on a target system.
Chapter 6, Denial of Service, introduces techniques and attack tools that can be used to exploit denial of service vulnerabilities identified on a target system.
Chapter 7, Web Application Scanning, provides techniques and tools that can be used to identify and exploit web application vulnerabilities on a target system.
Chapter 8, Automating Kali Tools, introduces scripting techniques that can be used to streamline and automate the use of existing tools in Kali Linux.
To follow the exercises addressed in this book or to further explore on your own, you will need the following components:
A single personal computer (Mac, Windows, or Linux) with sufficient resources that can be shared across multiple virtual machines. At minimum, you should have 2 GB of RAM. It is recommended that for optimal performance, you use a system with 8 to 16 GB of RAM. Multiple processors and/or processor cores is also recommended.
If you are running a system with limited resources, try to minimize the number of virtual machines that are running simultaneously when completing the exercises
A virtualization software to run your security lab environment. Some of the available options include the following:
VMware Fusion (Mac OS X)
VMware Player (Windows)
Oracle VirtualBox (Windows, Mac OS X, or Linux)
Multiple operating systems to run in the security lab environment. Acquisition and installation of each of these will be discussed in detail in Chapter 1, Getting Started. The operating systems needed include the following:
Kali Linux
Metasploitable2
An Ubuntu server
Windows OS (Windows XP SP2 is recommended)
This book is intended for the following users:
Information technology professionals
Information security professionals
Casual security or technology enthusiasts
The book assumes that the reader has little to no familiarity with penetration testing, Linux, scripting, and TCP/IP networking. Each section in this book initially addresses the underlying principles, prior to discussing the techniques that employ them.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The ls command can be used to view the contents of the current directory."
A block of code is set as follows:
#! /usr/bin/python
name = raw_input("What is your name?\n")
print "Hello " + nameAny command-line input or output is written as follows:
# root@KaliLinux:~# ./test.py What is your name? Justin Hello Justin
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "Once you have opened VMware Player, you can select Create a New Virtual Machine to get started."
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book.