Book Image

Kali Linux Cookbook - Second Edition

By : Corey Schultz, Bob Perciaccante
Book Image

Kali Linux Cookbook - Second Edition

By: Corey Schultz, Bob Perciaccante

Overview of this book

Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world’s most popular penetration testing distribution. Kali Linux is the most widely used platform and toolkit for penetration testing. Security is currently the hottest field in technology with a projected need for millions of security professionals. This book focuses on enhancing your knowledge in Kali Linux for security by expanding your skills with toolkits and frameworks that can increase your value as a security professional. Kali Linux Cookbook, Second Edition starts by helping you install Kali Linux on different options available. You will also be able to understand the lab architecture and install a Windows host for use in the lab. Next, you will understand the concept of vulnerability analysis and look at the different types of exploits. The book will introduce you to the concept and psychology of Social Engineering and password cracking. You will then be able to use these skills to expand the scope of any breaches you create. Finally, the book will guide you in exploiting specific technologies and gaining access to other systems in the environment. By the end of this book, you will have gained the core knowledge and concepts of the penetration testing process.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook - Second Edition
Corey Schultz | Bob Perciaccante
Sep, 2017 | 438 pages
Small book image
Spring 5.0 Projects
Nilang Patel
Feb, 2019 | 442 pages
Table of Contents (11 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Readers feedback
Customer support
Free Chapter
1
Installing Kali and the Lab Setup
Installing Kali and the Lab Setup
Introduction
Lab architecture and considerations
Installing VirtualBox
Installing Kali on VirtualBox
Using Kali Linux from bootable media
Upgrading Kali Linux
Understanding the advanced customization and optimization of Kali
Installing Windows machines
Installing Metasploitable
Installing OWASP-BWA
Understanding hack me and other online resources
2
Reconnaissance and Scanning
Reconnaissance and Scanning
Introduction
Using KeepNote to organize our data
Getting up and running with Maltego CE
Gathering domain information
Gathering public IP information
Gathering external routing information
Gathering internal routing information
Gathering cloud service information
Identifying network hosts
Profiling hosts
Identifying whether there is a web application firewall
Using SNMP to gather more information
3
Vulnerability Analysis
Vulnerability Analysis
Introduction
Installation and configuration of OpenVAS
A basic vulnerability scanning with OpenVAS
Advanced vulnerability scanning with OpenVAS
Installation and Configuration of Nessus
A basic vulnerability scanning with Nessus
Advanced vulnerability scanning with Nessus
The installation and configuration of Nexpose
Basic vulnerability scanning with Nexpose
Advanced vulnerability scanning with Nexpose
4
Finding Exploits in the Target
Finding Exploits in the Target
Introduction
Searching the local exploit database
Searching the online exploit database
The Metasploit setup and configuration
The Armitage setup
Basic exploit attacks with Armitage
Advanced attacks with Armitage
Using the backdoor factory and Armitage
5
Social Engineering
Social Engineering
Introduction
Phishing attacks
Spear-phishing attacks
Credential harvesting with SET
Web jacking
PowerShell attack vector
QRCode attack vector
Infectious media generator
Obfuscating and manipulating URLs
DNS spoofing and ARP spoofing
DHCP spoofing
6
Password Cracking
Password Cracking
Introduction
Resetting local Windows machine password
Cracking remote Windows machine passwords
Windows domain password attacks
Cracking local Linux password hashes
Cracking password hashes with a wordlist
Brute force password hashes
Cracking FTP passwords
Cracking Telnet and SSH passwords
Cracking RDP and VNC passwords
Cracking ZIP file passwords
7
Privilege Escalation
Privilege Escalation
Introduction
Establishing a connection as an elevated user
Remotely bypassing Windows UAC
Local Linux system check for privilege escalation
Local Linux privilege escalation
Remote Linux privilege escalation
DirtyCOW privilege escalation for Linux
8
Wireless Specific Recipes
Wireless Specific Recipes
Introduction
Scanning for wireless networks
Bypassing MAC-based authentication
Breaking WEP encryption
Obtaining WPA/WPA2 keys
Exploiting guest access
Rogue AP deployment
Using wireless networks to scan internal networks
9
Web and Database Specific Recipes
Web and Database Specific Recipes
Introduction
Creating an offline copy of a web application
Scanning for vulnerabilities
Launching website attacks
Scanning WordPress
Hacking WordPress
Performing SQL injection attacks
10
Maintaining Access
Maintaining Access
Introduction
Pivoting and expanding access to the network
Using persistence to maintain system access
Using cymothoa to create a Linux backdoor
Protocol spoofing using pingtunnel
Protocol spoofing using httptunnel
Hiding communications with cryptcat

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/KaliLinuxCookbookSecondEdition_ColorImages.pdf.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

Previous Section
Next Chapter