Kali Linux is the distro, which comes to mind when anyone thinks about penetration testing. Every year Kali is improved and updated with new tools making it more powerful. We see new exploits being released every day and with rapidly evolving technology, we have rapidly evolving attack vectors. This book aims to cover the approach to some of the unique scenarios a user may face while performing a pentest.
This book specifically focuses on using the Kali Linux to perform a pentest activity starting from information gathering till reporting. This book also covers recipes for testing wireless networks, web applications, and privilege escalations on both Windows and Linux machines and even exploiting vulnerabilities in software programs.
Chapter 1, Kali – An Introduction, covers installing of Kali with different desktop environments, and tweaking it a bit by installing a few custom tools.
Chapter 2, Gathering Intel and Planning Attack Strategies, covers recipes about collecting subdomains and other information about a target using multiple tools, such as Shodan, and so on.
Chapter 3, Vulnerability Assessment, talks about the methods of hunting for vulnerabilities on the data discovered during information gathering process.
Chapter 4, Web App Exploitation – Beyond OWASP Top 10, is about the exploitation of some of the unique vulnerabilities, such as serialization and server misconfiguration, and so on.
Chapter 5, Network Exploitation on Current Exploitation, focuses on different tools, which can be used to exploit vulnerabilities in a server running different services, such as Redis, MongoDB and so on, in the network.
Chapter 6, Wireless Attacks – Getting Past Aircrack-ng, teaching you some new tools to break into wireless networks, as well as using aircrack-ng.
Chapter 7, Password Attacks – The Fault in Their Stars, talks about identifying and cracking different types of hashes.
Chapter 8, Have Shell, Now What? covers different ways of escalating privilege on Linux and Windows-based machines and then getting inside that network using that machine as a gateway.
Chapter 9, Buffer Overflows, discusses exploiting different overflow vulnerabilities, such as SEH, stack-based overflows, egg hunting, and so on.
Chapter 10, Playing with Software-Defined Radios, focusses on exploring the world of frequencies and using different tools to monitor/view data traveling across different frequency bands.
Chapter 11, Kali in Your Pocket – NetHunters and Raspberries, talks about how we can install Kali Linux on portable devices, such as Raspberry Pi or a cellphone, and perform pentest using it.
Chapter 12, Writing Reports, covers the basics of writing a good quality report of the pentest activity once it has been performed.
The OS required is Kali Linux with at least 2 GB of RAM recommended and 20-40 GB of hard disk space.
The hardware needed for the device would be a RTLSDR device for Chapter 10, Playing with Software-Defined Radios and any of the devices mentioned in the following link for Chapter 11, Kali in Your Pocket – NetHunters and Raspberries:
https://www.offensive-security.com/kali-linux-nethunter-download/
We also require Alfa card for Chapter 6, Wireless Attacks – Getting Past Aircrack-ng.
This book is aimed at IT security professionals, pentesters and security analysts who have basic knowledge of Kali Linux and want to conduct advanced penetration testing techniques.
In this book, you will find several headings that appear frequently (Getting ready, How to do it…, How it works…, There's more…, and See also). To give clear instructions on how to complete a recipe, we use these sections as follows:
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
This section usually consists of a detailed explanation of what happened in the previous section.
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning. Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "To launch fierce, we type fierce -h to see the help menu."
A block of code is set as follows:
if (argc < 2)
{
printf("strcpy() NOT executed....\n");
printf("Syntax: %s <characters>\n", argv[0]);
exit(0);
} Any command-line input or output is written as follows:
fierce -dns host.com -threads 10New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "We right-click and navigate to Search for | All commands in all modules."
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you. You can download the code files by following these steps:
- Log in or register to our website using your e-mail address and password.
- Hover the mouse pointer on the
SUPPORTtab at the top. - Click on
Code Downloads & Errata. - Enter the name of the book in the
Searchbox. - Select the book for which you're looking to download the code files.
- Choose from the drop-down menu where you purchased this book from.
- Click on
Code Download.
You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account. Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
- WinRAR / 7-Zip for Windows
- Zipeg / iZip / UnRarX for Mac
- 7-Zip / PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Kali-Linux-An-Ethical-Hackers-Cookbook. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/KaliLinuxAnEthicalHackersCookbook_ColorImages.pdf.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title. To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy. Please contact us at [email protected] with a link to the suspected pirated material. We appreciate your help in protecting our authors and our ability to bring you valuable content.
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.