Book Image

Kali Linux Cookbook - Second Edition

By : Corey P. Schultz, Bob Perciaccante
Book Image

Kali Linux Cookbook - Second Edition

By: Corey P. Schultz, Bob Perciaccante

Overview of this book

Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world’s most popular penetration testing distribution. Kali Linux is the most widely used platform and toolkit for penetration testing. Security is currently the hottest field in technology with a projected need for millions of security professionals. This book focuses on enhancing your knowledge in Kali Linux for security by expanding your skills with toolkits and frameworks that can increase your value as a security professional. Kali Linux Cookbook, Second Edition starts by helping you install Kali Linux on different options available. You will also be able to understand the lab architecture and install a Windows host for use in the lab. Next, you will understand the concept of vulnerability analysis and look at the different types of exploits. The book will introduce you to the concept and psychology of Social Engineering and password cracking. You will then be able to use these skills to expand the scope of any breaches you create. Finally, the book will guide you in exploiting specific technologies and gaining access to other systems in the environment. By the end of this book, you will have gained the core knowledge and concepts of the penetration testing process.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook - Second Edition
Corey P. Schultz | Bob Perciaccante
Sep, 2017 | 438 pages
Small book image
Password Cracking with Kali Linux
Daniel W Dieterle
Feb, 2024 | 213 pages
Small book image
Learn Kali Linux 2019
Glen D Singh
Nov, 2019 | 550 pages
Small book image
Learn Penetration Testing
Rishalin Pillay
May, 2019 | 424 pages
Table of Contents (11 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Readers feedback
Customer support
Free Chapter
1
Installing Kali and the Lab Setup
Installing Kali and the Lab Setup
Introduction
Lab architecture and considerations
Installing VirtualBox
Installing Kali on VirtualBox
Using Kali Linux from bootable media
Upgrading Kali Linux
Understanding the advanced customization and optimization of Kali
Installing Windows machines
Installing Metasploitable
Installing OWASP-BWA
Understanding hack me and other online resources
2
Reconnaissance and Scanning
Reconnaissance and Scanning
Introduction
Using KeepNote to organize our data
Getting up and running with Maltego CE
Gathering domain information
Gathering public IP information
Gathering external routing information
Gathering internal routing information
Gathering cloud service information
Identifying network hosts
Profiling hosts
Identifying whether there is a web application firewall
Using SNMP to gather more information
3
Vulnerability Analysis
Vulnerability Analysis
Introduction
Installation and configuration of OpenVAS
A basic vulnerability scanning with OpenVAS
Advanced vulnerability scanning with OpenVAS
Installation and Configuration of Nessus
A basic vulnerability scanning with Nessus
Advanced vulnerability scanning with Nessus
The installation and configuration of Nexpose
Basic vulnerability scanning with Nexpose
Advanced vulnerability scanning with Nexpose
4
Finding Exploits in the Target
Finding Exploits in the Target
Introduction
Searching the local exploit database
Searching the online exploit database
The Metasploit setup and configuration
The Armitage setup
Basic exploit attacks with Armitage
Advanced attacks with Armitage
Using the backdoor factory and Armitage
5
Social Engineering
Social Engineering
Introduction
Phishing attacks
Spear-phishing attacks
Credential harvesting with SET
Web jacking
PowerShell attack vector
QRCode attack vector
Infectious media generator
Obfuscating and manipulating URLs
DNS spoofing and ARP spoofing
DHCP spoofing
6
Password Cracking
Password Cracking
Introduction
Resetting local Windows machine password
Cracking remote Windows machine passwords
Windows domain password attacks
Cracking local Linux password hashes
Cracking password hashes with a wordlist
Brute force password hashes
Cracking FTP passwords
Cracking Telnet and SSH passwords
Cracking RDP and VNC passwords
Cracking ZIP file passwords
7
Privilege Escalation
Privilege Escalation
Introduction
Establishing a connection as an elevated user
Remotely bypassing Windows UAC
Local Linux system check for privilege escalation
Local Linux privilege escalation
Remote Linux privilege escalation
DirtyCOW privilege escalation for Linux
8
Wireless Specific Recipes
Wireless Specific Recipes
Introduction
Scanning for wireless networks
Bypassing MAC-based authentication
Breaking WEP encryption
Obtaining WPA/WPA2 keys
Exploiting guest access
Rogue AP deployment
Using wireless networks to scan internal networks
9
Web and Database Specific Recipes
Web and Database Specific Recipes
Introduction
Creating an offline copy of a web application
Scanning for vulnerabilities
Launching website attacks
Scanning WordPress
Hacking WordPress
Performing SQL injection attacks
10
Maintaining Access
Maintaining Access
Introduction
Pivoting and expanding access to the network
Using persistence to maintain system access
Using cymothoa to create a Linux backdoor
Protocol spoofing using pingtunnel
Protocol spoofing using httptunnel
Hiding communications with cryptcat

Password Cracking

In this chapter, we will cover the following topics:

  • Resetting local Windows machine password
  • Cracking remote Windows machine passwords
  • Windows domain password attacks
  • Cracking local Linux password hashes
  • Cracking password hashes with a wordlist
  • Brute force password hashes
  • Cracking FTP passwords
  • Cracking Telnet and SSH passwords
  • Cracking RDP and VNC passwords
  • Cracking ZIP file passwords
Previous Section
End of Section 1
Next Section