Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By : Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali
Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By: Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition
Gerard Johansen | Lee Allen | Tedi Heriyanto | Shakeel Ali
Sep, 2016 | 572 pages
No titles found
Table of Contents (24 chapters)
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Credits
Credits
Disclaimer
Disclaimer
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Beginning with Kali Linux
Beginning with Kali Linux
A brief history of Kali Linux
Kali Linux tool categories
Downloading Kali Linux
Using Kali Linux
Configuring the virtual machine
Updating Kali Linux
Network services in Kali Linux
Installing a vulnerable server
Installing additional weapons
Summary
2
Penetration Testing Methodology
Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
General penetration testing framework
Information gathering
The ethics
Summary
3
Target Scoping
Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
4
Information Gathering
Information Gathering
Open Source Intelligence
Using public resources
Querying the domain registration information
Analyzing the DNS records
Getting network routing information
Utilizing the search engine
Metagoofil
Accessing leaked information
Summary
5
Target Discovery
Target Discovery
Starting off with target discovery
Identifying the target machine
OS fingerprinting
Summary
6
Enumerating Target
Enumerating Target
Introducing port scanning
Understanding the TCP/IP protocol
Understanding the TCP and UDP message format
The network scanner
Unicornscan
Zenmap
Amap
SMB enumeration
SNMP enumeration
VPN enumeration
Summary
7
Vulnerability Mapping
Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Automated vulnerability scanning
Network vulnerability scanning
Web application analysis
Fuzz analysis
Database assessment tools
Summary
8
Social Engineering
Social Engineering
Modeling the human psychology
Attack process
Attack methods
Social Engineering Toolkit
Summary
9
Target Exploitation
Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
MSFConsole
MSFCLI
Ninja 101 drills
Writing exploit modules
Summary
10
Privilege Escalation
Privilege Escalation
Privilege escalation using a local exploit
Password attack tools
Network spoofing tools
Network sniffers
Summary
11
Maintaining Access
Maintaining Access
Using operating system backdoors
Working with tunneling tools
Creating web backdoors
Summary
12
Wireless Penetration Testing
Wireless Penetration Testing
Wireless networking
Wireless network recon
Wireless testing tools
Post cracking
Sniffing wireless traffic
Summary
13
Kali Nethunter
Kali Nethunter
Kali Nethunter
Installing Kali Nethunter
Nethunter icons
Nethunter tools
Third-party applications
Wireless attacks
HID attacks
Summary
14
Documentation and Reporting
Documentation and Reporting
Documentation and results verification
Types of reports
The executive report
The management report
The technical report
Network penetration testing report (sample contents)
Preparing your presentation
Post-testing procedures
Summary
Supplementary Tools
Supplementary Tools
Reconnaissance tool
Web application tools
Network tool
Summary
Key Resources
Key Resources
Vulnerability disclosure and tracking
Paid incentive programs
Reverse engineering resources
Penetration testing learning resources
Exploit development learning resources
Penetration testing on a vulnerable environment
Online web application challenges
Virtual machines and ISO images
Network ports
Index
Index

Using operating system backdoors

In simple terms, a backdoor is a method that allows us to maintain access to a target machine without using normal authentication processes and remaining undetected. In this section, we will discuss several tools that can be used as backdoors to the operating system.

Cymothoa

Cymothoa is a backdoor tool that allows you to inject its shellcode into an existing process. The reason for this is to disguise it as a regular process. The backdoor should be able to coexist with the injected process in order to not arouse the suspicion of the administrator. Injecting shellcode to the process also has another advantage; if the target system has security tools that only monitor the integrity of executable files but do not perform checks of the memory, the process's backdoor will not be detected.

To run Cymothoa, just type the following command:

cymothoa

You will see the Cymothoa helper page. The mandatory options are the process ID (PID) -p to be injected and the shellcode...

Previous Section
End of Section 2
Next Section