Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By : Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali
Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By: Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition
Gerard Johansen | Lee Allen | Tedi Heriyanto | Shakeel Ali
Sep, 2016 | 572 pages
No titles found
Table of Contents (24 chapters)
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Credits
Credits
Disclaimer
Disclaimer
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Beginning with Kali Linux
Beginning with Kali Linux
A brief history of Kali Linux
Kali Linux tool categories
Downloading Kali Linux
Using Kali Linux
Configuring the virtual machine
Updating Kali Linux
Network services in Kali Linux
Installing a vulnerable server
Installing additional weapons
Summary
2
Penetration Testing Methodology
Penetration Testing Methodology
Types of penetration testing
Vulnerability assessment versus penetration testing
Security testing methodologies
General penetration testing framework
Information gathering
The ethics
Summary
3
Target Scoping
Target Scoping
Gathering client requirements
Preparing the test plan
Profiling test boundaries
Defining business objectives
Project management and scheduling
Summary
4
Information Gathering
Information Gathering
Open Source Intelligence
Using public resources
Querying the domain registration information
Analyzing the DNS records
Getting network routing information
Utilizing the search engine
Metagoofil
Accessing leaked information
Summary
5
Target Discovery
Target Discovery
Starting off with target discovery
Identifying the target machine
OS fingerprinting
Summary
6
Enumerating Target
Enumerating Target
Introducing port scanning
Understanding the TCP/IP protocol
Understanding the TCP and UDP message format
The network scanner
Unicornscan
Zenmap
Amap
SMB enumeration
SNMP enumeration
VPN enumeration
Summary
7
Vulnerability Mapping
Vulnerability Mapping
Types of vulnerabilities
Vulnerability taxonomy
Automated vulnerability scanning
Network vulnerability scanning
Web application analysis
Fuzz analysis
Database assessment tools
Summary
8
Social Engineering
Social Engineering
Modeling the human psychology
Attack process
Attack methods
Social Engineering Toolkit
Summary
9
Target Exploitation
Target Exploitation
Vulnerability research
Vulnerability and exploit repositories
Advanced exploitation toolkit
MSFConsole
MSFCLI
Ninja 101 drills
Writing exploit modules
Summary
10
Privilege Escalation
Privilege Escalation
Privilege escalation using a local exploit
Password attack tools
Network spoofing tools
Network sniffers
Summary
11
Maintaining Access
Maintaining Access
Using operating system backdoors
Working with tunneling tools
Creating web backdoors
Summary
12
Wireless Penetration Testing
Wireless Penetration Testing
Wireless networking
Wireless network recon
Wireless testing tools
Post cracking
Sniffing wireless traffic
Summary
13
Kali Nethunter
Kali Nethunter
Kali Nethunter
Installing Kali Nethunter
Nethunter icons
Nethunter tools
Third-party applications
Wireless attacks
HID attacks
Summary
14
Documentation and Reporting
Documentation and Reporting
Documentation and results verification
Types of reports
The executive report
The management report
The technical report
Network penetration testing report (sample contents)
Preparing your presentation
Post-testing procedures
Summary
Supplementary Tools
Supplementary Tools
Reconnaissance tool
Web application tools
Network tool
Summary
Key Resources
Key Resources
Vulnerability disclosure and tracking
Paid incentive programs
Reverse engineering resources
Penetration testing learning resources
Exploit development learning resources
Penetration testing on a vulnerable environment
Online web application challenges
Virtual machines and ISO images
Network ports
Index
Index

OS fingerprinting

After we know that the target machine is alive, we can then find out the operating system used by the target machine. This method is commonly known as Operating System (OS) fingerprinting. There are two methods of doing OS fingerprinting: active and passive.

In the active method, the tool sends network packets to the target machine and then determines the OS of the target machine based on the analysis done on the response it has received. The advantage of this method is that the fingerprinting process is fast. However, the disadvantage is that the target machine may notice our attempt to get its operating system's information.

To overcome the active method's disadvantage, there is a passive method of OS fingerprinting. This method was pioneered by Michal Zalewsky when he released a tool called p0f. The major advantage of passive OS fingerprinting is that it does the work while reducing the interaction between the testing machine and the target, greatly increasing the stealth...

Previous Section
End of Section 4
Next Section