Book Image

Kali Linux Cookbook

Book Image

Kali Linux Cookbook

Overview of this book

In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook
Oct, 2013 | 260 pages
No titles found
Table of Contents (16 chapters)
Kali Linux Cookbook
Kali Linux Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Up and Running with Kali Linux
Up and Running with Kali Linux
Introduction
Installing to a hard disk drive
Installing to a USB drive with persistent memory
Installing in VirtualBox
Installing VMware Tools
Fixing the splash screen
Starting network services
Setting up the wireless network
2
Customizing Kali Linux
Customizing Kali Linux
Introduction
Preparing kernel headers
Installing Broadcom drivers
Installing and configuring ATI video card drivers
Installing and configuring nVidia video card drivers
Applying updates and configuring extra security tools
Setting up ProxyChains
Directory encryption
3
Advanced Testing Lab
Advanced Testing Lab
Introduction
Getting comfortable with VirtualBox
Downloading Windows Targets
Downloading Linux Targets
Attacking WordPress and other applications
4
Information Gathering
Information Gathering
Introduction
Service enumeration
Determining network range
Identifying active machines
Finding open ports
Operating system fingerprinting
Service fingerprinting
Threat assessment with Maltego
Mapping the network
5
Vulnerability Assessment
Vulnerability Assessment
Introduction
Installing, configuring, and starting Nessus
Nessus – finding local vulnerabilities
Nessus – finding network vulnerabilities
Nessus – finding Linux-specific vulnerabilities
Nessus – finding Windows-specific vulnerabilities
Installing, configuring, and starting OpenVAS
OpenVAS – finding local vulnerabilities
OpenVAS – finding network vulnerabilities
OpenVAS – finding Linux-specific vulnerabilities
OpenVAS – finding Windows-specific vulnerabilities
6
Exploiting Vulnerabilities
Exploiting Vulnerabilities
Introduction
Installing and configuring Metasploitable
Mastering Armitage, the graphical management tool for Metasploit
Mastering the Metasploit Console (MSFCONSOLE)
Mastering the Metasploit CLI (MSFCLI)
Mastering Meterpreter
Metasploitable MySQL
Metasploitable PostgreSQL
Metasploitable Tomcat
Metasploitable PDF
Implementing browser_autopwn
7
Escalating Privileges
Escalating Privileges
Introduction
Using impersonation tokens
Local privilege escalation attack
Mastering the Social Engineering Toolkit (SET)
Collecting the victim's data
Cleaning up the tracks
Creating a persistent backdoor
Man In The Middle (MITM) attack
8
Password Attacks
Password Attacks
Introduction
Online password attacks
Cracking HTTP passwords
Gaining router access
Password profiling
Cracking a Windows password using John the Ripper
Using dictionary attacks
Using rainbow tables
Using nVidia Compute Unified Device Architecture (CUDA)
Using ATI Stream
Physical access attacks
9
Wireless Attacks
Wireless Attacks
Introduction
Wireless network WEP cracking
Wireless network WPA/WPA2 cracking
Automating wireless network cracking
Accessing clients using a fake AP
URL traffic manipulation
Port redirection
Sniffing network traffic
Index
Index

Installing, configuring, and starting OpenVAS

OpenVAS, the Open Vulnerability Assessment System, is an excellent framework that can be used to assess the vulnerabilities of our target. It is a fork of the Nessus project. Unlike Nessus, OpenVAS offers its feeds completely free of charge. As OpenVAS comes standard in Kali Linux, we will begin with configuration.

Getting ready

A connection to the Internet is required to complete this recipe.

How to do it...

Let's begin the process of installing, configuring, and starting OpenVAS by navigating to its directory via a terminal window:

  1. OpenVAS is installed by default and it only needs to be configured in order to be utilized.

  2. From a terminal window, change your directory to the OpenVAS directory:

    cd /usr/share/openvas/

  3. Execute the following command:

    openvas-mkcert

    What we are performing in this step is creating the SSL certificate for the OpenVAS program:

    1. Leave the default lifetime of the CA certificate as it is.

    2. Update the certificate lifetime to match...

Previous Section
End of Section 8
Next Section