Kali Linux Intrusion and Exploitation Cookbook

Kali Linux Intrusion and Exploitation Cookbook

By : Dhruv Shah, Ishan Girdhar

Buy this Book

Kali Linux Intrusion and Exploitation Cookbook

By: Dhruv Shah, Ishan Girdhar

Buy this Book

Overview of this book

With the increasing threats of breaches and attacks on critical infrastructure, system administrators and architects can use Kali Linux 2.0 to ensure their infrastructure is secure by finding out known vulnerabilities and safeguarding their infrastructure against unknown vulnerabilities. This practical cookbook-style guide contains chapters carefully structured in three phases – information gathering, vulnerability assessment, and penetration testing for the web, and wired and wireless networks. It's an ideal reference guide if you’re looking for a solution to a specific problem or learning how to use a tool. We provide hands-on examples of powerful tools/scripts designed for exploitation. In the final section, we cover various tools you can use during testing, and we help you create in-depth reports to impress management. We provide system engineers with steps to reproduce issues and fix them.

Title Page

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Customer Feedback

Preface

Free Chapter

Getting Started - Setting Up an Environment

Introduction

Installing Kali Linux on Cloud - Amazon AWS

Installing Kali Linux on Docker

Installing NetHunter on OnePlus One

Installing Kali Linux on a virtual machine

Customizing Kali Linux for faster package updates

Customizing Kali Linux for faster operations

Configuring remote connectivity services - HTTP, TFTP, and SSH

Configuring Nessus and Metasploit

Configuring third-party tools

Installing Docker on Kali Linux

Network Information Gathering

Introduction

Discovering live servers over the network

Bypassing IDS/IPS/firewall

Discovering ports over the network

Using unicornscan for faster port scanning

Service fingerprinting

Determining the OS using nmap and xprobe2

Service enumeration

Open-source information gathering

Network Vulnerability Assessment

Introduction

Using nmap for manual vulnerability assessment

Integrating nmap with Metasploit

Walkthrough of Metasploitable assessment with Metasploit

Vulnerability assessment with OpenVAS framework

Network Exploitation

Introduction

Gathering information for credential cracking

Cracking FTP login using custom wordlist

Cracking SSH login using custom wordlist

Cracking HTTP logins using custom wordlist

Cracking MySql and PostgreSQL login using custom wordlist

Cracking Cisco login using custom wordlist

Exploiting vulnerable services (Unix)

Exploiting vulnerable services (Windows)

Exploiting services using exploit-db scripts

Web Application Information Gathering

Introduction

Setting up API keys for recon-ng

Using recon-ng for reconnaissance

Gathering information using theharvester

Using DNS protocol for information gathering

Web application firewall detection

HTTP and DNS load balancer detection

Discovering hidden files/directories using DirBuster

CMS and plugins detection using WhatWeb and p0f

Finding SSL cipher vulnerabilities

Web Application Vulnerability Assessment

Introduction

Running vulnerable web applications in Docker

Using W3af for vulnerability assessment

Using Nikto for web server assessment

Using Skipfish for vulnerability assessment

Using Burp Proxy to intercept HTTP traffic

Using Burp Intruder for customized attack automation

Using Burp Sequencer to test the session randomness

Web Application Exploitation

Introduction

Using Burp for active/passive scanning

Using sqlmap to find SQL Injection on the login page

Exploiting SQL Injection on URL parameters using SQL Injection

Using Weevely for file upload vulnerability

Exploiting Shellshock using Burp

Using Metasploit to exploit Heartbleed

Using the FIMAP tool for file inclusion attacks (RFI/LFI)

System and Password Exploitation

Introduction

Using local password-attack tools

Cracking password hashes

Using Social-Engineering Toolkit

Using BeEF for browser exploitation

Cracking NTLM hashes using rainbow tables

Privilege Escalation and Exploitation

Introduction

Using WMIC to find privilege-escalation vulnerabilities

Sensitive-information gathering

Unquoted service-path exploitation

Service permission issues

Misconfigured software installations/insecure file permissions

Linux privilege escalation

Wireless Exploitation

Introduction

Setting up a wireless network

Bypassing MAC address filtering

Sniffing network traffic

Cracking WEP encryption

Cracking WPA/WPA2 encryption

Cracking WPS

Denial-of-service attacks

Pen Testing 101 Basics

Introduction

What is penetration testing?

What is vulnerability assessment

Penetration testing versus vulnerability assessment

Objectives of penetration testing

Types of penetration testing

Who should be doing penetration testing?

What is the goal here?

General penetration testing phases

Conclusion

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Introduction

In this chapter, we will look at how to detect live servers and network devices over the network, and perform service fingerprinting and enumeration for information gathering. Gathering information is of the utmost importance for a successful vulnerability assessment and penetration test. Moving forward, we will run scanners to find vulnerabilities in the detected services. Along with that, we will write bash scripts so that we can speed up the process of discovery-enumerate-scan.

Kali Linux Intrusion and Exploitation Cookbook

By : Dhruv Shah, Ishan Girdhar

Kali Linux Intrusion and Exploitation Cookbook

By: Dhruv Shah, Ishan Girdhar

Overview of this book

Related Content you might be interested in

Current Title:

Kali Linux Intrusion and Exploitation Cookbook

Machine Learning with Spark

Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux - An Ethical Hacker's Cookbook

Introduction