Book Image

Penetration Testing with Raspberry PI

Book Image

Penetration Testing with Raspberry PI

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with Raspberry PI
Jan, 2015 | 208 pages
No titles found
Table of Contents (14 chapters)
Penetration Testing with Raspberry Pi
Penetration Testing with Raspberry Pi
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Disclaimer
Disclaimer
Preface
Preface
Free Chapter
1
Raspberry Pi and Kali Linux Basics
Raspberry Pi and Kali Linux Basics
Purchasing a Raspberry Pi
Assembling a Raspberry Pi
Installing Kali Linux
Combining Kali Linux and Raspberry Pi
Cloning the Raspberry Pi SD card
Avoiding common problems
Summary
2
Preparing the Raspberry Pi
Preparing the Raspberry Pi
Raspberry Pi use cases
The Command and Control server
Preparing for a penetration test
Overclocking
Setting up wireless cards
Setting up a 3G USB modem with Kali Linux
Setting up the SSH service
SSH default keys and management
Reverse shell through SSH
Stunnel
Installing a Stunnel client
Wrapping it up with an example
Summary
3
Penetration Testing
Penetration Testing
Network scanning
Cracking WPA/WPA2
Getting data to the Pi
Driftnet
Tuning your network capture
Scripting tcpdump for future access
Beating HTTPS with SSLstrip
Summary
4
Raspberry Pi Attacks
Raspberry Pi Attacks
Exploiting a target
Metasploit
Social engineering
Phishing with BeEF
Rogue access honeypots
Summary
5
Ending the Penetration Test
Ending the Penetration Test
Covering your tracks
Masking your network footprint
Developing reports
Summary
6
Other Raspberry Pi Projects
Other Raspberry Pi Projects
PwnPi
Raspberry Pwn
PwnBerry Pi
Defending your network
Running Raspberry Pi on your PC with QEMU emulator
Other Raspberry Pi uses
More uses
Summary
Index
Index

Social engineering

Social engineering attacks are designed to trick a victim into providing information through misdirection or deceit. Attackers often pretend to be someone they are not, such as someone with authority or a family member, to gain a victim's trust. When they are successful, users might have given up passwords, access credentials, or other valuable secrets. There are stories about famous hackers who have been able to obtain intellectual property just by asking for it with a smile.

There are many tools that are available in Kali Linux to assist with a social engineering campaign; however, the most successful attacks are based on understanding your target audience and abusing their trust. For example, we have obtained sensitive information using fake accounts on social media sources such as LinkedIn and Facebook, which didn't require any advanced techniques to accomplish most of our goals. Other examples include calling somebody while pretending that you are an administrator...

Previous Section
End of Section 4
Next Section