Book Image

Kali Linux - An Ethical Hacker's Cookbook

By : Himanshu Sharma
Book Image

Kali Linux - An Ethical Hacker's Cookbook

By: Himanshu Sharma

Overview of this book

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) according to your needs, and move on to core functionalities. This book will start with the installation and configuration of Kali Linux so that you can perform your tests. You will learn how to plan attack strategies and perform web application exploitation using tools such as Burp, and Jexboss. You will also learn how to perform network exploitation using Metasploit, Sparta, and Wireshark. Next, you will perform wireless and password attacks using tools such as Patator, John the Ripper, and airoscript-ng. Lastly, you will learn how to create an optimum quality pentest report! By the end of this book, you will know how to conduct advanced penetration testing thanks to the book’s crisp and task-oriented recipes.
Table of Contents (20 chapters)
Title Page
Credits
Disclaimer
About the Author
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
6
Wireless Attacks – Getting Past Aircrack-ng

Using Shodan for fun and profit


Shodan is the world's first search engine to search for devices connected to the internet. It was launched in 2009 by John Matherly. Shodan can be used to look up webcams, databases, industrial systems, video games, and so on. Shodan mostly collects data on the most popular web services running, such as HTTP, HTTPS, MongoDB, FTP, and many more.

Getting ready

To use Shodan we will need to create an account on Shodan.

How to do it...

To learn about Shodan, follow the given steps:

  1. Open your browser and visit https://www.shodan.io:
  1. We begin by performing a simple search for the FTP services running. To do this we can use the following Shodan dorks: port:"21". The following screenshot shows the search results:
  1. This search can be made more specific by specifying a particular country/organization: port:"21" country:"IN". The following screenshot shows the search results:
  1. We can now see all the FTP servers running in India; we can also see the servers that allow anonymous...