Book Image

Penetration Testing with the Bash shell

By : Keith Harald Esrick Makan
Book Image

Penetration Testing with the Bash shell

By: Keith Harald Esrick Makan

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with the Bash shell
Keith Harald Esrick Makan
May, 2014 | 150 pages
No titles found
Table of Contents (13 chapters)
Penetration Testing with the Bash shell
Penetration Testing with the Bash shell
Credits
Credits
Disclaimer
Disclaimer
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Getting to Know Bash
Getting to Know Bash
Getting help from the man pages
Navigating and searching the filesystem
Using I/O redirection
Using pipes
Getting to know grep
Summary
Further reading
2
Customizing Your Shell
Customizing Your Shell
Formatting the terminal output
The prompt string
Aliases
Customizing the command history
Customizing tab completion
Summary
Further reading
3
Network Reconnaissance
Network Reconnaissance
Interrogating the Whois servers
Interrogating the DNS servers
Enumerating targets on the local network
Summary
Further reading
4
Exploitation and Reverse Engineering
Exploitation and Reverse Engineering
Using the Metasploit command-line interface
Preparing payloads with Metasploit
Creating and deploying a payload
Disassembling binaries
Debugging binaries for dynamic analysis
Summary
Further reading
5
Network Exploitation and Monitoring
Network Exploitation and Monitoring
MAC and ARP abuse
Man-in-the-middle attacks
Interrogating servers
Brute-forcing authentication
Traffic filtering with TCPDump
Assessing SSL implementation security
Automated web application security assessment
Summary
Further reading
Index
Index

Traffic filtering with TCPDump

TCPDump is one of the most prolifically used network traffic inspection tools used to date. It supports a number of rich information-driven features and just like the rest of the tools discussed in this book, it offers a purely command-line-driven interface. TCPDump allows you to filter network traffic for useful information. Here, we will be covering some basic usage. Later, we will move on to how to use TCPDump to inspect just the traffic you are interested it, and all this will be straight from the comfort of your trusty bash shell.

Getting started with TCPDump

To start off, let's look at the usage specification for TCPDump:

tcpdump [ -AbdDefhHIJKlLnNOpqRStuUvxX ] 
[ -B buffer_size ] [ -c count ] [ -C file_size ] 
[ -G rotate_seconds ] [ -F file ] 
[ -i interface ] [ -j tstamp_type ] [ -m module ] [ -M secret ] 
[ -Q in|out|inout ] [ -r file ] 
[ -V file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ]
[ -E spi@ipaddr algo:secret,... ] [ -y datalinktype...
Previous Section
End of Section 6
Next Section