Index
A
- advanced footprinting
- using / Using advanced footprinting
- scan, interpreting / Interpreting the scan and building on the result
- poor patch management, exploiting / Exploiting poor patch management
- logged in user, checking for / Finding out whether anyone is home
- Antivirus
- evading, Backdoor-Factory used / Using Backdoor-Factory to Evade Antivirus
- Armitage
- about / Arm yourself with Armitage
- Find Attacks / Arm yourself with Armitage
- Hail Mary / Arm yourself with Armitage
- single known host, working with / Working with a single known host
- new machines discovering, NMap used / Discovering new machines with NMap
- attack path
- creating / Creating the attack path
- system, grabbing on target / Grabbing system on the target
- route, setting up / Setting Up the route
- inner network, exploring / Exploring the inner network
- Windows NET USE command, abusing / Abusing the Windows NET USE command
- Autopsy
- about / Diving into Autopsy
- using / Diving into Autopsy
- URL / Diving into Autopsy
- case, creating / Diving into Autopsy
- host, adding / Diving into Autopsy
- disk image, adding / Diving into Autopsy
- files, verifying / Diving into Autopsy
- verifiable hash, setting up / Diving into Autopsy
- image, adding / Diving into Autopsy
- example / Diving into Autopsy
B
- Backdoor-Factory
- used, for evading Antivirus / Using Backdoor-Factory to Evade Antivirus
- Boolean logic
- about / Working with Boolean logic
- While loop structure, reviewing / Reviewing a while loop structure
- For loop structure, reviewing / Reviewing the for loop structure
- buffer overflows
- reducing / Reducing buffer overflows
- bug
- about / Demystifying debuggers
- Burp Spider
- used, for spidering site / Spidering a site with Burp Spider
- Burp Suite
- using, for search / Search and destroy with Burp Suite
- using, for destroy / Search and destroy with Burp Suite
- about / Search and destroy with Burp Suite
- test subject, targeting / Targeting the test subject
- using, as proxy / Using Burp Suite as a Proxy
- security certificate, installing / Installing the Burp Suite security certificate
- site, spidering with Burp Spider / Spidering a site with Burp Spider
C
- Capstone
- disassembling code, creating / Create your own disassembling code with Capstone
- URL / Create your own disassembling code with Capstone
- Casefile
- about / Using Maltego
- Case structures
- chntpw
- used, for owing registry / Owning the registry with chntpw
- Classless Inter-Domain Routing (CIDR)
- about / Using Unicorn-Scan
- URL / Discovering new machines with NMap
- clearev / Exploring the inner network
- command-line application
- Command Line Interface (CLI)
- about / Zenmap
- commands
- $audit_suidsgid / Getting help in Weevely
- $audit_phpconf / Getting help in Weevely
- $audit_etcpasswd / Getting help in Weevely
- $audit_filesystem / Getting help in Weevely
- $shell_php / Getting help in Weevely
- $shell_sh / Getting help in Weevely
- $shell_su / Getting help in Weevely
- $system_extensions / Getting help in Weevely
- $system_info / Getting help in Weevely
- $backdoor_reversetcp / Getting help in Weevely
- $backdoor_tcp / Getting help in Weevely
- $bruteforce_sql / Getting help in Weevely
- $file_cd / Getting help in Weevely
- $file_grep / Getting help in Weevely
- $file_find / Getting help in Weevely
- $file_rm / Getting help in Weevely
- $file_cp / Getting help in Weevely
- $file_zip / Getting help in Weevely
- $file_enum / Getting help in Weevely
- $file_check / Getting help in Weevely
- $file_edit / Getting help in Weevely
- $file_upload2web / Getting help in Weevely
- $file_gzip / Getting help in Weevely
- $file_download / Getting help in Weevely
- $file_touch / Getting help in Weevely
- $file_webdownload / Getting help in Weevely
- $file_ls / Getting help in Weevely
- $file_read / Getting help in Weevely
- $file_mount / Getting help in Weevely
- $file_bzip2 / Getting help in Weevely
- $file_tar / Getting help in Weevely
- $file_upload / Getting help in Weevely
- $sql_console / Getting help in Weevely
- $sql_dump / Getting help in Weevely
- $net_scan / Getting help in Weevely
- $net_curl / Getting help in Weevely
- $net_proxy / Getting help in Weevely
- $net_ifconfig / Getting help in Weevely
- $net_phpproxy / Getting help in Weevely
- core commands
- ? / Starting Metasploit
- previous / Starting Metasploit
- back / Starting Metasploit
- pushm / Starting Metasploit
- banner / Starting Metasploit
- quit / Starting Metasploit
- cd / Starting Metasploit
- reload_all / Starting Metasploit
- color / Starting Metasploit
- rename_job / Starting Metasploit
- connect / Starting Metasploit
- resource / Starting Metasploit
- edit / Starting Metasploit
- route / Starting Metasploit
- exit / Starting Metasploit
- save / Starting Metasploit
- get / Starting Metasploit
- search / Starting Metasploit
- getg / Starting Metasploit
- sessions / Starting Metasploit
- go_pro / Starting Metasploit
- set / Starting Metasploit
- grep / Starting Metasploit
- setg / Starting Metasploit
- help / Starting Metasploit
- show / Starting Metasploit
- info / Starting Metasploit
- sleep / Starting Metasploit
- irb / Starting Metasploit
- spool / Starting Metasploit
- jobs / Starting Metasploit
- threads / Starting Metasploit
- kill / Starting Metasploit
- unload / Starting Metasploit
- load / Starting Metasploit
- unset / Starting Metasploit
- loadpath / Starting Metasploit
- unsetg / Starting Metasploit
- makerc / Starting Metasploit
- use / Starting Metasploit
- popm / Starting Metasploit
- version / Starting Metasploit
- Core FTP
- about / Basic sniffing with tcpdump
- cross-site scripting
- quick solutions / Quick solutions to cross-site scripting
- CsiTool / Robbing the Hives with samdump2
D
- database back-end commands
- creds / Starting Metasploit
- db_status / Starting Metasploit
- db_connect / Starting Metasploit
- hosts / Starting Metasploit
- db_disconnect / Starting Metasploit
- loot / Starting Metasploit
- db_export / Starting Metasploit
- notes / Starting Metasploit
- db_import / Starting Metasploit
- services / Starting Metasploit
- db_nmap / Starting Metasploit
- vulns / Starting Metasploit
- db_rebuild_cache / Starting Metasploit
- workspace / Starting Metasploit
- data structures
- about / Working with Boolean logic
- Debian Ncurses
- about / Running Kali from the live CD
- debuggers
- about / Practicing reverse engineering
- demystifying / Demystifying debuggers
- Valgrind Debugger, using / Using the Valgrind Debugger to discover memory leaks
- app, translating to assembler with EDB-Debugger / Translating your app to assembler with the EDB-Debugger
- OllyDbg, executing / Running OllyDbg
- Decision Points
- about / Working with Boolean logic
- decision points
- Denial
- about / Dealing with Denial
- Denial of Service (DoS)
- Digital Forensics
- about / Getting into Digital Forensics
- disassemblers
- about / Introduction to disassemblers
- JAD, executing / Running JAD
- disassembling code, creating with Capstone / Create your own disassembling code with Capstone
- disassembly tool
- about / Practicing reverse engineering
- domain error spoofing / Spoofing network traffic
- domain spoofing / Spoofing network traffic
- Dradis
- Dropbox
- about / The Dropbox
E
- EDB-Debugger
- app, translating to assembler / Translating your app to assembler with the EDB-Debugger
- symbol mapper / EDB-Debugger symbol mapper
- email spoofing / Spoofing network traffic
- encrypted USB drive
- Kali Linux, installing / Installing Kali Linux to an encrypted USB drive
- EtherApe
- about / Monkeying around the network
- executing / Monkeying around the network
- Etherape
- installing / EtherApe – the graphical protocol analysis tool
- configuring / EtherApe – the graphical protocol analysis tool
- Ettercap
- about / Ettercap
- using, on command line / Using Ettercap on the command line
- executable
- replacing / Replacing the executable
F
- Footprinting
- about / Footprinting the network
- Forensics
- Kali, using / Starting Kali for Forensics
- online resources / Mounting image files
- For loop
- structure, reviewing / Reviewing the for loop structure
- decision points / Understanding the decision points
G
- Gedit
- installing / Gedit – the Gnome text editor
- configuring / Gedit – the Gnome text editor
- gedit
- getsystem / Gaining access with Metasploit
- Graphical Installer
- about / Running Kali from the live CD
- Guymager
- about / Exploring Guymager
- exploring / Exploring Guymager
- drive, acquiring for legal evidence / Acquiring a drive to be legal evidence
- used, for cloning / Cloning With Guymager
H
- .htaccess
- about / Concept of .htaccess
- hosts command
- Htop
- used, for monitoring resource use / Monitoring resource use with Htop
I
- If structures
- image files
- mounting / Mounting image files
- incrementer
- about / Reviewing the for loop structure
- internal command / Getting help in Weevely
- Intrusion Detection System (IDS)
- about / Zenmap
- intrusion detection system (IDS) / Phoning Home with Metasploit
- IP spoofing / Spoofing network traffic
J
- JAD
- executing / Running JAD
- URL / Running JAD
- Johnny
- about / My friend Johnny
- using / My friend Johnny
- Johnny Cracking Tool / Exploiting poor patch management
- John the Ripper
- about / John the Ripper (command line)
- using / John the Ripper (command line)
K
- Kali
- URL / Prerequisites for installation, Running Kali from the live CD
- executing / Running Kali from the live CD
- used, for Forensics / Starting Kali for Forensics
- Kali 2.x
- Main Menu, customizing / Adding a tool to the main menu in Kali 2.x
- Kali Linux
- installing, to encrypted USB drive / Installing Kali Linux to an encrypted USB drive
- prerequisites, for installation / Prerequisites for installation
- booting up / Booting Up
- configuration, installing / Installing configuration
- drive, setting up / Setting up the drive
- installation, booting / Booting your new installation of Kali
- services, executing / Running services on Kali Linux
- security tools / Exploring the Kali Linux Top 10 and more
- KeepNote
L
- Leafpad
- about / Gedit – the Gnome text editor
- Live Forensic mode
- about / Starting Kali for Forensics
- local privilege escalation
- standalone tool, using / Local privilege escalation with a standalone tool
- Local Security Authority (LSA) / Phoning Home with Metasploit
M
- Maltego
- about / Using Maltego
- using / Using Maltego
- man-in-the-middle attack (MitM) / Sniffing and spoofing network traffic
- Metasploit
- about / Installing Kali Linux to an encrypted USB drive, Basic sniffing with tcpdump
- version, selecting / Choosing the right version of Metasploit
- starting / Starting Metasploit
- used, for gaining access / Gaining access with Metasploit
- used, for Phoning Home / Phoning Home with Metasploit
- Meterpreter session / Exploiting poor patch management
- micoOLAP
- msfconsole / Phoning Home with Metasploit
- msfvenom / Phoning Home with Metasploit
N
- NAC (Network Access Controller)
- cracking / Cracking the NAC (Network Access Controller)
- NetCat (Ncat)
- used, for maintaining access / Maintaining access with Ncat
- NET USE command / Abusing the Windows NET USE command
- network
- mapping, to pivot / Mapping the network to pivot
- network footprinting
- about / Footprinting the network
- network exploring, with Nmap / Exploring the network with Nmap
- Zenmap / Zenmap
- network range, scanning / Scanning a network range
- network range
- difference verbosity makes, viewing / The difference verbosity makes
- scanning / Scanning a network range
- NMap
- used, for discovering new machines / Discovering new machines with NMap
- Nmap
- network, exploring / Exploring the network with Nmap
- URL, for downloading / Exploring the network with Nmap
- URL / Scanning a network range
O
- Object Relational Model (ORM) / Avoiding SQL injection
- Offensives Security's exploit
- reference link / Replacing the executable
- OllyDbg
- executing / Running OllyDbg
- OpenVAS
- about / Running Kali from the live CD, A return to OpenVAS
- setting up / Setting up and configuring OpenVAS
- configuring / Setting up and configuring OpenVAS
- considerations / A return to OpenVAS
- executing / A return to OpenVAS
- OWASP SQL injection
- URL / Avoiding SQL injection
- OWASP Top 10 Proactive Controls Document
- OWASP ZAP
- used, for zinging Windows servers / Zinging Windows servers with OWASP ZAP
- using, as attack proxy / Using ZAP as an attack proxy
- interface, reading / Reading the ZAP interface
P
- Packet Capture File / Basic sniffing with tcpdump
- passphrase
- about / Setting up the drive
- password attack
- planning / Password attack planning
- NTLM code, cracking / Cracking the NTLM code (Revisited)
- password lists, using / Password lists
- password lists, cleaning / Cleaning a password list
- Paterva
- URL / Using Maltego
- Payment Card Industry Digital Security Standard
- persistent connections
- about / Maintaining access
- Phoning Home
- about / Maintaining access
- pivot
- about / Using the pivot
- using / Using the pivot
- network, mapping / Mapping the network to pivot
- poor patch management
- exploiting / Exploiting poor patch management
- privilege escalation
- physical access, using / Escalating privileges with physical access
- samdump2 tool, used for robbing hives / Robbing the Hives with samdump2
- registry, owing with chntpw / Owning the registry with chntpw
- privileges
- escalating, with physical access / Escalating privileges with physical access
- proxy
- Burp Suite, using as / Using Burp Suite as a Proxy
- proxy listener / Using Burp Suite as a Proxy
R
- Radare2
- executing / Running Radare2
- about / Running Radare2
- URL / Running Radare2
- Radare2 tool suite
- about / Additional members of the Radare2 tool suite
- rasm2, executing / Running rasm2
- rahash2, executing / Running rahash2
- radiff2, executing / Running radiff2
- rafind2, executing / Running rafind2
- rax2, executing / Running rax2
- radiff2
- executing / Running radiff2
- rafind2
- executing / Running rafind2
- rahash2
- executing / Running rahash2
- rasm2
- executing / Running rasm2
- rax2
- executing / Running rax2
- rdesktop
- remote access
- maintaining / Maintaining access
- tracks, covering / Covering our tracks
- maintaining, Ncat used / Maintaining access with Ncat
- Metasploit, used for Phoning Home / Phoning Home with Metasploit
- resource use
- monitoring, with Htop / Monitoring resource use with Htop
- reverse engineering
- practicing / Practicing reverse engineering
- debuggers, demystifying / Demystifying debuggers
- disassemblers / Introduction to disassemblers
- tools / Some miscellaneous reverse engineering tools
- Radare2 tool suite / Additional members of the Radare2 tool suite
- reverse engineering theory
- about / Reverse engineering theory
- general theory / One general theory of reverse engineering
- reverse engineering tools
- about / Some miscellaneous reverse engineering tools
- Radare2, executing / Running Radare2
- Robots.txt / Concept of Robots.txt
S
- samdump2 tool
- used, for robbing hive registry / Robbing the Hives with samdump2
- security tools
- Aircrack-ng / Exploring the Kali Linux Top 10 and more
- Burpsuite / Exploring the Kali Linux Top 10 and more
- (THC)Hydra / Exploring the Kali Linux Top 10 and more
- John (the Ripper) / Exploring the Kali Linux Top 10 and more
- Maltego / Exploring the Kali Linux Top 10 and more
- Metasploit Framework / Exploring the Kali Linux Top 10 and more
- NMap / Exploring the Kali Linux Top 10 and more
- Owasp-ZAP / Exploring the Kali Linux Top 10 and more
- SqlMap / Exploring the Kali Linux Top 10 and more
- Wireshark / Exploring the Kali Linux Top 10 and more
- Seige
- about / Putting the network under Siege
- services
- executing, on Kali Linux / Running services on Kali Linux
- services command
- Session ID Number / Grabbing system on the target
- Siege engine
- configuring / Configuring your Siege engine
- Simple Service Discovery Protocol (SSDP)
- about / Using Unicorn-Scan
- Sleuth Kit Informer
- URL / Diving into Autopsy
- sniffing network traffic
- about / Sniffing and spoofing network traffic, Sniffing network traffic
- tcpdump, basic sniffing with / Basic sniffing with tcpdump
- with WinDump / More basic sniffing with WinDump (Windows tcpdump)
- packet hunting, with Wireshark / Packet hunting with Wireshark
- packet, dissecting / Dissecting the packet, Swimming with Wireshark
- Social-Engineering Attacks / Creating a Spear-Phishing Attack with the Social Engineering Toolkit
- Social Engineering Toolkit (SET)
- about / Creating a Spear-Phishing Attack with the Social Engineering Toolkit
- used, for creating Spear-Phishing Attack / Creating a Spear-Phishing Attack with the Social Engineering Toolkit
- Spear-Phishing Attack Vectors
- spidering / Using ZAP as an attack proxy
- spoofing network traffic
- about / Sniffing and spoofing network traffic, Spoofing network traffic
- email spoofing / Spoofing network traffic
- domain spoofing / Spoofing network traffic
- domain error spoofing / Spoofing network traffic
- IP spoofing / Spoofing network traffic
- Ettercap / Ettercap
- Ettercap, using on command line / Using Ettercap on the command line
- SQL injection
- avoiding / Avoiding SQL injection
- standalone tool
- used, for local privilege escalation / Local privilege escalation with a standalone tool
- stress-testing Windows
- about / Stresstesting Windows
- Denial / Dealing with Denial
- network, in Seige / Putting the network under Siege
- Siege engine, configuring / Configuring your Siege engine
T
- Tcpdump
- technical debt
- about / Demystifying debuggers
- Terminator
- configuring / Terminator – the terminal emulator for multitasking
- installing / Terminator – the terminal emulator for multitasking
- terms of service (TOS) / Creating a Spear-Phishing Attack with the Social Engineering Toolkit
- test environment
- setting up / Setting up a test environment
- victim machine(s), creating / Creating your victim machine(s)
- testing / Testing your testing environment
- tests
- reporting / Reporting the tests
- reporting, with KeepNote / KeepNote – the standalone document organizer
- reporting, with Dradis / Dradis – the web-based document organizer
- tools
- selecting / Choosing the appropriate time and tool
- Transform Application Server (TAS)
- about / Using Maltego
U
- Unicorn-Scan
- about / Using Unicorn-Scan
- using / Using Unicorn-Scan
V
- Valgrind Debugger
- used, for discovering memory leaks / Using the Valgrind Debugger to discover memory leaks
W
- Wander / Basic sniffing with tcpdump
- webscape
- about / Surveying the webscape
- Robots.txt / Concept of Robots.txt
- .htaccess / Concept of .htaccess
- cross-site scripting, quick solutions / Quick solutions to cross-site scripting
- buffer overflows, reducing / Reducing buffer overflows
- SQL injection, avoiding / Avoiding SQL injection
- Weevely
- about / Weaseling in with Weevely, Preparing to use Weevely
- using, preparation steps / Preparing to use Weevely
- agent, creating / Creating an agent
- testing, locally / Testing Weevely locally
- testing, on Windows Server / Testing Weevely on a Windows server
- commands / Getting help in Weevely
- Weevely, testing on Windows Server
- about / Testing Weevely on a Windows server
- help command, running / Getting help in Weevely
- system info, obtaining / Getting the system info
- filesystem commands, using / Using filesystem commands in Weevely
- writing, into files / Writing into files
- While loop
- structure, reviewing / Reviewing a while loop structure
- Windows NET USE command
- abusing / Abusing the Windows NET USE command
- Windows user, adding from command line / Adding a Windows user from the command line
- Windows Server
- Weevely, testing / Testing Weevely on a Windows server
- Windows user
- adding, from command line / Adding a Windows user from the command line
- WinDump
- Windump.exe
- WinPcap.exe
- Wireshark
- about / Basic sniffing with tcpdump
- packet hunting with / Packet hunting with Wireshark
- packet, dissecting / Dissecting the packet, Swimming with Wireshark
- workspaces
- creating / Creating workspaces to organize your attack
X
Z
- Zenmap
- about / Zenmap