Book Image

Kali Linux Cookbook

Book Image

Kali Linux Cookbook

Overview of this book

In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Cookbook
Oct, 2013 | 260 pages
No titles found
Table of Contents (16 chapters)
Kali Linux Cookbook
Kali Linux Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Up and Running with Kali Linux
Up and Running with Kali Linux
Introduction
Installing to a hard disk drive
Installing to a USB drive with persistent memory
Installing in VirtualBox
Installing VMware Tools
Fixing the splash screen
Starting network services
Setting up the wireless network
2
Customizing Kali Linux
Customizing Kali Linux
Introduction
Preparing kernel headers
Installing Broadcom drivers
Installing and configuring ATI video card drivers
Installing and configuring nVidia video card drivers
Applying updates and configuring extra security tools
Setting up ProxyChains
Directory encryption
3
Advanced Testing Lab
Advanced Testing Lab
Introduction
Getting comfortable with VirtualBox
Downloading Windows Targets
Downloading Linux Targets
Attacking WordPress and other applications
4
Information Gathering
Information Gathering
Introduction
Service enumeration
Determining network range
Identifying active machines
Finding open ports
Operating system fingerprinting
Service fingerprinting
Threat assessment with Maltego
Mapping the network
5
Vulnerability Assessment
Vulnerability Assessment
Introduction
Installing, configuring, and starting Nessus
Nessus – finding local vulnerabilities
Nessus – finding network vulnerabilities
Nessus – finding Linux-specific vulnerabilities
Nessus – finding Windows-specific vulnerabilities
Installing, configuring, and starting OpenVAS
OpenVAS – finding local vulnerabilities
OpenVAS – finding network vulnerabilities
OpenVAS – finding Linux-specific vulnerabilities
OpenVAS – finding Windows-specific vulnerabilities
6
Exploiting Vulnerabilities
Exploiting Vulnerabilities
Introduction
Installing and configuring Metasploitable
Mastering Armitage, the graphical management tool for Metasploit
Mastering the Metasploit Console (MSFCONSOLE)
Mastering the Metasploit CLI (MSFCLI)
Mastering Meterpreter
Metasploitable MySQL
Metasploitable PostgreSQL
Metasploitable Tomcat
Metasploitable PDF
Implementing browser_autopwn
7
Escalating Privileges
Escalating Privileges
Introduction
Using impersonation tokens
Local privilege escalation attack
Mastering the Social Engineering Toolkit (SET)
Collecting the victim's data
Cleaning up the tracks
Creating a persistent backdoor
Man In The Middle (MITM) attack
8
Password Attacks
Password Attacks
Introduction
Online password attacks
Cracking HTTP passwords
Gaining router access
Password profiling
Cracking a Windows password using John the Ripper
Using dictionary attacks
Using rainbow tables
Using nVidia Compute Unified Device Architecture (CUDA)
Using ATI Stream
Physical access attacks
9
Wireless Attacks
Wireless Attacks
Introduction
Wireless network WEP cracking
Wireless network WPA/WPA2 cracking
Automating wireless network cracking
Accessing clients using a fake AP
URL traffic manipulation
Port redirection
Sniffing network traffic
Index
Index

About the Reviewers

Daniel W. Dieterle has over 20 years of IT experience and has provided various levels of IT support to numerous companies from small businesses to large corporations. He enjoys computer security topics, and is an internationally published security author. Daniel regularly covers some of the latest computer security news and topics on his blog Cyberarms.wordpress.com. Daniel can be reached via e-mail at or @cyberarms on Twitter.

Silvio Cesar Roxo Giavaroto is a professor of Computer Network Security at the University Anhanguera São Paulo in Brazil. He has an MBA in Information Security, and is also a CEH (Certified Ethical Hacker). Silvio is also a maintainer of www.backtrackbrasil.com.br.

Adriano Gregório is fond of operating systems, whether for computers, mobile phones, laptops, and many more. He has been a Unix administrator since 1999, and is always working on various projects involving long networking and databases, and is currently focused on projects of physical security, and logical networks. He is being certified by MCSA and MCT Microsoft.

Javier Pérez Quezada is an I + D Director at Dreamlab Technologies. He is the founder and organizer of the 8.8 Computer Security Conference (www.8dot8.org). His specialties include: web security, penetration testing, ethical hacking, vulnerability assessment, wireless security, security audit source code, secure programming, security consulting, e-banking security, data protection consultancy, consulting ISO / IEC 27001, ITIL, OSSTMM version 3.0, BackTrack 4 and 5, and Kali Linux. He has certifications in: CSSA, CCSK, CEH, OPST, and OPSA. Javier is also an instructor at ISECOM OSSTMM for Latin America (www.isecom.org).

Ahmad Muammar WK is an independent IT security consultant and penetration tester. He has been involved in information security for more than 10 years. He is a founder of ECHO (http://echo.or.id/), one of the oldest Indonesian computer security communities, and also a founder of IDSECCONF (http://idsecconf.org) the biggest annual security conference in Indonesia. Ahmad is well known in the Indonesian computer security community. He also writes articles, security advisories, and publishes research on his blog, http://y3dips.echo.or.id.

Previous Section
Next Chapter