Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Kali Linux CTF Blueprints

By : Cameron Buchanan

4.5 (6)

Kali Linux CTF Blueprints

4.5 (6)

By: Cameron Buchanan

Overview of this book

Taking a highly practical approach and a playful tone, Kali Linux CTF Blueprints provides step-by-step guides to setting up vulnerabilities, in-depth guidance to exploiting them, and a variety of advice and ideas to build and customising your own challenges. If you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Reading guide

A warning

Conventions

Reader feedback

Customer support

Free Chapter

1. Microsoft Environments

1. Microsoft Environments

Creating a vulnerable machine

Creating a secure network

Hosting vulnerabilities

Scenario 1 – warming Adobe ColdFusion

Scenario 2 – making a mess with MSSQL

Scenario 3 – trivializing TFTP

Flag placement and design

Post-exploitation and pivoting

Exploitation guides

Challenge modes

Summary

2. Linux Environments

2. Linux Environments

Differences between Linux and Microsoft

Scenario 1 – learn Samba and other dance forms

Scenario 2 – turning on a LAMP

Scenario 3 – destructible distros

Scenario 4 – tearing it up with Telnet

Flag placement and design

Exploitation guides

Summary

3. Wireless and Mobile

3. Wireless and Mobile

Wireless environment setup

Scenario 1 – WEP, that's me done for the day

Scenario 2 – WPA-2

Scenario 3 – pick up the phone

Exploitation guides

Summary

4. Social Engineering

4. Social Engineering

Scenario 1 – maxss your haxss

Scenario 2 – social engineering: do no evil

Scenario 3 – hunting rabbits

Scenario 4 – I am a Stegosaurus

Exploitation guides

Summary

5. Cryptographic Projects

5. Cryptographic Projects

Crypto jargon

Scenario 1 – encode-ageddon

Scenario 2 – encode + Python = merry hell

Scenario 3 – RC4, my god, what are you doing?

Scenario 4 – Hishashin

Scenario 5 – because Heartbleed didn't get enough publicity as it is

Exploitation guides

Summary

6. Red Teaming

6. Red Teaming

Chapter guide

Scoring systems

Setting scenarios

Reporting

CTF-style variations

Scenario 1 – ladders, why did it have to be ladders?

Scenario 2 – that's no network, it's a space station

Summary

A. Appendix

A. Appendix

Further reading

Index

Index

Chapter 3. Wireless and Mobile

So I don't think it's possible to go to a conference these days and not see a talk on mobile or wireless. (They tend to schedule the streams to have both mobile and wireless talks at the same time—the sneaky devils. There is no escaping the wireless knowledge!) So, it makes sense that we work out some ways of training people how to skill up on these technologies. We're going to touch on some older vulnerabilities that you don't see very often, but as always, when you do, it's good to know how to insta-win.

In this chapter, we will specifically focus on the following topics:

Prerequisites for this chapter
Network setup
In-depth setup of a WEP network and dummy traffic
In-depth setup of a WPA-2 network for handshake capture
In-depth setup of vulnerable phones and devices
In-depth setup of a secondary vulnerable phone scenario
Exploit guides for all scenarios

Visually different images

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Kali Linux CTF Blueprints

Search

Your notes and bookmarks