Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Kali Linux CTF Blueprints

By : Cameron Buchanan

4.5 (6)

Kali Linux CTF Blueprints

4.5 (6)

By: Cameron Buchanan

Overview of this book

Taking a highly practical approach and a playful tone, Kali Linux CTF Blueprints provides step-by-step guides to setting up vulnerabilities, in-depth guidance to exploiting them, and a variety of advice and ideas to build and customising your own challenges. If you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Reading guide

A warning

Conventions

Reader feedback

Customer support

Free Chapter

1. Microsoft Environments

1. Microsoft Environments

Creating a vulnerable machine

Creating a secure network

Hosting vulnerabilities

Scenario 1 – warming Adobe ColdFusion

Scenario 2 – making a mess with MSSQL

Scenario 3 – trivializing TFTP

Flag placement and design

Post-exploitation and pivoting

Exploitation guides

Challenge modes

Summary

2. Linux Environments

2. Linux Environments

Differences between Linux and Microsoft

Scenario 1 – learn Samba and other dance forms

Scenario 2 – turning on a LAMP

Scenario 3 – destructible distros

Scenario 4 – tearing it up with Telnet

Flag placement and design

Exploitation guides

Summary

3. Wireless and Mobile

3. Wireless and Mobile

Wireless environment setup

Scenario 1 – WEP, that's me done for the day

Scenario 2 – WPA-2

Scenario 3 – pick up the phone

Exploitation guides

Summary

4. Social Engineering

4. Social Engineering

Scenario 1 – maxss your haxss

Scenario 2 – social engineering: do no evil

Scenario 3 – hunting rabbits

Scenario 4 – I am a Stegosaurus

Exploitation guides

Summary

5. Cryptographic Projects

5. Cryptographic Projects

Crypto jargon

Scenario 1 – encode-ageddon

Scenario 2 – encode + Python = merry hell

Scenario 3 – RC4, my god, what are you doing?

Scenario 4 – Hishashin

Scenario 5 – because Heartbleed didn't get enough publicity as it is

Exploitation guides

Summary

6. Red Teaming

6. Red Teaming

Chapter guide

Scoring systems

Setting scenarios

Reporting

CTF-style variations

Scenario 1 – ladders, why did it have to be ladders?

Scenario 2 – that's no network, it's a space station

Summary

A. Appendix

A. Appendix

Further reading

Index

Index

Chapter 6. Red Teaming

We have come to the final chapter, dear readers. Maybe this is a misnomer, but in the context of the book, it kind of makes sense. Ordinarily, red teaming refers to a holistic approach to testing. It's debated whether this is the best, worst, or just another form of testing. I'm using it as a term for bringing together all the earlier types of testing that I've covered.

This last chunky portion will cover two full implementations of the stuff I've told you so far, so you can copy, I mean, learn from them and design your own challenges. I will cover sections from each of the earlier chapters and show them in a working environment. I will also present some alternative ideas, suggest further opportunities, and cry a bit at the end when I've finally finished. In this chapter, we will cover the following in detail:

Scoring systems
Setting the scenario
Reporting examples
Variations for assault courses
The missile silo scenario
The vulnerability...

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Kali Linux CTF Blueprints

Search

Your notes and bookmarks