Book Image

Applied Network Security

By : Arthur Salmon, Michael McLafferty, Warun Levesque
Book Image

Applied Network Security

By: Arthur Salmon, Michael McLafferty, Warun Levesque

Overview of this book

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network. The book begins by showing you how to identify malicious network behaviour and improve your wireless security. We will teach you what network sniffing is, the various tools associated with it, and how to scan for vulnerable wireless networks. Then we’ll show you how attackers hide the payloads and bypass the victim’s antivirus. Furthermore, we’ll teach you how to spoof IP / MAC address and perform an SQL injection attack and prevent it on your website. We will create an evil twin and demonstrate how to intercept network traffic. Later, you will get familiar with Shodan and Intrusion Detection and will explore the features and tools associated with it. Toward the end, we cover tools such as Yardstick, Ubertooth, Wifi Pineapple, and Alfa used for wireless penetration testing and auditing. This book will show the tools and platform to ethically hack your own network whether it is for your business or for your personal home Wi-Fi.
Table of Contents (18 chapters)

What this book covers

Chapter 1, Introduction to Network Security, talks about the fundamentals of network security while also covering the different ways physical security can be applied.

Chapter 2, Sniffing the Network, covers what network sniffing is and the various tools associated with it.

Chapter 3, How to Crack Wi-Fi Passwords, explains how to scan for vulnerable wireless networks.

Chapter 4, Creating a RAT Using Msfvenom, focuses on creating Remote Access Trojans (RATs) using msfvenom. This chapter will explain what a RAT is and how hackers use it.

Chapter 5, Veil Framework, works with the Veil Framework. This framework contains multiple tools to create payloads, hide payloads within executables or PDFs, deliver payloads, gather information, and allow for postexploitation.

Chapter 6, Social Engineering Toolkit and Browser Exploitation, explores how social engineering and browser exploitation impact cyber security.

Chapter 7, Advanced Network Attacks, focuses on building a solid understanding of advanced network attacks.

Chapter 8, Passing and Cracking the Hash, focuses on pass the hash attacks. After reading this chapter, the user will be able to define the characteristics of pass the hash attacks, identify what tools hackers use to pass the hash, and how to defend against this type of attack.

Chapter 9, SQL Injection, provides a better understanding of SQL injections and vulnerabilities. This chapter will include learning what hashes are, how they function within a network, defining SMB, how it operates within a network, learning what an SQL injection is, how it is used by attackers, examples of SQL injection methods, learning the basic website vulnerabilities involving injection attacks, and defense techniques against SQL injection attacks.

Chapter 10, Scapy, discusses a packet injection tool called scapy. We will be learning about packet structure, how network traffic operates, how packets in a network can be manipulated, and use Scapy to create custom packets to deliver your payload (data) to victim PC or network.

Chapter 11, Web Application Exploits, discusses various web application vulnerabilities and how hackers exploit them. We will also demonstrate powerful tools such as Autopwn and BeEF. These tools are used to exploit web applications.

Chapter 12, Evil Twins and Spoofing, covers concepts such as evil twins, ARP spoofing, and tools used for evil twin detection. We will go into greater detail about rouge access points and the purpose of address spoofing.

Chapter 13, Injectable Devices, explains what the Rubber Ducky is and how to upload the Rubber Ducky payload onto a victim machine while teaching us how to use Simple Ducky modules.

Chapter 14, The Internet of Things, discusses the Internet of Things (IoT) and how this emerging technological concept has changed network communication.

Chapter 15, Detection Systems, looks at various detection systems.

Chapter 16, Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra, introduces a new piece of penetration testing equipment called the Pineapple. This chapter also explains how the Pineapple is used to find vulnerabilities and conduct network penetration testing while focusing on how the Pineapple was setup and configured to connect online.

Chapter 17, Offensive Security and Threat Hunting, introduces new concepts and tools relating to offensive security and threat hunting. This chapter will build on the knowledge gained in the previous chapters, to create a better understanding of how to use offensive security methods.