Book Image

Mastering Kali Linux for Advanced Penetration Testing, Second Edition - Second Edition

By : Vijay Kumar Velu
Book Image

Mastering Kali Linux for Advanced Penetration Testing, Second Edition - Second Edition

By: Vijay Kumar Velu

Overview of this book

This book will take you, as a tester or security practitioner through the journey of reconnaissance, vulnerability assessment, exploitation, and post-exploitation activities used by penetration testers and hackers. We will start off by using a laboratory environment to validate tools and techniques, and using an application that supports a collaborative approach to penetration testing. Further we will get acquainted with passive reconnaissance with open source intelligence and active reconnaissance of the external and internal networks. We will also focus on how to select, use, customize, and interpret the results from a variety of different vulnerability scanners. Specific routes to the target will also be examined, including bypassing physical security and exfiltration of data using different techniques. You will also get to grips with concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections. Later you will learn the practical aspects of attacking user client systems by backdooring executable files. You will focus on the most vulnerable part of the network—directly and bypassing the controls, attacking the end user and maintaining persistence access through social media. You will also explore approaches to carrying out advanced penetration testing in tightly secured environments, and the book's hands-on approach will help you understand everything you need to know during a Red teaming exercise or penetration testing

Related Content you might be interested in

Current Title:

Small book image
Mastering Kali Linux for Advanced Penetration Testing, Second Edition - Second Edition
Vijay Kumar Velu
Jun, 2017 | 510 pages
Small book image
Learn Penetration Testing
Rishalin Pillay
May, 2019 | 424 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Kali Linux 2018: Assuring Security by Penetration Testing
Lee Allen | Alex Samm | Shakeel Ali | Damian Boodoo | Tedi Heriyanto | Gerard Johansen | Shiva V N Parasram
Oct, 2018 | 528 pages
Table of Contents (15 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Goal-Based Penetration Testing
Goal-Based Penetration Testing
Conceptual overview of security testing
Classical failures of vulnerability scanning, penetration testing, and red team exercises
The testing methodology
Introduction to Kali Linux – history and purpose
Installing and updating Kali
Using Kali from a portable device
Installing Kali into a virtual machine
VirtualBox
Installing to a Docker appliance
Installing Kali to the cloud – creating an AWS instance
Organizing Kali
Configuring and customizing Kali
Summary
2
Open Source Intelligence and Passive Reconnaissance
Open Source Intelligence and Passive Reconnaissance
Basic principles of reconnaissance
Google Hacking Database
Creating custom word lists for cracking passwords
Summary
3
Active Reconnaissance of External and Internal Networks
Active Reconnaissance of External and Internal Networks
Stealth scanning strategies
DNS reconnaissance and route mapping
Employing comprehensive reconnaissance applications
Identifying the external network infrastructure
Mapping beyond the firewall
IDS/IPS identification
Enumerating hosts
Port, operating system, and service discovery
Writing your own port scanner using netcat
Large-scale scanning
Summary
4
Vulnerability Assessment
Vulnerability Assessment
Vulnerability nomenclature
Local and online vulnerability databases
Vulnerability scanning with nmap
Web application vulnerability scanners
Vulnerability scanners for mobile applications
The OpenVAS network vulnerability scanner
Specialized scanners
Threat modeling
Summary
5
Physical Security and Social Engineering
Physical Security and Social Engineering
Methodology and attack methods
Physical attacks at the console
Creating a rogue physical device
The Social Engineering Toolkit (SET)
Hiding executables and obfuscating the attacker's URL
Escalating an attack using DNS redirection
Launching a phishing attack
Summary
6
Wireless Attacks
Wireless Attacks
Configuring Kali for wireless attacks
Wireless reconnaissance
Bypassing a hidden SSID
Bypassing MAC address authentication and open authentication
Attacking WPA and WPA2
DoS attacks against wireless communications
Compromising enterprise implementations of WPA/WPA2
Working with Ghost Phisher
Summary
7
Reconnaissance and Exploitation of Web-Based Applications
Reconnaissance and Exploitation of Web-Based Applications
Methodology
Hackers mindmap
Conducting reconnaissance of websites
Client-side proxies
Application-specific attacks
Maintaining access with web shells
Summary
8
Attacking Remote Access
Attacking Remote Access
Exploiting vulnerabilities in communication protocols
Attacking Secure Sockets Layer (SSL)
Attacking an IPSec virtual private network
Summary
9
Client-Side Exploitation
Client-Side Exploitation
Backdooring executable files
Attacking a system using hostile scripts
The Cross-Site Scripting Framework (XSSF)
The Browser Exploitation Framework (BeEF)
Understanding the BeEF browser
Summary
10
Bypassing Security Controls
Bypassing Security Controls
Bypassing Network Access Control (NAC)
Bypassing antivirus using different frameworks
Bypassing application-level controls
Bypassing Windows-specific operating system controls
Summary
11
Exploitation
Exploitation
The Metasploit framework
Exploiting targets using Metasploit Framework
Exploiting multiple targets using Metasploit Framework resource files
Exploiting multiple targets with Armitage
Using public exploits
Developing a Windows exploit
Summary
12
Action on the Objective
Action on the Objective
Activities on the compromised local system
Horizontal escalation and lateral movement
Summary
13
Privilege Escalation
Privilege Escalation
Overview of common escalation methodology
Local system escalation
Credential harvesting and escalation attacks
Escalating access rights in Active Directory
Compromising Kerberos – the golden ticket attack
Summary
14
Command and Control
Command and Control
Using persistent agents
Exfiltration of data
Summary

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

  1. Log in or register to our website using your email address and password.
  2. Hover the mouse pointer on the SUPPORT tab at the top.
  3. Click on Code Downloads & Errata.
  4. Enter the name of the book in the Search box.
  5. Select the book for which you're looking to download the code files.
  6. Choose from the drop-down menu where you purchased this book from.
  7. Click on Code Download.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

  • WinRAR / 7-Zip for Windows
  • Zipeg / iZip / UnRarX for Mac
  • 7-Zip / PeaZip for Linux

The code bundle for the book is also hosted on GitHub at the following link:

https://github.com/PacktPublishing/Mastering-Kali-Linux-for-Advanced-Penetration-Testing-Second-Edition

We also have other code bundles from our rich catalog of books and videos available at
https://github.com/PacktPublishing/. Check them out!

Downloading the color images of this book

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

Previous Section
Next Chapter