Book Image

Learn Ethical Hacking from Scratch

By : Zaid Sabih
5 (1)
Book Image

Learn Ethical Hacking from Scratch

5 (1)
By: Zaid Sabih

Overview of this book

This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices. Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections. The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.

Related Content you might be interested in

Current Title:

Small book image
Learn Ethical Hacking from Scratch
Zaid Sabih
Jul, 2018 | 564 pages
Small book image
Learn Kali Linux 2019
Glen D Singh
Nov, 2019 | 550 pages
Small book image
Kali Linux Wireless Penetration Testing Beginner???s Guide
Vivek Ramachandran | Cameron Buchanan
Dec, 2017 | 210 pages
Small book image
Applied Network Security
Michael McLafferty | Warun Levesque | Arthur Salmon
Apr, 2017 | 350 pages
Table of Contents (24 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Introduction
Introduction
What's in this book?
What is hacking?
Why should we learn about hacking?
A glimpse of hacking
Summary
2
Setting Up a Lab
Setting Up a Lab
Lab overview
Installing Kali Linux
Installing Metasploitable
Installing Windows
Creating and using snapshots
Summary
3
Linux Basics
Linux Basics
Overview of Kali Linux
Linux commands
Updating resources
Summary
4
Network Penetration Testing
Network Penetration Testing
What is a network?
Network basics
Connecting to a wireless adapter
MAC addresses
Wireless modes – managed and monitor
Enabling monitor mode manually
Enabling monitor mode using airmon-ng
Summary
5
Pre-Connection Attacks
Pre-Connection Attacks
Packet sniffing basics
Targeted packet sniffing
Deauthentication attack
What is a fake access point?
Creating fake access points with the MANA Toolkit
Summary
6
Network Penetration Testing - Gaining Access
Network Penetration Testing - Gaining Access
WEP theory
Basic web cracking
Fake authentication attack
ARP request replay
WPA introduction
WPS cracking
Handshake theory
Capturing the handshake
Creating a wordlist
Wordlist cracking
Securing network from attacks
Summary
7
Post-Connection Attacks
Post-Connection Attacks
Post-connection attacks
Summary
8
Man-in-the-Middle Attacks
Man-in-the-Middle Attacks
Man-in-the–middle attacks
Wireshark
Summary
9
Network Penetration Testing, Detection, and Security
Network Penetration Testing, Detection, and Security
Detecting ARP poisoning
Detecting suspicious behavior
Summary
10
Gaining Access to Computer Devices
Gaining Access to Computer Devices
Introduction to gaining access
Sever-side attacks
Server-side attack basics
Server-side attacks – Metasploit basics
Metasploit remote code execution
Summary
11
Scanning Vulnerabilities Using Tools
Scanning Vulnerabilities Using Tools
Installing MSFC
MSFC scan
MSFC analysis
Installing Nexpose
Running Nexpose
Nexpose analysis
Summary
12
Client-Side Attacks
Client-Side Attacks
Client-side attacks
Installing Veil
Payloads overview
Generating a Veil backdoor
Listening for connections
Testing the backdoor
Fake bdm1 updates
Client-side attacks using the bdm2 BDFProxy
Protection against delivery methods
Summary
13
Client-Side Attacks - Social Engineering
Client-Side Attacks - Social Engineering
Client-side attacks using social engineering
Maltego overview
Social engineering – linking accounts
Social engineering – Twitter
Social engineering – emails
Social engineering – summary
Downloading and executing AutoIt
Changing the icon and compiling the payload
Changing extensions
Client-side attacks – TDM email spoofing
Summary
14
Attack and Detect Trojans with BeEF
Attack and Detect Trojans with BeEF
The BeEF tool
BeEF – hook using a MITMf
BeEF – basic commands
BeEF – Pretty Theft
BeEF – Meterpreter 1
Detecting Trojans manually
Detecting Trojans using a sandbox
Summary
15
Attacks Outside the Local Network
Attacks Outside the Local Network
Port forwarding
External backdoors
IP forwarding
External BeEF
Summary
16
Post Exploitation
Post Exploitation
An introduction to post exploitation
Meterpreter basics
Filesystem commands
Maintaining access by using simple methods
Maintaining access by using advanced methods
Keylogging
An introduction to pivoting
Pivoting autoroutes
Summary
17
Website Penetration Testing
Website Penetration Testing
What is a website?
Attacking a website
Summary
18
Website Pentesting - Information Gathering
Website Pentesting - Information Gathering
Information gathering using tools
Websites on the same server
Information gathering from target websites
Summary
19
File Upload, Code Execution, and File Inclusion Vulnerabilities
File Upload, Code Execution, and File Inclusion Vulnerabilities
File upload vulnerabilities
Code execution vulnerabilities
Local file inclusion vulnerabilities
Remote file inclusion using Metasploitable
Basic mitigation
Summary
20
SQL Injection Vulnerabilities
SQL Injection Vulnerabilities
What is SQL?
The dangers of SQLi
Discovering SQLi
SQLi authorization bypass
Discovering an SQLi using the GET method
Basic SELECT statements
Discovering tables
Reading columns and their data
Reading and writing files on the server
The sqlmap tool
Preventing SQLi
Summary
21
Cross-Site Scripting Vulnerabilities
Cross-Site Scripting Vulnerabilities
Introduction to XSS
Reflected XSS
Stored XSS
XSS BeEF exploitation
XSS protection
Summary
22
Discovering Vulnerabilities Automatically Using OWASP ZAP
Discovering Vulnerabilities Automatically Using OWASP ZAP
OWASP ZAP start
OWASP ZAP results
Summary
23
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Handshake theory

In the previous section, we saw how we can use the WPS feature in routers to crack the WPA key. This process is guaranteed to work on every WPS-enabled network; therefore, if your target uses WPA or WPA2 encryption and has WPS enabled, that should be the first method you try to crack the password with. If WPS is not enabled, however, we have to crack the actual WPA key. As we explained in the section on WPS cracking, in WPA, each packet is encrypted using a unique, temporary key, it's not like WEP, where IVs are repeated and we collect a large number of data packets with the same IVs. In each WPA packet, there is a temporary unique IV, even if we collect one million packets, these packets will not be useful for us—they do not contain any information that can help us determine the actual WPA key.

The only packets that contain information that can help...

Previous Section
End of Section 8
Next Section