Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kali Linux 2018: Assuring Security by Penetration Testing
  • Table Of Contents Toc
Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing - Fourth Edition

By : Shiva V. N. Parasram, Alex Samm, Boodoo, Gerard Johansen, Lee Allen, Heriyanto, Ali
5 (1)
Buy this Book
close
close
Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing

5 (1)
By: Shiva V. N. Parasram, Alex Samm, Boodoo, Gerard Johansen, Lee Allen, Heriyanto, Ali
Buy this Book

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply the appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in successful penetration testing project engagement. This fourth edition of Kali Linux 2018: Assuring Security by Penetration Testing starts with the installation of Kali Linux. You will be able to create a full test environment to safely practice scanning, vulnerability assessment, and exploitation. You’ll explore the essentials of penetration testing by collecting relevant data on the target network with the use of several footprinting and discovery tools. As you make your way through the chapters, you’ll focus on specific hosts and services via scanning and run vulnerability scans to discover various risks and threats within the target, which can then be exploited. In the concluding chapters, you’ll apply techniques to exploit target systems in order to gain access and find a way to maintain that access. You’ll also discover techniques and tools for assessing and attacking devices that are not physically connected to the network, including wireless networks. By the end of this book, you will be able to use NetHunter, the mobile version of Kali Linux, and write a detailed report based on your findings.
Table of Contents (17 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Installing and Configuring Kali Linux
Icon
Installing and Configuring Kali Linux
Icon
Technical requirements
Icon
Kali Linux tool categories
Icon
Downloading Kali Linux
Icon
Using Kali Linux
Icon
Configuring the virtual machine
Icon
Updating Kali Linux
Icon
Setting up Kali Linux AMI on Amazon AWS Cloud
Icon
Summary
Icon
Questions
Icon
Further reading
2
Setting Up Your Test Lab
Icon
Setting Up Your Test Lab
Icon
Technical requirements
Icon
Physical or virtual?
Icon
Setting up a Windows environment in a VM
Icon
Installing vulnerable servers
Icon
Installing additional tools in Kali Linux
Icon
Network services in Kali Linux
Icon
Additional labs and resources
Icon
Summary
Icon
Questions
Icon
Further reading
3
Penetration Testing Methodology
Icon
Penetration Testing Methodology
Icon
Technical requirements
Icon
Penetration testing methodology
Icon
General penetration testing framework
Icon
Summary
4
Footprinting and Information Gathering
Icon
Footprinting and Information Gathering
Icon
Open Source Intelligence
Icon
Using public resources
Icon
Querying the domain registration information
Icon
Analyzing the DNS records
Icon
Getting network routing information
Icon
Utilizing the search engine
Icon
Google Hacking Database (GHDB)
Icon
Metagoofil
Icon
Automated footprinting and information gathering tools
Icon
Summary
Icon
Questions
Icon
Further reading
5
Scanning and Evasion Techniques
Icon
Scanning and Evasion Techniques
Icon
Technical requirements
Icon
Starting off with target discovery
Icon
Identifying the target machine
Icon
OS fingerprinting
Icon
Introducing port scanning
Icon
Understanding TCP/IP protocol
Icon
Understanding TCP and UDP message formats
Icon
The network scanner
Icon
Scanning with Netdiscover
Icon
Automated scanning with Striker
Icon
Anonymity using Nipe
Icon
Summary
Icon
Questions
Icon
Further Reading
6
Vulnerability Scanning
Icon
Vulnerability Scanning
Icon
Technical requirements
Icon
Types of vulnerabilities
Icon
Vulnerability taxonomy
Icon
Automated vulnerability scanning
Icon
Summary
Icon
Questions
Icon
Further reading
7
Social Engineering
Icon
Social Engineering
Icon
Technical requirements
Icon
Modeling human psychology
Icon
Attack process
Icon
Attack methods
Icon
Social Engineering Toolkit
Icon
Summary
8
Target Exploitation
Icon
Target Exploitation
Icon
Vulnerability research
Icon
Vulnerability and exploit repositories
Icon
Advanced exploitation toolkit
Icon
MSFConsole
Icon
MSFCLI
Icon
Ninja 101 drills
Icon
Writing exploit modules
Icon
Summary
9
Privilege Escalation and Maintaining Access
Icon
Privilege Escalation and Maintaining Access
Icon
Technical requirements
Icon
Privilege-escalation
Icon
Password-attack tools
Icon
Maintaining access
Icon
Summary
10
Web Application Testing
chevron up
Icon
Web Application Testing
Icon
Technical requirements
Icon
Web analysis
Icon
Cross-Site Scripting
Icon
SQL injection
Icon
Command-execution, directory-traversal, and file-inclusion
Icon
Summary
Icon
Further reading
11
Wireless Penetration Testing
Icon
Wireless Penetration Testing
Icon
Technical requirements
Icon
Wireless networking
Icon
Wireless network reconnaissance
Icon
Wireless testing tools
Icon
Post cracking
Icon
Sniffing wireless traffic
Icon
Summary
12
Mobile Penetration Testing with Kali NetHunter
Icon
Mobile Penetration Testing with Kali NetHunter
Icon
Technical requirements
Icon
Kali NetHunter
Icon
Installing Kali NetHunter
Icon
NetHunter icons
Icon
NetHunter tools
Icon
Third-party Android applications
Icon
Wireless attacks
Icon
HID attacks
Icon
Summary
Icon
Questions
Icon
Further reading
13
PCI DSS Scanning and Penetration Testing
Icon
PCI DSS Scanning and Penetration Testing
Icon
PCI DSS v3.2.1 requirement 11.3
Icon
Scoping the PCI DSS penetration test
Icon
Tools for executing the PCI DSS penetration test
Icon
Summary
Icon
Questions
Icon
Further reading
14
Tools for Penetration Testing Reporting
Icon
Tools for Penetration Testing Reporting
Icon
Technical requirements
Icon
Documentation and results verification
Icon
Types of reports
Icon
Network penetration testing report
Icon
Using the Dradis framework for penetration testing reporting
Icon
Penetration testing reporting tools
Icon
Summary
Icon
Questions
Icon
Further reading
15
Assessments
Icon
Assessments
Icon
Chapter 1 – Assessment answers
Icon
Chapter 2 – Assessment answers
Icon
Chapter 4 – Assessment answers
Icon
Chapter 5 – Assessment answers
Icon
Chapter 6 – Assessment answers
Icon
Chapter 12 – Assessment answers
Icon
Chapter 13 – Assessment answers
Icon
Chapter 14 – Assessment answers
16
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Web Application Testing

In Chapter 6, Vulnerability Scanning, we looked at performing vulnerability scanning using Nessus and OpenVAS, two very powerful tools. In this chapter, we will be taking a look at tools specifically for web and web application scanning and attacking.

Most applications that are developed these days integrate different web technologies. This increases the complexity and risk of exposing sensitive data. Web applications have always been a long-standing target for malicious adversaries to steal, manipulate, sabotage, and extort corporate businesses. This proliferation of web applications has brought forth enormous challenges for pentesters. The key is to secure a web application's frontend, its backend usually consists of databases, any additional microservices, and the overall network security. This is necessary because web applications act as a data...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Kali Linux 2018: Assuring Security by Penetration Testing
End of Section 10
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon