Book Image

Learn Kali Linux 2019

By : Glen D. Singh
Book Image

Learn Kali Linux 2019

By: Glen D. Singh

Overview of this book

The current rise in hacking and security breaches makes it more important than ever to effectively pentest your environment, ensuring endpoint protection. This book will take you through the latest version of Kali Linux and help you use various tools and techniques to efficiently deal with crucial security aspects. Through real-world examples, you’ll understand how to set up a lab and later explore core penetration testing concepts. Throughout the course of this book, you’ll get up to speed with gathering sensitive information and even discover different vulnerability assessment tools bundled in Kali Linux 2019. In later chapters, you’ll gain insights into concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections to further build on your pentesting skills. You’ll also focus on techniques such as bypassing controls, attacking the end user and maintaining persistence access through social media. Finally, this pentesting book covers best practices for performing complex penetration testing techniques in a highly secured environment. By the end of this book, you’ll be able to use Kali Linux to detect vulnerabilities and secure your system by applying penetration testing techniques of varying complexity.

Related Content you might be interested in

Current Title:

Small book image
Learn Kali Linux 2019
Glen D. Singh
Nov, 2019 | 550 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
Glen D Singh | SeanPhilip Oriyano
Feb, 2019 | 302 pages
Small book image
Reconnaissance for Ethical Hackers
Glen D Singh
Aug, 2023 | 430 pages
Small book image
Learn Ethical Hacking from Scratch
Zaid Sabih
Jul, 2018 | 564 pages
Table of Contents (22 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: Kali Linux Basics
Section 1: Kali Linux Basics
2
Introduction to Hacking
Introduction to Hacking
Who is a hacker?
Exploring important terminology
Penetration testing phases
Penetration testing methodologies
Penetration testing approaches
Types of penetration testing
Hacking phases
Summary
Questions
Further reading
3
Setting Up Kali - Part 1
Setting Up Kali - Part 1
Technical requirements
Lab overview
Building our lab
Summary
Questions
Further reading
4
Setting Up Kali - Part 2
Setting Up Kali - Part 2
Technical requirements
Installing Windows as a VM
Installing Ubuntu 8.10
Troubleshooting Kali Linux
Summary
Further reading
5
Getting Comfortable with Kali Linux 2019
Getting Comfortable with Kali Linux 2019
Technical requirements
Understanding Kali Linux
What's new in Kali Linux 2019?
Basics of Kali Linux
Summary
Questions
Further reading
6
Section 2: Reconnaissance
Section 2: Reconnaissance
7
Passive Information Gathering
Passive Information Gathering
Technical requirements
Reconnaissance and footprinting
Understanding passive information gathering
Understanding OSINT
Using the top OSINT tools
Identifying target technology and security controls
Finding data leaks in cloud resources
Understanding Google hacking and search operators
Leveraging whois and copying websites with HTTrack
Finding subdomains using Sublist3r
Summary
Questions
Further reading
8
Active Information Gathering
Active Information Gathering
Technical requirements
Understanding active information gathering
DNS interrogation
Scanning
Nmap
NSE scripts
Zenmap
Hping3
SMB, LDAP enumeration, and null sessions
User enumeration through noisy authentication controls
Web footprints and enumeration with EyeWitness
Metasploit auxiliary modules
Summary
Questions
Further reading
9
Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
10
Working with Vulnerability Scanners
Working with Vulnerability Scanners
Technical requirements
Nessus and its policies
Scanning with Nessus
Exporting Nessus results
Analyzing Nessus results
Using web application scanners
Summary
Questions
Further reading
11
Understanding Network Penetration Testing
Understanding Network Penetration Testing
Technical requirements
Introduction to network penetration testing
Understanding the MAC address
Connecting a wireless adapter to Kali Linux
Managing and monitoring wireless modes
Summary
Questions
Further reading
12
Network Penetration Testing - Pre-Connection Attacks
Network Penetration Testing - Pre-Connection Attacks
Technical requirements
Getting started with packet sniffing using airodump-ng
Targeted packet sniffing using airodump-ng
Deauthenticating clients on a wireless network
Creating a rogue AP/evil twin
Performing a password spraying attack
Setting up watering hole attacks
Exploiting weak encryption to steal credentials
Summary
Questions
Further reading
13
Network Penetration Testing - Gaining Access
Network Penetration Testing - Gaining Access
Technical requirements
Gaining access
WEP cracking
WPA cracking
Securing your network from the aforementioned attacks
Configuring wireless security settings to secure your network
Exploiting vulnerable perimeter systems with Metasploit
Penetration testing Citrix and RDP-based remote access systems
Plugging PWN boxes and other tools directly into a network
Bypassing NAC
Summary
Questions
Further reading
14
Network Penetration Testing - Post-Connection Attacks
Network Penetration Testing - Post-Connection Attacks
Technical requirements
Gathering information
MITM attacks
Session hijacking
DHCP attacks
Exploiting LLMNR and NetBIOS-NS
WPAD protocol attacks
Wireshark
Escalating privileges
Lateral movement tactics
PowerShell tradecraft
Launching a VLAN hopping attack
Summary
Questions
Further reading
15
Network Penetration Testing - Detection and Security
Network Penetration Testing - Detection and Security
Technical requirements
Using Wireshark to understand ARP
Detecting ARP poisoning attacks
Detecting suspicious activity
MITM remediation techniques
Summary
Questions
Further reading
16
Client-Side Attacks - Social Engineering
Client-Side Attacks - Social Engineering
Technical requirements
Basics of social engineering
Types of social engineering
Defending against social engineering
Recon for social engineering (doxing)
Planning for each type of social engineering attack
Social engineering tools
Summary
Questions
Further reading
17
Performing Website Penetration Testing
Performing Website Penetration Testing
Technical requirements
Information gathering
Cryptography
File upload and file inclusion vulnerabilities
Exploiting file upload vulnerabilities
Exploiting code execution vulnerabilities
Exploiting LFI vulnerabilities
Preventing vulnerabilities
Summary
Questions
Further reading
18
Website Penetration Testing - Gaining Access
Website Penetration Testing - Gaining Access
Technical requirements
Exploring the dangers of SQL injection
SQL injection vulnerabilities and exploitation
Cross-Site Scripting vulnerabilities
Discovering vulnerabilities automatically
Summary
Questions
Further reading
19
Best Practices
Best Practices
Technical requirements
Guidelines for penetration testers
Web application security blueprints and checklists
Summary
Questions
Further reading
20
Assessments
Assessments
Chapter 1: Introduction to Hacking
Chapter 2: Setting Up Kali - Part
Chapter 4: Getting Comfortable with Kali Linux 2019
Chapter 5: Passive Information Gathering
Chapter 6: Active Information Gathering
Chapter 7: Working with Vulnerability Scanners
Chapter 8: Understanding Network Penetration Testing
Chapter 9: Network Penetration Testing - Pre-Connection Attacks
Chapter 10: Network Penetration Testing - Gaining Access
Chapter 11: Network Penetration Testing - Post-Connection Attacks
Chapter 12: Network Penetration Testing - Detection and Security
Chapter 13: Client-Side Attacks - Social Engineering
Chapter 14: Performing Website Penetration Testing
Chapter 15: Website Penetration Testing - Gaining Access
Chapter 16: Best Practices
21
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

WPAD protocol attacks

Within a corporate network, system administrators usually allow employees to access the internet through a proxy server. The proxy server usually improves performance and security, and monitors web traffic entering and leaving the corporate network. WPAD is a technique that is used on client machines to discover the URL of a configuration file via DHCP discovery methods. Once a client machine discovers a file, it is downloaded on the client machine and executed. The script will determine the proxy for the client.

In this exercise, we are going to use Responder on Kali Linux to capture a victim's user credentials. Before we begin, the following topology will be used in this exercise:

Using the following steps, we will be able to easily exploit WPAD in a Windows environment:

The lab configurations are the same as those in the previous section.
  1. Ensure...
Previous Section
End of Section 8
Next Section