Book Image

The Ultimate Kali Linux Book - Second Edition

By : Glen D. Singh
5 (1)
Book Image

The Ultimate Kali Linux Book - Second Edition

5 (1)
By: Glen D. Singh

Overview of this book

Kali Linux is the most popular and advanced penetration testing Linux distribution within the cybersecurity industry. Using Kali Linux, a cybersecurity professional will be able to discover and exploit various vulnerabilities and perform advanced penetration testing on both enterprise wired and wireless networks. This book is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts. Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks. Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment. By the end of this Kali Linux book, you’ll have gained the skills to perform advanced penetration testing on enterprise networks using Kali Linux.

Related Content you might be interested in

Current Title:

Small book image
The Ultimate Kali Linux Book - Second Edition
Glen D. Singh
Feb, 2022 | 742 pages
Small book image
Reconnaissance for Ethical Hackers
Glen D Singh
Aug, 2023 | 430 pages
Small book image
Learn Penetration Testing
Rishalin Pillay
May, 2019 | 424 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
SeanPhilip Oriyano | Glen D Singh
Feb, 2019 | 302 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Disclaimer
Share Your Thoughts
1
Section 1: Getting Started with Penetration Testing
Section 1: Getting Started with Penetration Testing
Free Chapter
2
Chapter 1: Introduction to Ethical Hacking
Chapter 1: Introduction to Ethical Hacking
Identifying threat actors and their intent
Understanding what matters to threat actors
Discovering cybersecurity terminologies
Exploring the need for penetration testing and its phases
Understanding penetration testing approaches
Exploring hacking phases
Understanding the Cyber Kill Chain framework
Summary
Further reading
3
Chapter 2: Building a Penetration Testing Lab
Chapter 2: Building a Penetration Testing Lab
Technical requirements
Understanding the lab overview and its technologies
Setting up a hypervisor and virtually isolated networks
Setting up and working with Kali Linux
Deploying Metasploitable 2 as a target system
Implementing Metasploitable 3 using Vagrant
Setting up vulnerability web application systems
Summary
Further reading
4
Chapter 3: Setting Up for Advanced Hacking Techniques
Chapter 3: Setting Up for Advanced Hacking Techniques
Technical requirements
Building an AD red team lab
Setting up a wireless penetration testing lab
Summary
Further reading
5
Section 2: Reconnaissance and Network Penetration Testing
Section 2: Reconnaissance and Network Penetration Testing
6
Chapter 4: Reconnaissance and Footprinting
Chapter 4: Reconnaissance and Footprinting
Technical requirements
Understanding the importance of reconnaissance
Understanding passive information gathering
Exploring open source intelligence
Using OSINT strategies to gather intelligence
Summary
Further reading
7
Chapter 5: Exploring Active Information Gathering
Chapter 5: Exploring Active Information Gathering
Technical requirements
Understanding active reconnaissance
Exploring Google hacking strategies
Exploring DNS reconnaissance
Enumerating subdomains
Profiling websites using EyeWitness
Exploring active scanning techniques
Enumerating common network services
Performing user enumeration through noisy authentication controls
Finding data leaks in the cloud
Summary
Further reading
8
Chapter 6: Performing Vulnerability Assessments
Chapter 6: Performing Vulnerability Assessments
Technical requirements
Nessus and its policies
Vulnerability discovery using Nmap
Working with Greenbone Vulnerability Manager
Using web application scanners
Summary
Further reading
9
Chapter 7: Understanding Network Penetration Testing
Chapter 7: Understanding Network Penetration Testing
Technical requirements
Introduction to network penetration testing
Working with bind and reverse shells
Antimalware evasion techniques
Working with wireless adapters
Managing and monitoring wireless modes
Summary
Further reading
10
Chapter 8: Performing Network Penetration Testing
Chapter 8: Performing Network Penetration Testing
Technical requirements
Discovering live systems
Profiling a target system
Exploring password-based attacks
Identifying and exploiting vulnerable services
Understanding watering hole attacks
Further reading
11
Section 3: Red Teaming Techniques
Section 3: Red Teaming Techniques
12
Chapter 9: Advanced Network Penetration Testing — Post Exploitation
Chapter 9: Advanced Network Penetration Testing — Post Exploitation
Technical requirements
Post-exploitation using Meterpreter
Data encoding and exfiltration
Understanding MITM and packet sniffing attacks
Summary
Further reading
13
Chapter 10: Working with Active Directory Attacks
Chapter 10: Working with Active Directory Attacks
Technical requirements
Understanding Active Directory
Enumerating Active Directory
Leveraging network-based trust
Summary
Further reading
14
Chapter 11: Advanced Active Directory Attacks
Chapter 11: Advanced Active Directory Attacks
Technical requirements
Understanding Kerberos
Abusing trust on IPv6 with Active Directory
Attacking Active Directory
Domain dominance and persistence
Summary
Further reading
15
Chapter 12: Delving into Command and Control Tactics
Chapter 12: Delving into Command and Control Tactics
Technical requirements
Understanding C2
Setting up C2 operations
Post-exploitation using Empire
Working with Starkiller
Summary
Further reading
16
Chapter 13: Advanced Wireless Penetration Testing
Chapter 13: Advanced Wireless Penetration Testing
Technical requirements
Introduction to wireless networking
Performing wireless reconnaissance
Compromising WPA and WPA2 networks
Performing AP-less attacks
Exploiting enterprise wireless networks
Creating a Wi-Fi honeypot
Discovering WPA3 attacks
Securing your wireless network
Summary
Further reading
17
Section 4: Social Engineering and Web Application Attacks
Section 4: Social Engineering and Web Application Attacks
18
Chapter 14: Performing Client-Side Attacks – Social Engineering
Chapter 14: Performing Client-Side Attacks – Social Engineering
Technical requirements
Fundamentals of social engineering
Types of social engineering
Defending against social engineering
Planning for each type of social engineering attack
Exploring social engineering tools and techniques
Summary
Further reading
19
Chapter 15: Understanding Website Application Security
Chapter 15: Understanding Website Application Security
Technical requirements
Understanding web applications
Exploring the OWASP Top 10: 2021
Getting started with FoxyProxy and Burp Suite
Understanding injection-based attacks
Exploring broken access control attacks
Discovering cryptographic failures
Understanding insecure design
Exploring security misconfiguration
Summary
Further reading
20
Chapter 16: Advanced Website Penetration Testing
Chapter 16: Advanced Website Penetration Testing
Technical requirements
Identifying vulnerable and outdated components
Exploiting identification and authentication failures
Understanding software and data integrity failures
Understanding security logging and monitoring failures
Performing server-side request forgery
Automating SQL injection attacks
Understanding cross-site scripting
Performing client-side attacks
Summary
Further reading
21
Chapter 17: Best Practices for the Real World
Chapter 17: Best Practices for the Real World
Technical requirements
Guidelines for penetration testers
Penetration testing checklist
Creating a hacker's tool bag
Setting up remote access
Next steps ahead
Summary
Further reading
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Chapter 1: Introduction to Ethical Hacking

Cybersecurity is one of the most rapidly growing fields within the information technology (IT) industry. Each day security professionals are discovering new and emerging threats at a rapid rate and organizations' assets are becoming compromised by threat actors. Due to these threats in the digital world, new professions are being created within many organizations for people who can help protect and safeguard their assets. This book is designed with the intent to provide you with the knowledge, wisdom, and skills that an aspiring penetration tester needs in order to be super awesome within the cybersecurity industry. A penetration tester is a cybersecurity professional who has the skills of a hacker; they are hired by an organization to perform simulations of real-world cyber-attacks on the organization's network infrastructure with the objective of discovering and exploiting security vulnerabilities. This allows the organization to determine any security weaknesses and implement security controls to prevent and mitigate a real cyber-attack.

Throughout the course of this book, you will learn how to use one of the most popular Linux distributions within the cybersecurity industry to simulate real-world cyber-attacks in penetration testing exercises to discover and exploit security weaknesses on systems and networks. The Kali Linux operating system has tons of pre-installed Linux packages/applications that are widely used within the cybersecurity industry, hence it's an arsenal filled with everything you will need. We'll be using a student-centric approach, filled with a lot of hands-on exercises starting from beginner level to intermediate, to more advanced topics and techniques, including red team engagements.

In this chapter, you will gain an in-depth understanding of the various characteristics of various threat actors, their intentions, and the motives behind their cyber-attacks against their targets. Next, you will learn about key factors that are important to threat actors, which determine the level of complexity to compromise a system in comparison to cybersecurity professionals such as ethical hackers and penetration testers who are hired to discover and exploit hidden security weaknesses within a target organization. Furthermore, you will also discover the need for penetration testing, its phases, and approaches used by seasoned professionals within the industry. Lastly, you will explore the Cyber Kill Chain framework, how cybersecurity professionals use it to prevent cyber-attacks, and how each stage can be aligned with penetration testing.

In this chapter, we will cover the following topics:

  • Identifying threat actors and their intent
  • Understanding what matters to threat actors
  • Discovering cybersecurity terminologies
  • Exploring the need for penetration testing and its phases
  • Understanding penetration testing approaches
  • Exploring hacking phases
  • Understanding the Cyber Kill Chain framework

I hope you're as excited as I am to begin this journey. Let's dive in!

Previous Section
End of Section 1
Next Section