Book Image

The Ultimate Kali Linux Book - Second Edition

By : Glen D. Singh

5 (1)

Book Image

The Ultimate Kali Linux Book - Second Edition

5 (1)

By: Glen D. Singh

Overview of this book

Kali Linux is the most popular and advanced penetration testing Linux distribution within the cybersecurity industry. Using Kali Linux, a cybersecurity professional will be able to discover and exploit various vulnerabilities and perform advanced penetration testing on both enterprise wired and wireless networks. This book is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts. Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks. Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment. By the end of this Kali Linux book, you’ll have gained the skills to perform advanced penetration testing on enterprise networks using Kali Linux.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Getting Started with Penetration Testing

Section 1: Getting Started with Penetration Testing

Free Chapter

Chapter 1: Introduction to Ethical Hacking

Chapter 1: Introduction to Ethical Hacking

Identifying threat actors and their intent

Understanding what matters to threat actors

Discovering cybersecurity terminologies

Exploring the need for penetration testing and its phases

Understanding penetration testing approaches

Exploring hacking phases

Understanding the Cyber Kill Chain framework

Further reading

Chapter 2: Building a Penetration Testing Lab

Chapter 2: Building a Penetration Testing Lab

Technical requirements

Understanding the lab overview and its technologies

Setting up a hypervisor and virtually isolated networks

Setting up and working with Kali Linux

Deploying Metasploitable 2 as a target system

Implementing Metasploitable 3 using Vagrant

Setting up vulnerability web application systems

Further reading

Chapter 3: Setting Up for Advanced Hacking Techniques

Chapter 3: Setting Up for Advanced Hacking Techniques

Technical requirements

Building an AD red team lab

Setting up a wireless penetration testing lab

Further reading

Section 2: Reconnaissance and Network Penetration Testing

Section 2: Reconnaissance and Network Penetration Testing

Chapter 4: Reconnaissance and Footprinting

Chapter 4: Reconnaissance and Footprinting

Technical requirements

Understanding the importance of reconnaissance

Understanding passive information gathering

Exploring open source intelligence

Using OSINT strategies to gather intelligence

Further reading

Chapter 5: Exploring Active Information Gathering

Chapter 5: Exploring Active Information Gathering

Technical requirements

Understanding active reconnaissance

Exploring Google hacking strategies

Exploring DNS reconnaissance

Enumerating subdomains

Profiling websites using EyeWitness

Exploring active scanning techniques

Enumerating common network services

Performing user enumeration through noisy authentication controls

Finding data leaks in the cloud

Further reading

Chapter 6: Performing Vulnerability Assessments

Chapter 6: Performing Vulnerability Assessments

Technical requirements

Nessus and its policies

Vulnerability discovery using Nmap

Working with Greenbone Vulnerability Manager

Using web application scanners

Further reading

Chapter 7: Understanding Network Penetration Testing

Chapter 7: Understanding Network Penetration Testing

Technical requirements

Introduction to network penetration testing

Working with bind and reverse shells

Antimalware evasion techniques

Working with wireless adapters

Managing and monitoring wireless modes

Further reading

Chapter 8: Performing Network Penetration Testing

Chapter 8: Performing Network Penetration Testing

Technical requirements

Discovering live systems

Profiling a target system

Exploring password-based attacks

Identifying and exploiting vulnerable services

Understanding watering hole attacks

Further reading

Section 3: Red Teaming Techniques

Section 3: Red Teaming Techniques

Chapter 9: Advanced Network Penetration Testing — Post Exploitation

Chapter 9: Advanced Network Penetration Testing — Post Exploitation

Technical requirements

Post-exploitation using Meterpreter

Data encoding and exfiltration

Understanding MITM and packet sniffing attacks

Further reading

Chapter 10: Working with Active Directory Attacks

Chapter 10: Working with Active Directory Attacks

Technical requirements

Understanding Active Directory

Enumerating Active Directory

Leveraging network-based trust

Further reading

Chapter 11: Advanced Active Directory Attacks

Chapter 11: Advanced Active Directory Attacks

Technical requirements

Understanding Kerberos

Abusing trust on IPv6 with Active Directory

Attacking Active Directory

Domain dominance and persistence

Further reading

Chapter 12: Delving into Command and Control Tactics

Chapter 12: Delving into Command and Control Tactics

Technical requirements

Understanding C2

Setting up C2 operations

Post-exploitation using Empire

Working with Starkiller

Further reading

Chapter 13: Advanced Wireless Penetration Testing

Chapter 13: Advanced Wireless Penetration Testing

Technical requirements

Introduction to wireless networking

Performing wireless reconnaissance

Compromising WPA and WPA2 networks

Performing AP-less attacks

Exploiting enterprise wireless networks

Creating a Wi-Fi honeypot

Discovering WPA3 attacks

Securing your wireless network

Further reading

Section 4: Social Engineering and Web Application Attacks

Section 4: Social Engineering and Web Application Attacks

Chapter 14: Performing Client-Side Attacks – Social Engineering

Chapter 14: Performing Client-Side Attacks – Social Engineering

Technical requirements

Fundamentals of social engineering

Types of social engineering

Defending against social engineering

Planning for each type of social engineering attack

Exploring social engineering tools and techniques

Further reading

Chapter 15: Understanding Website Application Security

Chapter 15: Understanding Website Application Security

Technical requirements

Understanding web applications

Exploring the OWASP Top 10: 2021

Getting started with FoxyProxy and Burp Suite

Understanding injection-based attacks

Exploring broken access control attacks

Discovering cryptographic failures

Understanding insecure design

Exploring security misconfiguration

Further reading

Chapter 16: Advanced Website Penetration Testing

Chapter 16: Advanced Website Penetration Testing

Technical requirements

Identifying vulnerable and outdated components

Exploiting identification and authentication failures

Understanding software and data integrity failures

Understanding security logging and monitoring failures

Performing server-side request forgery

Automating SQL injection attacks

Understanding cross-site scripting

Performing client-side attacks

Further reading

Chapter 17: Best Practices for the Real World

Chapter 17: Best Practices for the Real World

Technical requirements

Guidelines for penetration testers

Penetration testing checklist

Creating a hacker's tool bag

Setting up remote access

Next steps ahead

Further reading

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 (1)

5 star

100%

4 star

0

3 star

0

2 star

0

1 star

0

Summary

In this chapter, you learned about the importance of discovering security vulnerabilities within an organization and its assets. You also gained hands-on experience and skills with using various tools such as Nessus, Nmap, and Metasploit to perform security assessments on systems. You also discovered how various tools and techniques can be used to easily identify security flaws on web applications.

I hope this chapter has been informative for you and will prove helpful in your journey as an aspiring penetration tester, learning how to simulate real-world cyberattacks to discover security vulnerabilities and perform exploitation using Kali Linux. In the next chapter, Chapter 7, Understanding Network Penetration Testing, we will focus on how to use various techniques and strategies when performing network penetration testing.