Book Image

Mastering Kali Linux for Advanced Penetration Testing – Fourth Edition - Fourth Edition

By : Vijay Kumar Velu
Book Image

Mastering Kali Linux for Advanced Penetration Testing – Fourth Edition - Fourth Edition

By: Vijay Kumar Velu

Overview of this book

Remote working has given hackers plenty of opportunities as more confidential information is shared over the internet than ever before. In this new edition of Mastering Kali Linux for Advanced Penetration Testing, you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You'll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances. This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.
Table of Contents (17 chapters)
15
Other Books You May Enjoy
16
Index

Creating custom wordlists for cracking passwords

There are multiple tools that are readily available in Kali Linux to create custom wordlists for cracking passwords offline. We will now take a look at a couple of them.

Using CeWL to map a website

CeWL is a Ruby app that spiders a given URL to a specified depth, optionally following external links, and returns a list of words that can then be used in password crackers, such as John the Ripper. Figure 2.26 provides the custom list of words generated from the Google index page:

Figure 2.26: Creating custom password list using the CeWL from the web pages

These texts extracted from the web pages sometimes include the HTML comments that are left by the developers, which can be very useful for performing more informed attacks.

Extracting words from Twitter using twofi

While we can profile a user on social media platforms such as Facebook, Twitter, and LinkedIn, we can also use twofi, which stands...