Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kali Linux Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Kali Linux Cookbook

Kali Linux Cookbook - Third Edition

By : Corey P. Schultz
Buy this Book
close
close
Kali Linux Cookbook

Kali Linux Cookbook

By: Corey P. Schultz
Buy this Book

Overview of this book

This hands-on guide will help you become a penetration testing expert by gaining command of the powerful tools of Kali Linux, from versions 2024.3 through 2025.1, aligned with the latest features introduced and applying them in real-world security assessments. This cookbook’s third edition is updated to include the latest advancements in cybersecurity. The author leverages their 20 years of industry experience to guide you through installing Kali on multiple platforms, setting up lab environments, and using modern tools, such as Nmap, Metasploit, Wireshark, OpenVAS, and AI-driven reconnaissance. You’ll also explore automated social engineering, wireless hacking, web and database exploitation, and advanced persistence techniques, delivering a comprehensive and up-to-date penetration testing resource. Recognizing the critical role of human factors in security, this edition expands on social engineering tactics, including psychological principles and AI-driven automation, to craft highly effective attack campaigns. By the end of this book, you’ll have strengthened your grasp of the entire penetration testing process, from environment setup and reconnaissance to vulnerability analysis, exploitation, and maintaining access, and be equipped with industry-standard tools to enhance your effectiveness as a security professional.
Table of Contents (17 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Icon
Free Benefits with Your Book
Lock Free Chapter
1
Bootstrapping Your Cyber Arsenal
chevron up
Icon
Bootstrapping Your Cyber Arsenal
Icon
Free Benefits with Your Book
Icon
Technical requirements
Icon
Lab architecture and considerations
Icon
Installing VirtualBox on Windows
Icon
Installing Kali Linux in VirtualBox
Icon
Installing Kali in Docker
Icon
Installing Kali on Raspberry PI
Icon
Updating and upgrading Kali Linux
Icon
Installation of Kali metapackages
Icon
Securing Kali Linux
Icon
Checking for rootkits and other exploits
Icon
Installing Metasploitable3 Linux and Windows VMs
Icon
Installing Damn Vulnerable Linux (DVL)
Icon
Installing and setting up bWAPP via bee-box
Icon
Other test machines
2
Cloak and Dagger: Stealth and Anonymity
Icon
Cloak and Dagger: Stealth and Anonymity
Icon
Technical requirements
Icon
Essentials to anonymity
Icon
Employing Bitcoin and cryptocurrency
Icon
Using Tor
Icon
Using private and secure email
Icon
Using a VPN
Icon
Using a proxy
Icon
Building alternate online personas
Icon
Building complete online personas with AI
3
Deep Recon: Unveiling the Digital Landscape
Icon
Deep Recon: Unveiling the Digital Landscape
Icon
Technical requirements
Icon
Using CherryTree to organize your data
Icon
Gathering DNS and domain information
Icon
Gathering information from web resources
Icon
Gathering public IP information
Icon
Gathering external routing information
Icon
Gathering internal routing information
Icon
Gathering cloud services information
Icon
Identifying whether there is a web application firewall
Icon
Using SNMP for information gathering
Icon
Setting up Maltego CE
Icon
Understanding and configuring Maltego Transforms
Icon
Initiating a scan with Maltego
4
Nmap Mastery – Scanning with Precision
Icon
Nmap Mastery – Scanning with Precision
Icon
Technical requirements
Icon
Setting up Nmap
Icon
Performing host discovery
Icon
Performing port scanning
Icon
Performing service and version discovery
Icon
Performing operating system fingerprinting
Icon
Performing hardware and device type fingerprinting
Icon
Conducting the most common Nmap scan
Icon
Implementing detection and evasion techniques
Icon
Understanding script engine fundamentals
5
Wireshark Wizard: Network Traffic Demystified
Icon
Wireshark Wizard: Network Traffic Demystified
Icon
Technical requirements
Icon
Setting up Wireshark
Icon
Capturing network traffic
Icon
Performing packet analysis
Icon
Implementing display filters
Icon
Filtering captured traffic
Icon
Performing TCP analysis (FTP)
Icon
Performing UDP analysis (DNS)
Icon
Analyzing web applications
Icon
Importing PCAP files
6
Weaknesses Exposed: Advanced Vulnerability Analysis
Icon
Weaknesses Exposed: Advanced Vulnerability Analysis
Icon
Technical requirements
Icon
Setting up Greenbone Vulnerability Manager (GVM)
Icon
Performing a subnet vulnerability scan with GVM
Icon
Executing a targeted vulnerability scan with GVM
Icon
Setting up Nessus
Icon
Conducting a basic vulnerability scan with Nessus
Icon
Executing an advanced and targeted vulnerability scan with Nessus
7
Exploitation Unleashed: Finding the Hidden Flaws
Icon
Exploitation Unleashed: Finding the Hidden Flaws
Icon
Technical requirements
Icon
Understanding vulnerabilities and targets
Icon
Searching local exploit databases
Icon
Searching remote exploit databases
Icon
Setting up Metasploit
Icon
Learning Metasploit basics
Icon
Target scanning and enumeration using Metasploit
Icon
Using exploits and payloads in Metasploit
Icon
Setting up Armitage
Icon
Visualizing the target
Icon
Collaborative hacking
Icon
Using Yersinia to attack network protocols
8
Human Hacking: The Art of Social Engineering
Icon
Human Hacking: The Art of Social Engineering
Icon
Technical requirements
Icon
Creating a phishing attack
Icon
Enhancing intelligence gathering with AI
Icon
Using AI LLMs to enhance phishing attacks
Icon
Creating a spear phishing attack
Icon
Building phishing templates
Icon
Launching chatbot-based social engineering attacks
Icon
Implementing voice and speech synthesis
Icon
Building a full-screen attack
Icon
Building a site cloning attack
Icon
Generating QR codes
Icon
Creating infectious media
Icon
Obfuscating and manipulating URLs
Icon
Using PowerShell as an attack vector
Icon
Spoofing DHCP
Icon
Spoofing DNS
9
Breaking Barriers: the Secrets of Password Cracking
Icon
Breaking Barriers: the Secrets of Password Cracking
Icon
Technical requirements
Icon
Implementing credential sniffing on network traffic
Icon
Cracking local Windows passwords
Icon
Cracking remote Windows passwords
Icon
Cracking local Linux passwords
Icon
Brute-forcing password hashes
Icon
Optimizing John the Ripper
Icon
Generating custom word lists with CeWL
Icon
Expanding custom word lists with RSMangler
Icon
Logging key strokes
Icon
Attacking 2FA
Icon
Cracking FTP/Telnet/SSH passwords
Icon
Cracking RDP passwords
Icon
Cracking VNC passwords
Icon
Cracking ZIP/RAR files
Icon
Stuffing credentials
10
Climbing the Ladder: Mastering Privilege Escalation
Icon
Climbing the Ladder: Mastering Privilege Escalation
Icon
Technical requirements
Icon
Exploiting applications in Windows to gain elevated privileges
Icon
Exploiting services in Windows to gain elevated privileges
Icon
Chaining exploits in Windows to gain elevated privileges
Icon
Exploiting privilege escalation in Linux – non-root
Icon
Exploiting chained privilege root escalation in Linux
Icon
Exploiting chained privilege identification and escalation
11
Wireless Warfare: Dominating the Airwaves
Icon
Wireless Warfare: Dominating the Airwaves
Icon
Technical requirements
Icon
Building a WLAN testing environment
Icon
Scanning for SSIDs
Icon
Scanning for hidden SSIDs
Icon
Examining collected data
Icon
Performing a wireless DoS attack: deauthentication attack
Icon
Cracking WPA2 keys
Icon
Spoofing a valid client’s MAC address
Icon
Using public Wi-Fi to capture credentials
Icon
Attacking the corporate Wi-Fi network
12
Web Warriors: Exploiting Online and Database Vulnerabilities
Icon
Web Warriors: Exploiting Online and Database Vulnerabilities
Icon
Technical requirements
Icon
Creating a website reconnaissance report with Photon and EyeWitness
Icon
Using Nikto to scan websites for vulnerabilities
Icon
Using Skipfish to scan websites for vulnerabilities
Icon
Using ZAP to scan websites for vulnerabilities
Icon
Using Droopescan to scan a CMS for vulnerabilities
Icon
Performing a command injection attack
Icon
Performing a SQL injection attack
Icon
Performing a cross-site scripting (XSS) attack
Icon
Discovering hidden files with R/LFI and ffuf
13
Persistence Pays: Securing Long-Term Access
Icon
Persistence Pays: Securing Long-Term Access
Icon
Technical requirements
Icon
Creating a backdoor in Windows
Icon
Persisting Windows connectivity
Icon
Creating a backdoor in Linux
Icon
Persisting Linux connectivity
Icon
Persisting connectivity through the web
Icon
Masquerading communications with netcat
Icon
Encrypting communications with Cryptcat
14
Unlock Your Exclusive Benefits
Icon
Unlock Your Exclusive Benefits
Icon
Unlock this Book’s Free Benefits in 3 Easy Steps
15
Other Books You May Enjoy
Icon
Other Books You May Enjoy
16
Index
Icon
Index

Installing Metasploitable3 Linux and Windows VMs

In this recipe, you will add machines that you can use for targets by installing Metaspoloitable3 VMs. Metasploitable3 Linux and Windows machines are vulnerable VMs designed for penetration testing and security research. Built by Rapid7, Metasploitable3 has outdated software, misconfigurations, and security vulnerabilities.

It is a practical environment for users to explore and exploit various security flaws and is effective for vulnerability scanning, exploitation, privilege escalation, and post-exploitation activities. It also provides an ideal platform to practice attack vectors and tools such as Kali Linux. Using this VM helps you identify and exploit weaknesses in Linux and Windows operating systems.

Getting ready…

You need the following to complete this recipe:

  • VirtualBox shut down
  • A stable internet connection
  • Temporarily disabled antivirus
  • 80 GB of free disk space

How to do it…

  1. Open your web browser and navigate to https://developer.hashicorp.com/vagrant/install?product_intent=vagrant.
  2. Find the appropriate download for your host and download Vagrant.

A screenshot of a computer Description automatically generated

Figure 1.34 – Vagrant download

  1. Once the file has been downloaded, close your web browser. Navigate to the Vagrant file you downloaded and double-click it to begin installation.
  2. Accept the license agreement and click Install.
  3. Once the installation is completed, click Finish.
  4. You will then be asked to reboot – select Yes to reboot the host.
  5. Once the host computer is back up, log in and open the command prompt.

Tip

A quick way to open a command window is to type command or cmd into the search window.

  1. Navigate to your default VM location from within the command window. In this
    example, it’s on the D: drive. From there, we must add a new workplace directory, naming it metasploitable3-workplace, and cd into it, as shown.

    d:

    cd kali_cb_vms

    mkdir metasploitable3-workplace

    cd metasploitable3-workplace

  2. Now, download the Vagrant file, which will be used to create our VMs using the following.

    powershell Invoke-WebRequest -Uri "https://raw.githubusercontent.com/rapid7/metasploitable3/master/Vagrantfile" -OutFile "Vagrantfile"

  3. Once the Vagrant file has been downloaded, you can bring the VMs online with the following command:

    vagrant up

Figure 1.35 – vagrant up

Figure 1.35 – Vagrant up

The process will take a significant amount of time, and there will be some warnings generated due to configuring a host-only network before installing Metasploitable3.

  1. Once complete, launch VirtualBox by double-clicking the icon on your desktop.
  2. You will notice two new VMs from VirtualBox Manager with names beginning with metasploitable3.

If either of those VMs is running, you will want to shut them down. The easiest way is to select the VM and right-click and select Stop, and click Shutdown.

Figure 1.36 – Stop VMs

Figure 1.36 – Stop VMs

  1. When asked if you really want to do this, click Shutdown.
  2. Clean up the host-only network by selecting the options icon on tools and clicking Network.
Figure 1.37 – VirtualBox networking

Figure 1.37 – VirtualBox networking

  1. Now, if you see two VirtualBox host-only Ethernet adapters, then remove the second one that has the suffix #2 by selecting it and clicking Remove.

Now, to clean up each VM, we select the VM and click on the Network icon.

  1. Check each network adapter. The only one that should be enabled is Adapter 1, and it should be connected to the host-only Ethernet adapter. When finished, click OK. Do this for each of the Metasploitable3 VMs.
Figure 1.38 – VM network settings

Figure 1.38 – VM network settings

  1. Now, you may launch each VM and try logging into each. For the Linux workstation, the username and password are vagrant. For the Windows machine, both the administrator and Vagrant user’s password are vagrant.

Note

Remember not to expose vulnerable machines directly to the internet.

  1. Once complete, shut down the VM as before by using the Shutdown option.

How it works…

Vagrant is an open source software product for building and maintaining virtualized development environments. Vagrant was used to deploy the pre-built Metasploitable3 VMs within VirtualBox quickly and straightforwardly.

There is more…

Vagrant is a useful tool, and I would recommend reviewing the website for additional information on useful options as you continue with the lab:

https://developer.hashicorp.com/vagrant/intro

There is plenty of useful information on the Metasploitable3 GitHub pages located at https://github.com/rapid7/metasploitable3?tab=readme-ov-file and https://github.com/rapid7/metasploitable3, and specific information about the vulnerabilities can be found on the wiki at https://github.com/rapid7/metasploitable3/wiki/Vulnerabilities.

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Kali Linux Cookbook
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon