Cargando…
Mastering Kali Linux for Advanced Penetration Testing.
This book provides an overview of the kill chain approach to penetration testing, and then focuses on using Kali Linux to provide examples of how this methodology is applied in the real world. After describing the underlying concepts, step-by-step examples are provided that use selected tools to dem...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Packt Publishing,
2014.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Part 1: The Attacker's Kill Chain; Chapter 1: Starting with Kali Linux; Kali Linux; Configuring network services and secure communications; Adjusting network proxy settings; Securing communications with Secure Shell; Updating Kali Linux; The Debian package management system; Packages and repositories; Dpkg; Using Advanced Packaging Tools; Configuring and customizing Kali Linux; Resetting the root password; Adding a non-root user; Speeding up Kali operations
- Sharing folders with Microsoft WindowsCreating an encrypted folder with TrueCrypt; Managing third-party applications; Installing third-party applications; Running third-party applications with non-root privileges; Effective management of penetration tests; Summary; Chapter 2: Identifying the Target
- Passive Reconnaissance; Basic principles of reconnaissance; Open Source intelligence; DNS reconnaissance and route mapping; WHOIS; DNS reconnaissance; IPv4; IPv6; Mapping the route to the target; Obtaining user information; Gathering names and e-mail addresses; Profiling users for password lists
- Threat modelingUsing online and local vulnerability resources; The Metasploit Framework; Exploiting a vulnerable application; Exploiting multiple targets with Armitage; Team testing with Armitage; Scripting the Armitage attack; Bypassing IDs and antivirus detection; Summary; Chapter 5: Post Exploit
- Action on the Objective; Bypassing Windows User Account Control; Conducting a rapid reconnaissance of a compromised system; Using the WMIC scripting language; Finding and taking sensitive data
- pillaging the target; Creating additional accounts; Using Metasploit for post-exploit activities
- Escalating user privileges on a compromised hostReplaying authentication tokens using incognito; Manipulating access credentials with Windows Credential Editor; Escalating from Administrator to SYSTEM; Accessing new accounts with horizontal escalation; Covering your tracks; Summary; Chapter 6: Post Exploit
- Persistence; Compromising the existing system and application files for remote access; Remotely enabling the Telnet service; Remotely enabling Windows Terminal Services; Remotely enabling Virtual Network Computing; Using persistent agents; Employing Netcat as a persistent agent