Kali Linux - Assuring Security by Penetration Testing : Master the Art of Penetration Testing with Kali Linux /
Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux tes...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Otros Autores: | , |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham, UK :
Packt Pub.,
2014.
|
Edición: | 2nd ed. |
Colección: | Community experience distilled.
|
Temas: | |
Acceso en línea: | Texto completo Texto completo |
Tabla de Contenidos:
- Table of Contents; Preface; Part I: Lab Preparation and Testing Procedures; Chapter 1: Beginning with Kali Linux; A brief history of Kali Linux; Kali Linux tool categories; Downloading Kali Linux; Using Kali Linux; Running Kali using Live DVD; Installing on a hard disk; Installing Kali on a physical machine; Installing Kali on a virtual machine; Installing Kali on a USB disk; Configuring the virtual machine; VirtualBox guest additions; Setting up networking ; Setting up a wired connection; Setting up a wireless connection; Starting the network service; Configuring shared folders.
- Saving the guest machine stateExporting a virtual machine; Updating Kali Linux; Network services in Kali Linux; HTTP; MySQL; SSH; Installing a vulnerable server; Installing additional weapons; Installing the Nessus vulnerability scanner; Installing the Cisco password cracker; Summary; Chapter 2: Penetration Testing Methodology; Types of penetration testing; Black box testing; White box testing; Vulnerability assessment versus penetration testing; Security testing methodologies; Open Source Security Testing Methodology Manual (OSSTMM); Key features and benefits.
- Information Systems Security Assessment Framework (ISSAF)Key features and benefits; Open Web Application Security Project (OWASP) ; Key features and benefits; Web Application Security Consortium Threat Classification (WASC-TC); Key features and benefits; Penetration Testing Execution Standard (PTES); Key features and benefits; General penetration testing framework; Target scoping; Information gathering; Target discovery; Enumerating target; Vulnerability mapping; Social engineering; Target exploitation; Privilege escalation; Maintaining access; Documentation and reporting; The ethics; Summary.
- Part II: Penetration Testers ArmoryChapter 3: Target Scoping; Gathering client requirements; Creating the customer requirements form; Deliverables assessment form; Preparing the test plan; Test plan checklist; Profiling test boundaries; Defining business objectives; Project management and scheduling; Summary; Chapter 4: Information Gathering; Using public resources; Querying the domain registration information; Analyzing the DNS records; host; dig; dnsenum; dnsdict6; fierce; DMitry; Maltego; Getting network routing information; tcptraceroute; tctrace; Utilizing the search engine; theharvester.
- MetagoofilSummary; Chapter 5: Target Discovery; Starting off with target discovery; Identifying the target machine; ping; arping; fping; hping3; nping; alive6; detect-new-ip6; passive_discovery6; nbtscan; OS fingerprinting; p0f; Nmap; Summary; Chapter 6: Enumerating Target; Introducing port scanning; Understanding the TCP/IP protocol; Understanding the TCP and UDP message format; Network scanner; Nmap; Nmap target specification; Nmap TCP scan options; Nmap UDP scan options; Nmap port specification; Nmap output options; Nmap timing options; Nmap useful options.