Cargando…

Kali Linux - Assuring Security by Penetration Testing : Master the Art of Penetration Testing with Kali Linux /

Written as an interactive tutorial, this book covers the core of Kali Linux with real-world examples and step-by-step instructions to provide professional guidelines and recommendations for you. The book is designed in a simple and intuitive manner that allows you to explore the whole Kali Linux tes...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Allen, Lee (Information security specialist)
Otros Autores: Heriyanto, Tedi, Ali, Shakeel
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, UK : Packt Pub., 2014.
Edición:2nd ed.
Colección:Community experience distilled.
Temas:
Acceso en línea:Texto completo
Texto completo
Tabla de Contenidos:
  • Table of Contents; Preface; Part I: Lab Preparation and Testing Procedures; Chapter 1: Beginning with Kali Linux; A brief history of Kali Linux; Kali Linux tool categories; Downloading Kali Linux; Using Kali Linux; Running Kali using Live DVD; Installing on a hard disk; Installing Kali on a physical machine; Installing Kali on a virtual machine; Installing Kali on a USB disk; Configuring the virtual machine; VirtualBox guest additions; Setting up networking ; Setting up a wired connection; Setting up a wireless connection; Starting the network service; Configuring shared folders.
  • Saving the guest machine stateExporting a virtual machine; Updating Kali Linux; Network services in Kali Linux; HTTP; MySQL; SSH; Installing a vulnerable server; Installing additional weapons; Installing the Nessus vulnerability scanner; Installing the Cisco password cracker; Summary; Chapter 2: Penetration Testing Methodology; Types of penetration testing; Black box testing; White box testing; Vulnerability assessment versus penetration testing; Security testing methodologies; Open Source Security Testing Methodology Manual (OSSTMM); Key features and benefits.
  • Information Systems Security Assessment Framework (ISSAF)Key features and benefits; Open Web Application Security Project (OWASP) ; Key features and benefits; Web Application Security Consortium Threat Classification (WASC-TC); Key features and benefits; Penetration Testing Execution Standard (PTES); Key features and benefits; General penetration testing framework; Target scoping; Information gathering; Target discovery; Enumerating target; Vulnerability mapping; Social engineering; Target exploitation; Privilege escalation; Maintaining access; Documentation and reporting; The ethics; Summary.
  • Part II: Penetration Testers ArmoryChapter 3: Target Scoping; Gathering client requirements; Creating the customer requirements form; Deliverables assessment form; Preparing the test plan; Test plan checklist; Profiling test boundaries; Defining business objectives; Project management and scheduling; Summary; Chapter 4: Information Gathering; Using public resources; Querying the domain registration information; Analyzing the DNS records; host; dig; dnsenum; dnsdict6; fierce; DMitry; Maltego; Getting network routing information; tcptraceroute; tctrace; Utilizing the search engine; theharvester.
  • MetagoofilSummary; Chapter 5: Target Discovery; Starting off with target discovery; Identifying the target machine; ping; arping; fping; hping3; nping; alive6; detect-new-ip6; passive_discovery6; nbtscan; OS fingerprinting; p0f; Nmap; Summary; Chapter 6: Enumerating Target; Introducing port scanning; Understanding the TCP/IP protocol; Understanding the TCP and UDP message format; Network scanner; Nmap; Nmap target specification; Nmap TCP scan options; Nmap UDP scan options; Nmap port specification; Nmap output options; Nmap timing options; Nmap useful options.