Cargando…
Kali Linux 2 : assuring security by penetration testing /
Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying o...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , , , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt Publishing,
2016.
|
| Edición: | Third edition. |
| Colección: | Community experience distilled.
|
| Temas: | |
| Acceso en línea: | Texto completo |
MARC
| LEADER | 00000cam a2200000Ii 4500 | ||
|---|---|---|---|
| 001 | EBSCO_ocn969039440 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | tz | ||
| 008 | 160922s2016 enk o 001 0 eng d | ||
| 040 | |a FEM |b eng |c FEM |d OCLCQ |d COO |d VT2 |d N$T |d AGLDB |d WYU |d STF |d OCLCF |d BTN |d AUW |d INTCL |d MHW |d SNK |d UKAHL |d CNCEN |d ERF |d UKBTH |d UHL |d UKMGB |d MNU |d LVT |d OCLCO |d OCLCQ |d OCLCO |d FZL |d OCLCQ |d OCLCO | ||
| 015 | |a GBB6B8324 |2 bnb | ||
| 016 | 7 | |a 017986844 |2 Uk | |
| 019 | |a 968017221 |a 972615704 |a 974366152 |a 1066504055 |a 1076702756 |a 1105779071 |a 1112535472 |a 1112918782 |a 1113229715 |a 1118505550 |a 1125076872 |a 1351589161 |a 1380765084 | ||
| 020 | |a 9781785886065 |q (electronic bk.) | ||
| 020 | |a 1785886061 | ||
| 020 | |a 9781785888427 | ||
| 020 | |a 1785888420 | ||
| 024 | 3 | |a 9781785888427 | |
| 029 | 1 | |a UKMGB |b 017986844 | |
| 029 | 1 | |a AU@ |b 000067106398 | |
| 035 | |a (OCoLC)969039440 |z (OCoLC)968017221 |z (OCoLC)972615704 |z (OCoLC)974366152 |z (OCoLC)1066504055 |z (OCoLC)1076702756 |z (OCoLC)1105779071 |z (OCoLC)1112535472 |z (OCoLC)1112918782 |z (OCoLC)1113229715 |z (OCoLC)1118505550 |z (OCoLC)1125076872 |z (OCoLC)1351589161 |z (OCoLC)1380765084 | ||
| 037 | |a 9094327160646557572 |b TotalBoox |f Ebook only |n www.totalboox.com | ||
| 050 | 4 | |a QA76.9.A25 | |
| 072 | 7 | |a COM |x 053000 |2 bisacsh | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Johansen, Gerard, |e author. | |
| 245 | 1 | 0 | |a Kali Linux 2 : |b assuring security by penetration testing / |c Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali. |
| 250 | |a Third edition. | ||
| 260 | |a Birmingham, UK : |b Packt Publishing, |c 2016. | ||
| 300 | |a 1 online resource | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file |2 rda | ||
| 490 | 1 | |a Community experience distilled | |
| 500 | |a Includes index. | ||
| 520 | |a Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town--Kali Linux 2 (aka Sana). Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smootherWho This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn Find out to download and install your own copy of Kali Linux Properly scope and conduct the initial stages of a penetration test Conduct reconnaissance and enumeration of target networks Exploit and gain a foothold on a target system or network Obtain and crack passwords Use the Kali Linux NetHunter install to conduct wireless penetration testing Create proper penetration testing reportsIn Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach. | ||
| 588 | 0 | |a Online resource; title from PDF title page (EBSCO, viewed January 8, 2019). | |
| 542 | |f Copyright © 2016 Packt Publishing | ||
| 505 | 0 | |a Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting. | |
| 505 | 8 | |a The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability. | |
| 505 | 8 | |a Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server. | |
| 505 | 8 | |a Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell. | |
| 505 | 8 | |a Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index. | |
| 590 | |a eBooks on EBSCOhost |b EBSCO eBook Subscription Academic Collection - Worldwide | ||
| 630 | 0 | 0 | |a Kali Linux. |
| 630 | 0 | 7 | |a Kali Linux |2 fast |
| 650 | 0 | |a Computer security. | |
| 650 | 0 | |a Computers |x Access control. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 6 | |a Ordinateurs |x Accès |x Contrôle. | |
| 650 | 7 | |a COMPUTERS / Security / General |2 bisacsh | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Computers |x Access control |2 fast | |
| 655 | 7 | |a Handbooks and manuals |2 fast | |
| 700 | 1 | |a Heriyanto, Tedi, |e author. | |
| 700 | 1 | |a Allen, Lee |c (Information security specialist), |e author. | |
| 700 | 1 | |a Ali, Shakeel, |e author. | |
| 776 | 0 | 8 | |i Print version: |a Johansen, Gerard. |t Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition. |d Birmingham : Packt Publishing, Limited, ©2016 |
| 830 | 0 | |a Community experience distilled. | |
| 856 | 4 | 0 | |u https://ebsco.uam.elogim.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1358184 |z Texto completo |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH31403936 | ||
| 938 | |a EBSCOhost |b EBSC |n 1358184 | ||
| 994 | |a 92 |b IZTAP | ||