Kali Linux 2 : assuring security by penetration testing /

Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying o...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autores principales: Johansen, Gerard (Autor), Heriyanto, Tedi (Autor), Allen, Lee (Information security specialist) (Autor), Ali, Shakeel (Autor)
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham, UK : Packt Publishing, 2016.
Edición:Third edition.
Colección:Community experience distilled.
Temas:
Kali Linux.
Kali Linux
Computer security.
Computers > Access control.
Sécurité informatique.
Ordinateurs > Accès > Contrôle.
COMPUTERS / Security / General
Computer security
Computers > Access control
Handbooks and manuals
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover
  • Copyright
  • Credits
  • Disclaimer
  • About the Authors
  • About the Reviewer
  • www.PacktPub.com
  • Table of Contents
  • Preface
  • Chapter 1: Beginning with Kali Linux
  • A brief history of Kali Linux
  • Kali Linux tool categories
  • Downloading Kali Linux
  • Using Kali Linux
  • Running Kali using Live DVD
  • Installing on a hard disk
  • Installing Kali on a physical machine
  • Installing kali on a virtual machine
  • Saving or Moving the Virtual Machine
  • Installing Kali on a USB disk
  • Configuring the Virtual Machine
  • VirtualBox Guest Additions
  • Setting up Networking
  • Setting up a wired connection
  • Setting up a wireless connection
  • Updating Kali Linux
  • Network services in Kali Linux
  • HTTP
  • MySQL
  • SSH
  • Installing a vulnerable server
  • Installing additional weapons
  • Installing the Nessus vulnerability scanner
  • Installing the Cisco password cracker
  • Summary
  • Chapter 2: Penetration Testing Methodology
  • Types of penetration testing
  • Black box testing
  • White box testing
  • Gray box testing
  • Deciding on a test
  • Vulnerability assessment versus penetration testing
  • Security testing methodologies
  • Open Source Security Testing Methodology Manual
  • Key features and benefits of OSSTMM
  • Information Systems Security Assessment Framework
  • Key features and benefits of ISSAF
  • Open Web Application Security Project
  • Key features and benefits of OWASP
  • Web Application Security Consortium Threat Classification
  • Key features and benefits of WASC-TC
  • Penetration Testing Execution Standard
  • Key features and benefits of PTES
  • General penetration testing framework
  • Target scoping
  • Information gathering
  • Target discovery
  • Enumerating target
  • Vulnerability mapping
  • Social engineering
  • Target exploitation
  • Privilege escalation
  • Maintaining access
  • Documentation and reporting.
  • The ethics
  • Summary
  • Chapter 3: Target Scoping
  • Gathering client requirements
  • Creating the customer requirements form
  • The deliverables assessment form
  • Preparing the test plan
  • The test plan checklist
  • Profiling test boundaries
  • Defining business objectives
  • Project management and scheduling
  • Summary
  • Chapter 4 : Information Gathering
  • Open Source Intelligence
  • Using public resources
  • Querying the domain registration information
  • Analyzing the DNS records
  • Host
  • dig
  • dnsenum
  • fierce
  • DMitry
  • Maltego
  • Getting network routing information
  • tcptraceroute
  • tctrace
  • Utilizing the search engine
  • theharvester
  • SimplyEmail
  • Metagoofil
  • Accessing leaked information
  • The Onion Router
  • Installing the TOR Browser
  • Summary
  • Chapter 5: Target Discovery
  • Starting off with target discovery
  • Identifying the target machine
  • ping
  • arping
  • fping
  • hping3
  • nping
  • alive6
  • detect-new-ip6
  • passive_discovery6
  • nbtscan
  • OS fingerprinting
  • p0f
  • Nmap
  • Summary
  • Chapter 6: Enumerating Target
  • Introducing port scanning
  • Understanding the TCP/IP protocol
  • Understanding the TCP and UDP message format
  • The network scanner
  • Nmap
  • Nmap target specification
  • Nmap TCP scan options
  • Nmap UDP scan options
  • Nmap port specification
  • Nmap output options
  • Nmap timing options
  • Useful Nmap options
  • Service version detection
  • Operating system detection
  • Disabling host discovery
  • Aggressive scan
  • Nmap for scanning the IPv6 target
  • The Nmap scripting engine
  • Nmap options for Firewall/IDS evasion
  • Unicornscan
  • Zenmap
  • Amap
  • SMB enumeration
  • SNMP enumeration
  • onesixtyone
  • snmpcheck
  • VPN enumeration
  • ike-scan
  • Summary
  • Chapter 7: Vulnerability Mapping
  • Types of vulnerabilities
  • Local vulnerability
  • Remote vulnerability.
  • Vulnerability taxonomy
  • Automated vulnerability scanning
  • Nessus
  • Network vulnerability scanning
  • Cisco analysis
  • Cisco auditing tool
  • Cisco global exploiter
  • SMB analysis
  • Impacketsamrdump
  • SNMP analysis
  • SNMP Walk
  • Web application analysis
  • Nikto2
  • OWASP ZAP
  • Burp Suite
  • Paros proxy
  • W3AF
  • WafW00f
  • WebScarab
  • Fuzz analysis
  • BED
  • JBroFuzz
  • Database assessment tools
  • SQLMap
  • SQL Ninja
  • Summary
  • Chapter 8: Social Engineering
  • Modeling the human psychology
  • Attack process
  • Attack methods
  • Impersonation
  • Reciprocation
  • Influential authority
  • Scarcity
  • Social relationship
  • Curiosity
  • Social Engineering Toolkit
  • Anonymous USB Attack
  • Summary
  • Chapter 9: Target Exploitation
  • Vulnerability research
  • Vulnerability and exploit repositories
  • Advanced exploitation toolkit
  • MSFConsole
  • MSFCLI
  • Ninja 101 drills
  • Scenario 1
  • Scenario 2
  • SMB usernames
  • VNC blank authentication scanner
  • PostGRESQL login
  • Scenario 3
  • Bind shell
  • Reverse shell
  • Meterpreter
  • Scenario 4
  • Generating a binary backdoor
  • Automated browser exploitation
  • Writing exploit modules
  • Summary
  • Chapter 10: Privilege Escalation
  • Privilege escalation using a local exploit
  • Password attack tools
  • Offline attack tools
  • hash-identifier
  • Hashcat
  • RainbowCrack
  • samdump2
  • John
  • Johnny
  • Ophcrack
  • Crunch
  • Online attack tools
  • CeWL
  • Hydra
  • Medusa
  • Mimikatz
  • Network spoofing tools
  • DNSChef
  • Setting up a DNS proxy
  • Faking a domain
  • arpspoof
  • Ettercap
  • Network sniffers
  • dsniff
  • tcpdump
  • Wireshark
  • Summary
  • Chapter 11: Maintaining Access
  • Using operating system backdoors
  • Cymothoa
  • Intersect
  • The meterpreter backdoor
  • Working with tunneling tools
  • dns2tcp
  • iodine
  • Configuring the DNS server
  • Running the iodine server.
  • Running the iodine client
  • ncat
  • proxychains
  • ptunnel
  • socat
  • Getting HTTP header information
  • Transferring files
  • sslh
  • stunnel4
  • Creating web backdoors
  • WeBaCoo
  • PHP meterpreter
  • Summary
  • Chapter 12: Wireless Penetration Testing
  • Wireless networking
  • Overview of 802.11
  • Wired Equivalent Privacy Standard
  • Wi-Fi Protected Access
  • Wireless network recon
  • Antennas
  • Iwlist
  • Kismet
  • WAIDPS
  • Wireless testing tools
  • Aircrack-ng
  • WPA Pre-shared Key cracking
  • WEP cracking
  • PixieWPS
  • Wifite
  • Fern Wifi Cracker
  • Post cracking
  • MAC spoofing
  • Persistence
  • Sniffing wireless traffic
  • Sniffing WLAN traffic
  • Passive sniffing
  • Summary
  • Chapter 13: Kali Nethunter
  • Kali Nethunter
  • Deployment
  • Network deployment
  • Wireless deployment
  • Host deployment
  • Installing Kali Nethunter
  • Nethunter icons
  • Nethunter tools
  • Nmap
  • Metasploit
  • MAC changer
  • Third-party applications
  • Wireless attacks
  • Wireless scanning
  • Nethunter tools
  • Third-party apps
  • WPA/WPA2 cracking
  • WPS cracking
  • Evil AP attack
  • Mana Evil AP
  • HID attacks
  • Summary
  • Chapter 14: Documentation and Reporting
  • Documentation and results verification
  • Types of reports
  • The executive report
  • The management report
  • The technical report
  • Network penetration testing report (sample contents)
  • Preparing your presentation
  • Post-testing procedures
  • Summary
  • Appendix A: Supplementary Tools
  • Reconnaissance tool
  • Vulnerability scanner
  • NeXpose Community Edition
  • Installing NeXpose
  • Starting the NeXpose community
  • Logging in to the NeXpose community
  • Using the NeXpose community
  • Web application tools
  • Vega
  • BlindElephant
  • Network tool
  • Netcat
  • Open connection
  • Service banner grabbing
  • Creating a simple chat server
  • File transfer
  • Portscanning
  • Backdoor shell.
  • Reverse shell
  • Summary
  • Appendix B: Key Resources
  • Vulnerability disclosure and tracking
  • Paid incentive programs
  • Reverse engineering resources
  • Penetration testing learning resources
  • Exploit development learning resources
  • Penetration testing on a vulnerable environment
  • Online web application challenges
  • Virtual machines and ISO images
  • Network ports
  • Index.

Ejemplares similares