book

Ethical Hacking

by Daniel G. Graham

September 2021

Intermediate to advanced

376 pages

9h 25m

English

No Starch Press

Read now

Unlock full access

Why Read This Book?Installing PythonWhat Is in the Book?Reaching Out
Virtual LabSetting Up VirtualBoxSetting Up pfSenseSetting Up MetasploitableSetting Up Kali LinuxSetting Up the Ubuntu Linux DesktopYour First Hack: Exploiting a Backdoor in Metasploitable
How the Internet Transmits DataARP Spoofing AttacksPerforming an ARP Spoofing AttackDetecting an ARP Spoofing AttackExercises
Packets and the Internet Protocol StackViewing Packets in WiresharkAnalyzing Packets Collected by Your FirewallExercises
Sockets and Process CommunicationAccessing the Victim MachineWriting a Reverse Shell ClientWriting a TCP Server That Listens for Client ConnectionsLoading the Reverse Shell onto the Metasploitable ServerBotnetsExercises
EncryptionEncrypting and Decrypting a FileEmail EncryptionEncrypting a File with RSAWriting RansomwareExercises
Transport Layer SecurityUsing Diffie-Hellman to Compute a Shared KeyElliptic-Curve Diffie-HellmanWriting TLS SocketsSSL Stripping and HSTS BypassExercise: Add Encryption to your Ransomware Server
A Sophisticated and Sneaky Social Engineering AttackFaking EmailsFaking WebsitesCreating Deepfake VideosExercises
Link AnalysisGoogle DorkingScanning the Entire InternetIPv6 and NAT LimitationsVulnerability DatabasesVulnerability ScannersExercises
Case Study: Exploiting the Heartbleed OpenSSL VulnerabilityFuzzingSymbolic ExecutionDynamic Symbolic ExecutionUsing DSE to Crack a PasscodeExercises
Case Study: Re-Creating Drovorub by Using MetasploitHiding an Implant in a Legitimate FileEvading Antivirus by Using EncodersCreating a Windows TrojanCreating an Android TrojanExercises
Writing a Linux Kernel ModuleModifying System CallsHooking the Shutdown SyscallHiding FilesUsing Armitage to Exploit a Host and Install a RootkitExercises
SQL InjectionStealing Passwords from a Website’s DatabaseWriting Your Own SQL Injection ToolUsing SQLMapHashing PasswordsBuilding a Salted Hash CrackerPopular Hash Cracking and Brute-Forcing ToolsExercises
Cross-Site ScriptingFinding Vulnerabilities with OWASP Zed Attack ProxyUsing Browser Exploitation Framework PayloadsMoving from Browser to MachineExercise: Hunting for Bugs in a Bug Bounty Program
Pivoting from a Dual-Homed DeviceExtracting Password Hashes on LinuxExercises
Creating a Windows Virtual LabExtracting Password Hashes with MimikatzPassing the Hash with NT LAN ManagerExploring the Corporate Windows NetworkAttacking the DNS ServiceAttacking Active Directory and LDAP ServicesAttacking KerberosExercise: Kerberoasting
Setting Up a Hardened Hacking EnvironmentOther TopicsConnect with Others

Content preview from Ethical Hacking

10BUILDING TROJANS

Things are not always what they seem; the first appearance deceives many; the intelligence of a few perceives what has been carefully hidden.

–Phaedrus

Consider the following scenario: an attacker, pretending to be the head of IT, sends an email to an employee. The email tells the victim to download the updated version of the Alpine email client. But, unbeknownst to the victim, the attacker has embedded an implant in the program. When the victim installs the client, the installer will install the implant, too.

All ethical hackers should understand the mechanisms of implants like these. Implants concealed within legitimate files ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Ethical Hacking and Penetration Testing Guide

Publisher Resources

ISBN: 9781098129095Errata Page

Ethical Hacking

by Daniel G. Graham

10BUILDING TROJANS

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Ethical Hacking and Penetration Testing Guide

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition

Hands on Hacking

Publisher Resources

10BUILDING TROJANS

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Ethical Hacking and Penetration Testing Guide

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition, 6th Edition

Hands on Hacking

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.