Intermediate Ethical Hacking Hands-on Training

Intermediate Ethical Hacking Hands-on Training

by Cliff Krahenbill
Released September 2021
Publisher(s): Packt Publishing
ISBN: 9781803246390

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Intermediate Ethical Hacking Hands-On Training provides an intermediate level of white, grey, and black hat skills every cybersecurity professional needs to know. In addition, advanced reconnaissance techniques are taught using the NMap scripting engine and various hacking tools used by pentesters.

Sections include web application attacks, wireless network attacks, PowerShell Empire, Netcat, and Wireshark fundamentals.

Learn how to create a reverse shell using command injection and also how to upgrade a dumb terminal to fully functional BASH Shell. Moving forward, we will also learn advanced password hacking with Metasploit and how to dump Wi-Fi credentials using netsh.

By the end of the course, you will have a deep understanding of external and internal network penetration testing, wireless penetration testing, and web application penetration testing. The lab exercises in the course are based on real-world application of Red Team best practices.

What You Will Learn

  • Learn web application attacks
  • Learn Python scripting for pentesters
  • Learn wireless network attacks
  • Learn advance hacking methodologies
  • Learn about web app penetration testing
  • Explore PowerShell Empire

Audience

This course is for anyone who is interested in learning intermediate skills of pentesting. Before taking this course, students should have completed an introduction to an ethical hacking or pentesting course.

About The Author

Cliff Krahenbill: Cliff Krahenbill, known as Professor K, is a technology professional and online instructor. He received his Master of Science degree in Cybersecurity from UMUC in 2015 and a Master of Science degree in Information Technology from Capella University in 2007. Professor K has been working in the field of technology since 1998 as a Microsoft support technician, Microsoft certified trainer, technology support specialist, senior network technology consultant, IT auditor, and most recently, as the owner and operator of his own technology firm, CLK Technology Solutions, located in Tucson, Arizona.

Professor K’s expertise in technology lies in designing, building, and supporting network infrastructures and network security. He has been teaching online courses since 2008 and conducts online classes for universities and colleges. He holds numerous technology certifications, which include the following:

MCTS: Windows Server 2008 Active Directory, Configuration

MCTS: Windows Server 2008 Applications Infrastructure, Configuration

MCTS: Windows Server 2008 Network Infrastructure, Configuration

A+, Net+, Security+

He spends his spare time working in his woodshop and providing free technical support to the local retirement community in Tucson, Arizona.

Publisher resources

Download Example Code

Table of contents

  1. Chapter 1 : Course Overview
    1. Course Overview
  2. Chapter 2 : Virtual Lab Build
    1. Downloading ISO and OVA file for VirtualBox
    2. Create a Virtual Install of Kali Using VirtualBox
    3. Create a Virtual Install of Metasploitable2
    4. Creating Windows 7 Pro Target Machine Using VirtualBox
    5. Installing the VirtualBox Extension Pack
  3. Chapter 3 : NMap
    1. Installing the WebMap-Nmap Dashboard
    2. Automated Recon/Enumeration Using nMapAutomator
  4. Chapter 4 : Reverse Shells, Privilege Escalation, and Persistent Backdoors
    1. Create a Reverse Shell Using Command Injection
    2. Create a Reverse Shell Using a File Upload
    3. Launch an Automated Meterpreter Session
    4. Upgrade a Dumb Terminal to Fully Functional BASH Shell
    5. Windows 7 Privilege Escalation Using UAC Bypass
    6. Creating a Persistent Backdoor Using a Persistent Service
  5. Chapter 5 : PowerShell Empire
    1. Create Virtual Install of Server 2016 Full GUI Using VirtualBox
    2. Preparing Your Server 2016 Target
    3. Promote Server 2016 to a Domain Controller
    4. Installing PowerShell Empire On Kali Linux
    5. Enumerating Active Directory
    6. Post-Exploitation of Windows Using PowerShell Empire
  6. Chapter 6 : Post Exploitation of Microsoft Windows
    1. Advanced Password Hacking with Metasploit
    2. Post-Exploitation of Microsoft Windows
    3. Brute Force the SMB Password on a Windows Server
    4. Enumerating Active Directory Using RPCClient
    5. Dumping Wi-Fi Credentials Using netsh
  7. Chapter 7 : Practical Pentesting Labs
    1. Heartbleed OpenSSL Exploit Vulnerability
    2. Performing an RDP Brute Force Attack
    3. Exploiting Active Directory using LLMNR/NBT-NS Poisoning
    4. Accessing Kali Across the WAN with NGROK
    5. Pentesting with Netcat
    6. Enumerate DNS Records Using DNSRecon
  8. Chapter 8 : Auditing Wireless Networks
    1. Installing a Wireless Adapter in Kali
    2. J Hacking a Wireless Network Using Kali Linux
    3. Wireless Deauthentication Attack
    4. PMKID Client-less Wireless Attack Using Bettercap
  9. Chapter 9 : Wireshark
    1. Overview of Wireshark 3.2
    2. Wireshark Capture Options
    3. Wireshark Toolbar Icons
    4. Capturing Wireless Traffic Using Wireshark
    5. Capturing a 3-way TCP Handshake Using Wireshark
  10. Chapter 10 : Web App Penetration Testing
    1. Creating a virtual install of OWASP
    2. Setting Up Burp Suite
    3. Attack Web Apps with Burp Suite Using SQL Injection
    4. OS Command Injection Using Commix 3.2x
    5. Web Application Firewall Detection Using WAFW00F
    6. Exploit Vulnerable Web Applications Using Command Injection
    7. Using Banner Grabbing to Aid in Reconnaissance
  11. Chapter 11 : Remaining Anonymous While Pentesting
    1. Anonymize Kali Using Whonix
  12. Chapter 12 : SQL Injection to Shell Walkthrough
    1. Lab Preparation for CTF SQL Injection to Shell
    2. CTF Walkthrough for SQL Injection to Shell

Product information

  • Title: Intermediate Ethical Hacking Hands-on Training
  • Author(s): Cliff Krahenbill
  • Release date: September 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781803246390