book

Kali Linux Penetration Testing Bible

by Gus Khawaja

June 2021

Intermediate to advanced

512 pages

11h 12m

English

Wiley

Read now

Unlock full access

What Does This Book Cover?Companion Download FilesHow to Contact the PublisherHow to Contact the Author
Kali Linux File SystemManaging Users and Groups in KaliFiles and Folders Management in Kali LinuxRemote Connections in KaliKali Linux System ManagementNetworking in Kali LinuxSummary
Basic Bash ScriptingPrinting to the Screen in BashVariablesScript ParametersUser InputFunctionsConditions and LoopsSummary
Basics of NetworkingNetwork ScanningDNS EnumerationSummary
Passive Footprinting and ReconnaissanceSummary
Spear Phishing AttacksPayloads and ListenersSocial Engineering with the USB Rubber DuckySummary
Transfer ProtocolsE‐mail ProtocolsDatabase ProtocolsCI/CD ProtocolsWeb Protocols 80/443Graphical Remoting ProtocolsFile Sharing ProtocolsSummary
Vulnerabilities AssessmentServices ExploitationSummary

Web Application VulnerabilitiesSummary
Web Enumeration and ExploitationSecure Software Development LifecycleSummary
Introduction to Kernel Exploits and Missing ConfigurationsKernel ExploitsSUID ExploitationOverriding the Passwd Users FileCRON Jobs Privilege EscalationsudoersExploiting Running ServicesAutomated ScriptsSummary
Windows System EnumerationFile TransfersWindows System ExploitationSummary
Dumping Windows HashesPivoting with Port RedirectionSummary
Basics of CryptographyCracking Secrets with HashcatSummary
Overview of Reports in Penetration TestingScoring SeveritiesReport PresentationSummary
CPU RegistersAssembly InstructionsData TypesMemory SegmentsAddressing ModesReverse Engineering ExampleSummary
Basics of Stack OverflowStack Overflow ExploitationSummary
Basics of PythonRunning Python ScriptsDebugging Python ScriptsPracticing PythonPython Basic SyntaxesVariablesMore Techniques in PythonSummary
Penetration Test RobotSummary
Downloading and Running a VM of Kali LinuxKali Xfce DesktopSummary
Docker TechnologySummary

Content preview from Kali Linux Penetration Testing Bible

CHAPTER 3Network Hosts Scanning

This chapter is your first step into the penetration testing workflow. Whether you're advanced or a novice, this chapter will help you conduct your network scan with success. In the beginning, we will walk through the basics you need to know before you start scanning a network. Afterward, we will delve deeper to see how to scan a network target.

This chapter covers the following:

The basics of networking
Identifying live hosts
Port scanning
Services enumeration
Operating system fingerprinting
Nmap scripting engine
Scanning for subdomains

Basics of Networking

Before you start scanning and identifying hosts, you need to understand the basics of networking first. For example, why do we use 10.0.0.1/16? Or what is a TCP handshake? Let's start!

Networking Protocols

The following are the two main networking protocols you need to be aware of to scan a network successfully.

TCP

The Transmission Control Protocol (TCP) is the main one used in network infrastructure. Every application server (HTTP, FTP, SMTP, etc.) uses this protocol to properly connect the client with the server.

TCP uses a concept called a three‐way handshake to establish a network connection. First, to start a TCP session, the client sends a SYN packet (synchronize) to the server. The server receives the SYN and replies to the client with a synchronize/acknowledge (SYN/ACK) packet. Finally, the client completes the conversation by sending an ACK packet to the server.

For example, ...