Book description
A practical guide to testing your infrastructure security with Kali Linux, the preferred choice of pentesters and hackers
Key Features
- Employ advanced pentesting techniques with Kali Linux to build highly secured systems
- Discover various stealth techniques to remain undetected and defeat modern infrastructures
- Explore red teaming techniques to exploit secured environment
Book Description
This book takes you, as a tester or security practitioner, through the reconnaissance, vulnerability assessment, exploitation, privilege escalation, and post-exploitation activities used by pentesters.
To start with, you'll use a laboratory environment to validate tools and techniques, along with an application that supports a collaborative approach for pentesting. You'll then progress to passive reconnaissance with open source intelligence and active reconnaissance of the external and internal infrastructure. You'll also focus on how to select, use, customize, and interpret the results from different vulnerability scanners, followed by examining specific routes to the target, which include bypassing physical security and the exfiltration of data using a variety of techniques. You'll discover concepts such as social engineering, attacking wireless networks, web services, and embedded devices.
Once you are confident with these topics, you'll learn the practical aspects of attacking user client systems by backdooring with fileless techniques, followed by focusing on the most vulnerable part of the network – directly attacking the end user. By the end of this book, you'll have explored approaches for carrying out advanced pentesting in tightly secured environments, understood pentesting and hacking techniques employed on embedded peripheral devices.
What you will learn
- Configure the most effective Kali Linux tools to test infrastructure security
- Employ stealth to avoid detection in the infrastructure being tested
- Recognize when stealth attacks are being used against your infrastructure
- Exploit networks and data systems using wired and wireless networks as well as web services
- Identify and download valuable data from target systems
- Maintain access to compromised systems
- Use social engineering to compromise the weakest part of the network - the end users
Who this book is for
This third edition of Mastering Kali Linux for Advanced Penetration Testing is for you if you are a security analyst, pentester, ethical hacker, IT professional, or security consultant wanting to maximize the success of your infrastructure testing using some of the advanced features of Kali Linux. Prior exposure of penetration testing and ethical hacking basics will be helpful in making the most out of this book.
Table of contents
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
-
Goal-Based Penetration Testing
- Conceptual overview of security testing
- Misconceptions of vulnerability scanning, penetration testing, and red team exercises
- Objective-based penetration testing
- The testing methodology
- Introduction to Kali Linux – features
- Installing and updating Kali Linux
-
Organizing Kali Linux
- Configuring and customizing Kali Linux
- Resetting the root password
- Adding a non-root user
- Configuring network services and secure communications
- Adjusting network proxy settings
- Accessing the secure shell
- Speeding up Kali operations
- Sharing folders with the host operating system
- Using Bash scripts to customize Kali
- Building a verification lab
- Managing collaborative penetration testing using Faraday
- Summary
- Open Source Intelligence and Passive Reconnaissance
-
Active Reconnaissance of External and Internal Networks
- Stealth scanning strategies
- DNS reconnaissance and route mapping
- Employing comprehensive reconnaissance applications
- Identifying the external network infrastructure
- Mapping beyond the firewall
- IDS/IPS identification
- Enumerating hosts
- Port, operating system, and service discovery
- Writing your own port scanner using netcat
-
Large-scale scanning
- DHCP information
- Identification and enumeration of internal network hosts
- Native MS Windows commands
- ARP broadcasting
- Ping sweep
- Using scripts to combine masscan and nmap scans
- Taking advantage of SNMP
- Windows account information via SMB (Server Message Block) sessions
- Locating network shares
- Reconnaissance of active directory domain servers
- Using comprehensive tools (SPARTA)
- An example to configure SPARTA
- Summary
-
Vulnerability Assessment
- Vulnerability nomenclature
- Local and online vulnerability databases
- Vulnerability scanning with Nmap
- Web application vulnerability scanners
- Vulnerability scanners for mobile applications
- The OpenVAS network vulnerability scanner
- Commercial vulnerability scanners
- Specialized scanners
- Threat modeling
- Summary
-
Advanced Social Engineering and Physical Security
- Methodology and attack methods
- Physical attacks at the console
- Creating a rogue physical device
- The Social Engineering Toolkit (SET)
- Hiding executables and obfuscating the attacker's URL
- Escalating an attack using DNS redirection
- Launching a phishing attack
- Using bulk transfer as a mode of phishing
- Summary
-
Wireless Attacks
- Configuring Kali for wireless attacks
- Wireless reconnaissance
- Bypassing a hidden SSID
- Bypassing the MAC address authentication and open authentication
- Attacking WPA and WPA2
- Denial-of-service (DoS) attacks against wireless communications
- Compromising enterprise implementations of WPA/WPA2
- Working with Ghost Phisher
- Summary
- Exploiting Web-Based Applications
- Client-Side Exploitation
- Bypassing Security Controls
- Exploitation
- Action on the Objective and Lateral Movement
-
Privilege Escalation
- Overview of the common escalation methodology
- Escalating from domain user to system administrator
- Local system escalation
- Escalating from administrator to system
- Credential harvesting and escalation attacks
- Escalating access rights in Active Directory
- Compromising Kerberos – the golden-ticket attack
- Summary
-
Command and Control
- Persistence
- Using persistent agents
- Domain fronting
- Exfiltration of data
- Hiding evidence of an attack
- Summary
- Embedded Devices and RFID Hacking
- Other Books You May Enjoy
Product information
- Title: Mastering Kali Linux for Advanced Penetration Testing - Third Edition
- Author(s):
- Release date: January 2019
- Publisher(s): Packt Publishing
- ISBN: 9781789340563
You might also like
book
Mastering Kali Linux for Advanced Penetration Testing - Second Edition
A practical guide to testing your network’s security with Kali Linux, the preferred choice of penetration …
book
Web Penetration Testing with Kali Linux - Third Edition
Build your defense against web attacks with Kali Linux, including command injection flaws, crypto implementation layers, …
book
Mastering Kali Linux for Advanced Penetration Testing - Fourth Edition
Master key approaches used by real attackers to perform advanced pentesting in tightly secured infrastructure, cloud …
book
Kali Linux 2018: Assuring Security by Penetration Testing - Fourth Edition
Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its fourth …