Security Testing and Ethical Hacking with Kali Linux

Security Testing and Ethical Hacking with Kali Linux

by Ric Messier
Released January 2018
Publisher(s): O'Reilly Media, Inc.
ISBN: 9781492029311

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Analysts and engineers performing security testing or penetration testing are typically expected to deliver a report at the end of their work. In this video, created for entry-to-intermediate-level security engineers, you'll learn to use the Kali Linux toolsets that help you handle three major tasks associated with producing such reports. First, you'll learn about the Kali tools that let you manipulate and manage the sometimes overwhelming volume of data that security and penetration test generate. Second, you'll learn about the Kali tools that help you capture and organize your test notes before integrating them into your reports. Third, you'll learn about the Kali tools that let you collaborate with your security colleagues to collect, manage, and prepare comprehensive reports. Participants should have access to Kali Linux before starting this course.

  • Learn Kali toolsets that manipulate and manage large volumes of data acquired during security tests
  • Discover Kali toolsets that allow you to capture test notes and integrate them into reports
  • Explore Kali toolsets that enable collaboration and reporting among your security colleagues

Ric Messier (GCIH, GSEC, CEH, CISSP) is the Director for Cyber Academic Programs at Circadence. He has decades of information security experience and is the author of dozens of O'Reilly titles on infosec and digital forensics, including Introduction to Penetration Testing and Learning Linux Security. He holds a BS in Information Technology from the University of Massachusetts, an MS in Digital Forensic Science from Champlain College, and a PhD in Information Assurance and Security from Capella University.

Table of contents

  1. Starting with Kali Linux
    1. Introduction
    2. About the Author
    3. System Requirements
    4. Acquiring Kali Linux
    5. Tool Categories Available in Kali Linux
  2. Installation and Management
    1. Booting to Kali
    2. Installing Kali
    3. Overview of the User Interface
    4. Customizing Kali
    5. Getting Updated from the UI
    6. System Settings
  3. Command Line
    1. Using the Terminal
    2. Managing Directories
    3. File Permissions
    4. Viewing Files
    5. Using grep
    6. Using Pipes to Chain Commands
    7. Editing Files
    8. Getting Help from the Command Line
    9. Date Management
    10. Listing Services
    11. Starting and Stopping Services
  4. Package Management
    1. The Package Manager
    2. Updating and Searching for Packages
    3. Installing and Updating Packages
    4. Listing and Erasing Packages
    5. Building Packages from Source
    6. Managing Repositories
  5. Intelligence Gathering with Kali Linux
    1. Chapter Introduction
    2. About the Author
    3. System Requirements
  6. Using Maltego
    1. Starting with Maltego Community Edition
    2. Running Machines in Maltego
    3. Use Maltego to Stalk a Company
    4. Obtaining Company Footprint with Maltego
    5. Looking up People in Maltego
    6. Using Transforms
    7. Viewing Graphs
    8. Creating a Machine
  7. Gathering DNS Information
    1. Using dig
    2. Using nslookup
    3. Using dnswalk
    4. Using DNSRecon
    5. Using dnsmap
    6. Using dnsenum
  8. Other Information Gathering
    1. Passive Network Scanning
    2. Acquiring Information from Metadata (Metagoofil)
    3. Using Miranda for UPnP
    4. Using Recon-ng
    5. Using theHarvester
    6. Using snmp-check
    7. Using Parsero
  9. Vulnerability Assessment with Kali Linux
    1. Chapter Introduction
    2. About the Author
    3. System Requirements
  10. Web Vulnerabilities
    1. Quick Start Scanning with ZAProxy
    2. Using ZAProxy as a Proxy
    3. Spidering Using ZAProxy
    4. Active Scanning Using ZAProxy
    5. Fuzzing Attacks Using ZAProxy
    6. Using Breakpoints with ZAProxy
    7. Using w3af
    8. Targeted Scans Using w3af
    9. Using Arachni
    10. Using Vega
    11. Using skipfish
    12. Using Xsser
  11. OS Vulnerabilities
    1. Using Lynis for Local Vulnerability Identification
    2. Getting Started with OpenVAS
    3. Accessing OpenVAS via the Web Interface
    4. Quick Start Scanning with OpenVAS
    5. Setting Policy with OpenVAS
    6. Reviewing Reports in OpenVAS
    7. Using Root Kit Hunter
    8. Using Yersinia for Network Vulnerabilities
  12. Database Vulnerabilities
    1. Using sqlmap
    2. Using sqlninja
    3. Using HexorBase
    4. Using Jsql
  13. Working with Exploits in Kali Linux
    1. Chapter Introduction
    2. About the Author
    3. System Requirements
  14. Using Web Exploitations Tools
    1. Exploiting with w3af
    2. Exploiting with jboss-autopwn
    3. Using Commix
    4. Using Maltego Teeth
    5. Using BeEF
  15. Program Exploitation Tools
    1. Adding Vulnerabilities with Backdoor Factory
    2. Basic Vulnerable Program
    3. Compiling and Running Vulnerable Program
    4. About the Stack
    5. Using objdump
    6. Using dd debugger
    7. Setting Breakpoints
    8. Looking at Stack Using dd
    9. Manipulating the Instruction Pointer
    10. Using Social Engineer’s Toolkit
  16. Start to Finish
    1. Using Metasploit
    2. Importing Information
    3. Identifying Vulnerabilities
    4. Locating Modules
    5. Exploiting a Vulnerability
    6. Privilege Escalation to Root Using udev
    7. Maintaining Access Using Cymothoa
  17. Reporting and Password Cracking with Kali Linux
    1. Chapter Introduction
    2. About the Author
    3. System Requirements
  18. Cracking Passwords
    1. Unshadow Passwd Files
    2. Word Lists
    3. Word Lists Available in Kali
    4. Using John Using Brute Force Attack
    5. Using John with Wordlist
    6. Using Ophcrack for Rainbow Tables
    7. Using Ncrack
    8. Web Application Password Attacks
    9. Using patator
    10. Using Hydra
    11. Hydra Attacks Against Protocols
  19. Data Capture and Reporting
    1. Text Files for Notes
    2. Using Leafpad
    3. Using CutyCapt
    4. Using Faraday IDE
    5. Using KeepNote
    6. Using recordmydesktop

Product information

  • Title: Security Testing and Ethical Hacking with Kali Linux
  • Author(s): Ric Messier
  • Release date: January 2018
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781492029311