O'Reilly logo
live online training icon Live Online training

Network security testing with Kali Linux

Topic: Security
Ric Messier

Network security testing identifies and mitigates security vulnerabilities that put your assets at risk. By performing security testing, you can ensure that your current network security policies and practices are effectively protecting your data and systems, identify areas of weakness, and proactively build stronger network defenses.

Kali Linux is a popular Linux distribution for security testing, but with over 600 security tools built into the distribution, the variety and options can be overwhelming, especially to those new to Kali. Join Ric Messier for a hands-on introduction to Kali Linux. You'll explore essential tools for security testing and get hands-on experience using them as you learn about network security monitoring, stress testing, poisoning attacks, and encryption.

What you'll learn-and how you can apply it

By the end of this live online course, you’ll understand:

  • What network security testing is
  • The purpose of security testing and expected outcomes
  • Tactics and techniques used for network security testing

And you’ll be able to:

  • Utilize Kali-based tools to stress test networks and services
  • Craft packets from scratch to send targeted messages that an application may not create
  • Perform spoofing attacks against systems on the network
  • Monitor testing

This training course is for you because...

  • You have some experience with Linux but want more experience using network testing tools.
  • You’re aware of some of the network security tools in Kali but want to understand the best methodologies and tactics for security testing.
  • You want to begin implementing Kali-based tools for network security testing.


  • A machine or virtual machine with Kali Linux installed

Recommended preparation:

Security Testing and Ethical Hacking with Kali Linux (video)

Learning Kali Linux (book)

Ethical Hacking (video)

Security Testing with Kali Linux (live online training)

Implementing and Troubleshooting TCP/IP (live online training)

About your instructor

  • Ric Messier is a senior information security consultant with FireEye Mandiant. He’s also an author, consultant, and educator who has published several books on information security and digital forensics, and he holds GCIH, GSEC, CEH, and CISSP certifications. In his decades of experience in information technology and information security, Ric has held the varied roles of programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor.


The timeframes are only estimates and may vary according to how the class is progressing

What is security testing? (10 minutes)

  • Lecture: Security testing—what it is and what it isn’t
  • Discussion: What would you use security testing concepts for?

Monitoring (20 minutes)

  • Lecture: tcpdump and Wireshark; BPF filters
  • Hands-on exercise: Capture traffic using tcpdump and analyze with Wireshark
  • Discussion: How would you handle cases where you are remote?

Stress testing (25 minutes)

  • Lecture: Crafted packets—hping; malformed packets—fragroute; denial-of-service attacks
  • Hands-on exercise: Use Slowloris and fragroute, capturing the results with tcpdump
  • Discussion: What other sorts of denial-of-service conditions might be tested or induced?

Break (10 minutes)

Poisoning attacks (25 minutes)

  • Lecture: Using arpspoof; using Ettercap; spoofing at higher layers
  • Hands-on exercise: Attempt to spoof traffic on your local network

Dealing with encryption (20 minutes)

  • Lecture: Testing for weak encryption; interacting with encrypted services; denial-of-service attacks against encrypted services
  • Discussion: How do we move forward with network-based testing if everything is encrypted?

Wrap-up and Q&A (10 minutes)