Kali Linux Revealed - Mastering the Penetration Testing Distribution

Cover
Contents
Preface
Foreword
Introduction
1. About Kali Linux
	A Bit of History
	Relationship with Debian
		The Flow of Packages
		Managing the Difference with Debian
	Purpose and Use Cases
	Main Kali Linux Features
		A Live System
		Forensics Mode
		A Custom Linux Kernel
		Completely Customizable
		A Trustable Operating System
		Usable on a Wide Range of ARM Devices
	Kali Linux Policies
		Network Services Disabled by Default
		A Curated Collection of Applications
	Summary
2. Getting Started with Kali Linux
	Downloading a Kali ISO Image
		Where to Download
		What to Download
		Verifying Integrity and Authenticity
			Relying on the TLS-Protected Website
			Relying on PGP's Web of Trust
		Copying the Image on a DVD-ROM or USB Key
			Creating a Bootable Kali USB Drive on Windows
			Creating a Bootable Kali USB Drive on Linux
			Creating a Bootable Kali USB Drive on OS X/macOS
	Booting a Kali ISO Image in Live Mode
		On a Real Computer
		In a Virtual Machine
			Preliminary Remarks
			VirtualBox
			VMware Workstation
	Summary
3. Linux Fundamentals
	What Is Linux and What Is It Doing?
		Driving Hardware
		Unifying File Systems
		Managing Processes
		Rights Management
	The Command Line
		How To Get a Command Line
		Command Line Basics: Browsing the Directory Tree and Managing Files
	The File System
		The Filesystem Hierarchy Standard
		The User's Home Directory
	Useful Commands
		Displaying and Modifying Text Files
		Searching for Files and within Files
		Managing Processes
		Managing Rights
		Getting System Information and Logs
		Discovering the Hardware
	Summary
4. Installing Kali Linux
	Minimal Installation Requirements
	Step by Step Installation on a Hard Drive
		Plain Installation
			Booting and Starting the Installer
			Selecting the Language
			Selecting the Country
			Selecting the Keyboard Layout
			Detecting Hardware
			Loading Components
			Detecting Network Hardware
			Configuring the Network
			User Creation
			Configuring the Clock
			Detecting Disks and Other Devices
			Partitioning
			Copying the Live Image
			Configuring the Package Manager (apt)
			Installing Metapackages
			Installing the GRUB Boot Loader
			Finishing the Installation and Rebooting
		Installation on a Fully Encrypted File System
			Introduction to LVM
			Introduction to LUKS
			Setting Up Encrypted Partitions
			End of the Guided Partitioning with Encrypted LVM
	Unattended Installations
		Preseeding Answers
			With Boot Parameters
			With a Preseed File in the Initrd
			With a Preseed File in the Boot Media
			With a Preseed File Loaded from the Network
		Creating a Preseed File
	ARM Installations
	Troubleshooting Installations
	Summary
5. Configuring Kali Linux
	Configuring the Network
		On the Desktop with NetworkManager
		On the Command Line with Ifupdown
		On the Command Line with systemd-networkd
	Managing Unix Users and Unix Groups
		Creating User Accounts
		Modifying an Existing Account or Password
		Disabling an Account
		Managing Unix Groups
	Configuring Services
		Configuring a Specific Program
		Configuring SSH for Remote Logins
		Configuring PostgreSQL Databases
			Connection Type and Client Authentication
			Creating Users and Databases
			Managing PostgreSQL Clusters
		Configuring Apache
			Configuring Virtual Hosts
			Common Directives
	Managing Services
	Summary
6. Helping Yourself and Getting Help
	Documentation Sources
		Manual Pages
		Info Documents
		Package-Specific Documentation
		Websites
		Kali Documentation at kali.org/docs/
	Kali Linux Communities
		Forums on forums.kali.org
		#kali-linux IRC Channel on Freenode
	Filing a Good Bug Report
		Generic Recommendations
			How to Communicate
			What to Put in the Bug Report
			Miscellaneous Tips
		Where to File a Bug Report
		How to File a Bug Report
			Filing a Bug Report in Kali
			Filing a Bug Report in Debian
			Filing a Bug Report in another Free Software Project
	Summary
7. Securing and Monitoring Kali Linux
	Defining a Security Policy
	Possible Security Measures
		On a Server
		On a Laptop
	Securing Network Services
	Firewall or Packet Filtering
		Netfilter Behavior
		Syntax of iptables and ip6tables
			Commands
			Rules
		Creating Rules
		Installing the Rules at Each Boot
	Monitoring and Logging
		Monitoring Logs with logcheck
		Monitoring Activity in Real Time
		Detecting Changes
			Auditing Packages with dpkg --verify
			Monitoring Files: AIDE
	Summary
8. Debian Package Management
	Introduction to APT
		Relationship between APT and dpkg
		Understanding the sources.list File
		Kali Repositories
			The Kali-Rolling Repository
			The Kali-Dev Repository
			The Kali Linux Mirrors
	Basic Package Interaction
		Initializing APT
		Installing Packages
			Installing Packages with dpkg
			Installing Packages with APT
		Upgrading Kali Linux
		Removing and Purging Packages
		Inspecting Packages
			Querying dpkg's Database and Inspecting .deb Files
			Querying the Database of Available Packages with apt-cache and apt
		Troubleshooting
			Handling Problems after an Upgrade
			The dpkg Log File
			Reinstalling Packages with apt --reinstall and aptitude reinstall
			Leveraging --force-* to Repair Broken Dependencies
		Frontends: aptitude and synaptic
			Aptitude
			Synaptic
	Advanced APT Configuration and Usage
		Configuring APT
		Managing Package Priorities
		Working with Several Distributions
		Tracking Automatically Installed Packages
		Leveraging Multi-Arch Support
			Enabling Multi-Arch
			Multi-Arch Related Changes
		Validating Package Authenticity
	APT Package Reference: Digging Deeper into the Debian Package System
		The control File
			Dependencies: the Depends Field
			Pre-Depends, a More Demanding Depends
			Recommends, Suggests, and Enhances Fields
			Conflicts: the Conflicts Field
			Incompatibilities: the Breaks Field
			Provided Items: the Provides Field
			Replacing Files: The Replaces Field
		Configuration Scripts
			Installation and Upgrade Script Sequence
			Package Removal
		Checksums, Conffiles
	Summary
9. Advanced Usage
	Modifying Kali Packages
		Getting the Sources
		Installing Build Dependencies
		Making Changes
			Applying a Patch
			Tweaking Build Options
			Packaging a New Upstream Version
		Starting the Build
	Recompiling the Linux Kernel
		Introduction and Prerequisites
		Getting the Sources
		Configuring the Kernel
		Compiling and Building the Package
	Building Custom Kali Live ISO Images
		Installing Pre-Requisites
		Building Live Images with Different Desktop Environments
		Changing the Set of Installed Packages
		Using Hooks to Tweak the Contents of the Image
		Adding Files in the ISO Image or in the Live Filesystem
	Adding Persistence to the Live ISO with a USB Key
		The Persistence Feature: Explanations
		Setting Up Unencrypted Persistence on a USB Key
		Setting Up Encrypted Persistence on a USB Key
		Using Multiple Persistence Stores
	Summary
		Summary Tips for Modifying Kali Packages
		Summary Tips for Recompiling the Linux Kernel
		Summary Tips for Building Custom Kali Live ISO Images
10. Kali Linux in the Enterprise
	Installing Kali Linux Over the Network (PXE Boot)
	Leveraging Configuration Management
		Setting Up SaltStack
		Executing Commands on Minions
		Salt States and Other Features
	Extending and Customizing Kali Linux
		Forking Kali Packages
		Creating Configuration Packages
		Creating a Package Repository for APT
	Summary
11. Introduction to Security Assessments
	Kali Linux in an Assessment
	Types of Assessments
		Vulnerability Assessment
			Likelihood of Occurrence
			Impact
			Overall Risk
			In Summary
		Compliance Penetration Test
		Traditional Penetration Test
		Application Assessment
	Formalization of the Assessment
	Types of Attacks
		Denial of Service
		Memory Corruption
		Web Vulnerabilities
		Password Attacks
		Client-Side Attacks
	Summary
12. Conclusion: The Road Ahead
	Keeping Up with Changes
	Showing Off Your Newly Gained Knowledge
	Going Further
		Towards System Administration
		Towards Penetration Testing
Index