Learning Kali Linux: Security Testing, Penetration Testing & Ethical Hacking

Copyright
Table of Contents
Preface
	What This Book Covers
	New in This Edition
	Who This Book Is For
	The Value and Importance of Ethics
	Conventions Used in This Book
	O’Reilly Online Learning
	How to Contact Us
	Acknowledgments
Chapter 1. Foundations of Kali Linux
	Heritage of Linux
	About Linux
	Acquiring and Installing Kali Linux
		Virtual Machines
		Low-Cost Computing
		Windows Subsystem for Linux
	Desktops
		Xfce Desktop
		GNOME Desktop
		Logging In Through the Desktop Manager
		Cinnamon and MATE
	Using the Command Line
		File and Directory Management
		Process Management
		Other Utilities
	User Management
	Service Management
	Package Management
	Remote Access
	Log Management
	Summary
	Useful Resources
Chapter 2. Network Security Testing Basics
	Security Testing
	Network Security Testing
		Monitoring
		Layers
		Stress Testing
		Denial-of-Service Tools
	Encryption Testing
	Packet Captures
		Using tcpdump
		Berkeley Packet Filters
		Wireshark
	Poisoning Attacks
		ARP Spoofing
		DNS Spoofing
	Summary
	Useful Resources
Chapter 3. Reconnaissance
	What Is Reconnaissance?
	Open Source Intelligence
		Google Hacking
		Automating Information Grabbing
		Recon-ng
		Maltego
	DNS Reconnaissance and whois
		DNS Reconnaissance
		Regional Internet Registries
	Passive Reconnaissance
	Port Scanning
		TCP Scanning
		UDP Scanning
		Port Scanning with nmap
		High-Speed Scanning
	Service Scanning
	Manual Interaction
	Summary
	Useful Resources
Chapter 4. Looking for Vulnerabilities
	Understanding Vulnerabilities
	Vulnerability Types
		Buffer Overflow
		Race Condition
		Input Validation
		Access Control
	Vulnerability Scanning
	Local Vulnerabilities
		Using lynis for Local Checks
		OpenVAS Local Scanning
		Root Kits
	Remote Vulnerabilities
		Quick Start with OpenVAS
		Creating a Scan
		OpenVAS Reports
	Network Device Vulnerabilities
		Auditing Devices
		Database Vulnerabilities
	Identifying New Vulnerabilities
	Summary
	Useful Resources
Chapter 5. Automated Exploits
	What Is an Exploit?
	Cisco Attacks
		Management Protocols
		Other Devices
	Exploit Database
	Metasploit
		Starting with Metasploit
		Working with Metasploit Modules
		Importing Data
		Exploiting Systems
	Armitage
	Social Engineering
	Summary
	Useful Resources
Chapter 6. Owning Metasploit
	Scanning for Targets
		Port Scanning
		SMB Scanning
		Vulnerability Scanning
	Exploiting Your Target
	Using Meterpreter
		Meterpreter Basics
		User Information
		Process Manipulation
	Privilege Escalation
	Pivoting to Other Networks
	Maintaining Access
	Cleaning Up
	Summary
	Useful Resources
Chapter 7. Wireless Security Testing
	The Scope of Wireless
		802.11
		Bluetooth
		Zigbee
	WiFi Attacks and Testing Tools
		802.11 Terminology and Functioning
		Identifying Networks
		WPS Attacks
		Automating Multiple Tests
		Injection Attacks
	Password Cracking on WiFi
		besside-ng
		coWPAtty
		Aircrack-ng
		Fern
	Going Rogue
		Hosting an Access Point
		Phishing Users
		Wireless Honeypot
	Bluetooth Testing
		Scanning
		Service Identification
		Other Bluetooth Testing
	Home Automation Testing
	Summary
	Useful Resources
Chapter 8. Web Application Testing
	Web Architecture
		Firewall
		Load Balancer
		Web Server
		Application Server
		Database Server
	Cloud-Native Design
	Web-Based Attacks
		SQL Injection
		XML Entity Injection
		Command Injection
		Cross-Site Scripting
		Cross-Site Request Forgery
		Session Hijacking
	Using Proxies
		Burp Suite
		Zed Attack Proxy
		WebScarab
		Paros Proxy
	Automated Web Attacks
		Recon
		nikto
		wapiti
		dirbuster and gobuster
		Java-Based Application Servers
	SQL-Based Attacks
	Content Management System Testing
	Assorted Tasks
	Summary
	Useful Resources
Chapter 9. Cracking Passwords
	Password Storage
		Security Account Manager
		PAM and Crypt
	Acquiring Passwords
	Offline Cracking
		John the Ripper
		Rainbow Tables
		HashCat
	Online Cracking
		Hydra
		Patator
	Web-Based Cracking
	Summary
	Useful Resources
Chapter 10. Advanced Techniques and Concepts
	Programming Basics
		Compiled Languages
		Interpreted Languages
		Intermediate Languages
		Compiling and Building
	Programming Errors
		Buffer Overflows
		Heap Overflows
		Return to libc
	Writing Nmap Modules
	Extending Metasploit
	Maintaining Access and Cleanup
		Metasploit and Cleanup
		Maintaining Access
	Summary
	Useful Resources
Chapter 11. Reverse Engineering and Program Analysis
	Memory Management
	Program and Process Structures
		Portable Executable
		Executable and Linkable Format
	Debugging
	Disassembly
		Java Decompilation
	Reverse Engineering
		Radare2
		Cutter
		Ghidra
	Summary
	Resources
Chapter 12. Digital Forensics
	Disks, Filesystems, and Images
		Filesystems
		Acquiring Disk Images
		Introducing The Sleuth Kit
		Using Autopsy
	File Analysis
		File from Disk Images
		Recovering Deleted Files
	Data Searches
		Hidden Data
		PDF Analysis
		Steganography
	Memory Forensics
	Summary
	Resources
Chapter 13. Reporting
	Determining Threat Potential and Severity
	Writing Reports
		Audience
		Executive Summary
		Methodology
		Findings
	Managing Results
		Text Editors
		GUI-Based Editors
		Notes
		Cherry Tree
		Capturing Data
	Organizing Your Data
		Dradis Framework
		CaseFile
	Summary
	Useful Resources
Index
About the Author
Colophon