Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying KALI LINUX NETWORK SCANNING COOKBOOK
  • Table Of Contents Toc
  • Feedback & Rating feedback
KALI LINUX NETWORK SCANNING COOKBOOK

KALI LINUX NETWORK SCANNING COOKBOOK

By : Justin Hutchens
4.7 (20)
Buy this Book
close
close
KALI LINUX NETWORK SCANNING COOKBOOK

KALI LINUX NETWORK SCANNING COOKBOOK

4.7 (20)
By: Justin Hutchens
Buy this Book

Overview of this book

Kali Linux Network Scanning Cookbook is intended for information security professionals and casual security enthusiasts alike. It will provide the foundational principles for the novice reader but will also introduce scripting techniques and in-depth analysis for the more advanced audience. Whether you are brand new to Kali Linux or a seasoned veteran, this book will aid in both understanding and ultimately mastering many of the most powerful and useful scanning techniques in the industry. It is assumed that the reader has some basic security testing experience.
Table of Contents (10 chapters)
close
close
Preface
In Progress | 0 / 7 sections completed | 0%
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Free Chapter
1
1. Getting Started
In Progress | 0 / 12 sections completed | 0%
Icon
1. Getting Started
Icon
Configuring a security lab with VMware Player (Windows)
Icon
Configuring a security lab with VMware Fusion (Mac OS X)
Icon
Installing Ubuntu Server
Icon
Installing Metasploitable2
Icon
Installing Windows Server
Icon
Increasing the Windows attack surface
Icon
Installing Kali Linux
Icon
Configuring and using SSH
Icon
Installing Nessus on Kali Linux
Icon
Configuring Burp Suite on Kali Linux
Icon
Using text editors (VIM and Nano)
2
2. Discovery Scanning
In Progress | 0 / 14 sections completed | 0%
Icon
2. Discovery Scanning
Icon
Using Scapy to perform layer 2 discovery
Icon
Using ARPing to perform layer 2 discovery
Icon
Using Nmap to perform layer 2 discovery
Icon
Using NetDiscover to perform layer 2 discovery
Icon
Using Metasploit to perform layer 2 discovery
Icon
Using ICMP ping to perform layer 3 discovery
Icon
Using Scapy to perform layer 3 discovery
Icon
Using Nmap to perform layer 3 discovery
Icon
Using fping to perform layer 3 discovery
Icon
Using hping3 to perform layer 3 discovery
Icon
Using Scapy to perform layer 4 discovery
Icon
Using Nmap to perform layer 4 discovery
Icon
Using hping3 to perform layer 4 discovery
3
3. Port Scanning
In Progress | 0 / 17 sections completed | 0%
chevron up
Icon
3. Port Scanning
Icon
UDP port scanning
Icon
TCP port scanning
Icon
UDP scanning with Scapy
Icon
UDP scanning with Nmap
Icon
UDP scanning with Metasploit
Icon
Stealth scanning with Scapy
Icon
Stealth scanning with Nmap
Icon
Stealth scanning with Metasploit
Icon
Stealth scanning with hping3
Icon
Connect scanning with Scapy
Icon
Connect scanning with Nmap
Icon
Connect scanning with Metasploit
Icon
Connect scanning with Dmitry
Icon
TCP port scanning with Netcat
Icon
Zombie scanning with Scapy
Icon
Zombie scanning with Nmap
4
4. Fingerprinting
In Progress | 0 / 17 sections completed | 0%
Icon
4. Fingerprinting
Icon
Banner grabbing with Netcat
Icon
Banner grabbing with Python sockets
Icon
Banner grabbing with Dmitry
Icon
Banner grabbing with Nmap NSE
Icon
Banner grabbing with Amap
Icon
Service identification with Nmap
Icon
Service identification with Amap
Icon
Operating system identification with Scapy
Icon
Operating system identification with Nmap
Icon
Operating system identification with xProbe2
Icon
Passive operating system identification with p0f
Icon
SNMP analysis with Onesixtyone
Icon
SNMP analysis with SNMPwalk
Icon
Firewall identification with Scapy
Icon
Firewall identification with Nmap
Icon
Firewall identification with Metasploit
5
5. Vulnerability Scanning
In Progress | 0 / 8 sections completed | 0%
Icon
5. Vulnerability Scanning
Icon
Vulnerability scanning with Nmap Scripting Engine
Icon
Vulnerability scanning with MSF auxiliary modules
Icon
Creating scan policies with Nessus
Icon
Vulnerability scanning with Nessus
Icon
Command-line scanning with Nessuscmd
Icon
Validating vulnerabilities with HTTP interaction
Icon
Validating vulnerabilities with ICMP interaction
6
6. Denial of Service
In Progress | 0 / 12 sections completed | 0%
Icon
6. Denial of Service
Icon
Fuzz testing to identify buffer overflows
Icon
Remote FTP service buffer overflow DoS
Icon
Smurf DoS attack
Icon
DNS amplification DoS attack
Icon
SNMP amplification DoS attack
Icon
NTP amplification DoS attack
Icon
SYN flood DoS attack
Icon
Sock stress DoS attack
Icon
DoS attacks with Nmap NSE
Icon
DoS attacks with Metasploit
Icon
DoS attacks with the exploit database
7
7. Web Application Scanning
In Progress | 0 / 20 sections completed | 0%
Icon
7. Web Application Scanning
Icon
Web application scanning with Nikto
Icon
SSL/TLS scanning with SSLScan
Icon
SSL/TLS scanning with SSLyze
Icon
Defining a web application target with Burp Suite
Icon
Using Burp Suite Spider
Icon
Using Burp Suite engagement tools
Icon
Using Burp Suite Proxy
Icon
Using the Burp Suite web application scanner
Icon
Using Burp Suite Intruder
Icon
Using Burp Suite Comparer
Icon
Using Burp Suite Repeater
Icon
Using Burp Suite Decoder
Icon
Using Burp Suite Sequencer
Icon
GET method SQL injection with sqlmap
Icon
POST method SQL injection with sqlmap
Icon
Requesting a capture SQL injection with sqlmap
Icon
Automating CSRF testing
Icon
Validating command injection vulnerabilities with HTTP traffic
Icon
Validating command injection vulnerabilities with ICMP traffic
8
8. Automating Kali Tools
In Progress | 0 / 9 sections completed | 0%
Icon
8. Automating Kali Tools
Icon
Nmap greppable output analysis
Icon
Nmap port scanning with targeted NSE script execution
Icon
Nmap NSE vulnerability scanning with MSF exploitation
Icon
Nessuscmd vulnerability scanning with MSF exploitation
Icon
Multithreaded MSF exploitation with reverse shell payload
Icon
Multithreaded MSF exploitation with backdoor executable
Icon
Multithreaded MSF exploitation with ICMP verification
Icon
Multithreaded MSF exploitation with admin account creation
9
Index
In Progress | 0 / 1 sections completed | 0%
Icon
Index

Stealth scanning with Nmap

Nmap also has a scanning mode that performs SYN scanning of remote systems. This recipe demonstrates how we can use Nmap to perform a TCP stealth scan.

Getting ready

To use Nmap to perform a TCP stealth scan, you will need to have a remote system that is running accessible network services over TCP. In the examples provided, an instance of Metasploitable2 is used to perform this task. For more information on how to set up Metasploitable2, refer to Chapter 1, Getting Started.

How to do it…

As with most scanning requirements, Nmap has an option that simplifies and streamlines the process of performing TCP stealth scans. To perform TCP stealth scans with Nmap, the -sS option should be used with the IP address of the host that is to be scanned:

root@KaliLinux:~# nmap -sS 172.16.36.135 -p 80

Starting Nmap 6.25 ( http://nmap.org ) at 2013-12-17 21:47 EST
Nmap scan report for 172.16.36.135
Host is up (0.00043s latency).
PORT   STATE SERVICE
80/tcp open  http
MAC Address...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 12
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY