Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying KALI LINUX NETWORK SCANNING COOKBOOK
  • Table Of Contents Toc
  • Feedback & Rating feedback
KALI LINUX NETWORK SCANNING COOKBOOK

KALI LINUX NETWORK SCANNING COOKBOOK

By : Justin Hutchens
4.7 (20)
Buy this Book
close
close
KALI LINUX NETWORK SCANNING COOKBOOK

KALI LINUX NETWORK SCANNING COOKBOOK

4.7 (20)
By: Justin Hutchens
Buy this Book

Overview of this book

Kali Linux Network Scanning Cookbook is intended for information security professionals and casual security enthusiasts alike. It will provide the foundational principles for the novice reader but will also introduce scripting techniques and in-depth analysis for the more advanced audience. Whether you are brand new to Kali Linux or a seasoned veteran, this book will aid in both understanding and ultimately mastering many of the most powerful and useful scanning techniques in the industry. It is assumed that the reader has some basic security testing experience.
Table of Contents (10 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Free Chapter
1
1. Getting Started
Icon
1. Getting Started
Icon
Configuring a security lab with VMware Player (Windows)
Icon
Configuring a security lab with VMware Fusion (Mac OS X)
Icon
Installing Ubuntu Server
Icon
Installing Metasploitable2
Icon
Installing Windows Server
Icon
Increasing the Windows attack surface
Icon
Installing Kali Linux
Icon
Configuring and using SSH
Icon
Installing Nessus on Kali Linux
Icon
Configuring Burp Suite on Kali Linux
Icon
Using text editors (VIM and Nano)
2
2. Discovery Scanning
Icon
2. Discovery Scanning
Icon
Using Scapy to perform layer 2 discovery
Icon
Using ARPing to perform layer 2 discovery
Icon
Using Nmap to perform layer 2 discovery
Icon
Using NetDiscover to perform layer 2 discovery
Icon
Using Metasploit to perform layer 2 discovery
Icon
Using ICMP ping to perform layer 3 discovery
Icon
Using Scapy to perform layer 3 discovery
Icon
Using Nmap to perform layer 3 discovery
Icon
Using fping to perform layer 3 discovery
Icon
Using hping3 to perform layer 3 discovery
Icon
Using Scapy to perform layer 4 discovery
Icon
Using Nmap to perform layer 4 discovery
Icon
Using hping3 to perform layer 4 discovery
3
3. Port Scanning
Icon
3. Port Scanning
Icon
UDP port scanning
Icon
TCP port scanning
Icon
UDP scanning with Scapy
Icon
UDP scanning with Nmap
Icon
UDP scanning with Metasploit
Icon
Stealth scanning with Scapy
Icon
Stealth scanning with Nmap
Icon
Stealth scanning with Metasploit
Icon
Stealth scanning with hping3
Icon
Connect scanning with Scapy
Icon
Connect scanning with Nmap
Icon
Connect scanning with Metasploit
Icon
Connect scanning with Dmitry
Icon
TCP port scanning with Netcat
Icon
Zombie scanning with Scapy
Icon
Zombie scanning with Nmap
4
4. Fingerprinting
Icon
4. Fingerprinting
Icon
Banner grabbing with Netcat
Icon
Banner grabbing with Python sockets
Icon
Banner grabbing with Dmitry
Icon
Banner grabbing with Nmap NSE
Icon
Banner grabbing with Amap
Icon
Service identification with Nmap
Icon
Service identification with Amap
Icon
Operating system identification with Scapy
Icon
Operating system identification with Nmap
Icon
Operating system identification with xProbe2
Icon
Passive operating system identification with p0f
Icon
SNMP analysis with Onesixtyone
Icon
SNMP analysis with SNMPwalk
Icon
Firewall identification with Scapy
Icon
Firewall identification with Nmap
Icon
Firewall identification with Metasploit
5
5. Vulnerability Scanning
Icon
5. Vulnerability Scanning
Icon
Vulnerability scanning with Nmap Scripting Engine
Icon
Vulnerability scanning with MSF auxiliary modules
Icon
Creating scan policies with Nessus
Icon
Vulnerability scanning with Nessus
Icon
Command-line scanning with Nessuscmd
Icon
Validating vulnerabilities with HTTP interaction
Icon
Validating vulnerabilities with ICMP interaction
6
6. Denial of Service
Icon
6. Denial of Service
Icon
Fuzz testing to identify buffer overflows
Icon
Remote FTP service buffer overflow DoS
Icon
Smurf DoS attack
Icon
DNS amplification DoS attack
Icon
SNMP amplification DoS attack
Icon
NTP amplification DoS attack
Icon
SYN flood DoS attack
Icon
Sock stress DoS attack
Icon
DoS attacks with Nmap NSE
Icon
DoS attacks with Metasploit
Icon
DoS attacks with the exploit database
7
7. Web Application Scanning
Icon
7. Web Application Scanning
Icon
Web application scanning with Nikto
Icon
SSL/TLS scanning with SSLScan
Icon
SSL/TLS scanning with SSLyze
Icon
Defining a web application target with Burp Suite
Icon
Using Burp Suite Spider
Icon
Using Burp Suite engagement tools
Icon
Using Burp Suite Proxy
Icon
Using the Burp Suite web application scanner
Icon
Using Burp Suite Intruder
Icon
Using Burp Suite Comparer
Icon
Using Burp Suite Repeater
Icon
Using Burp Suite Decoder
Icon
Using Burp Suite Sequencer
Icon
GET method SQL injection with sqlmap
Icon
POST method SQL injection with sqlmap
Icon
Requesting a capture SQL injection with sqlmap
Icon
Automating CSRF testing
Icon
Validating command injection vulnerabilities with HTTP traffic
Icon
Validating command injection vulnerabilities with ICMP traffic
8
8. Automating Kali Tools
chevron up
Icon
8. Automating Kali Tools
Icon
Nmap greppable output analysis
Icon
Nmap port scanning with targeted NSE script execution
Icon
Nmap NSE vulnerability scanning with MSF exploitation
Icon
Nessuscmd vulnerability scanning with MSF exploitation
Icon
Multithreaded MSF exploitation with reverse shell payload
Icon
Multithreaded MSF exploitation with backdoor executable
Icon
Multithreaded MSF exploitation with ICMP verification
Icon
Multithreaded MSF exploitation with admin account creation
9
Index
Icon
Index

Nmap NSE vulnerability scanning with MSF exploitation

There may also be occasions where it might be helpful to develop a script that combines vulnerability scanning with exploitation. Vulnerability scanning can often turn up false positives, so by performing subsequent exploitation of vulnerability scan findings, one can have immediate validation of the legitimacy of those findings. In this recipe, a bash script will be used to execute the smb-check-vulns.nse script to determine if a host is vulnerable to the MS08-067 NetAPI exploit, and if the NSE script indicates that it is, Metasploit will be used to automatically attempt to exploit it for verification.

Getting ready

To use the script demonstrated in this recipe, you will need to have access to a system that is running a vulnerable service that can be identified using an Nmap NSE script and can be exploited with Metasploit. In the example provided, a Windows XP system running an SMB service that is vulnerable to the MS08-067 NetAPI exploit...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 4
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY