Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Kali Linux Cookbook
  • Toc
  • feedback
Kali Linux Cookbook

Kali Linux Cookbook

By : Perciaccante, Corey Schultz
4.3 (9)
close
Kali Linux Cookbook

Kali Linux Cookbook

4.3 (9)
By: Perciaccante, Corey Schultz

Overview of this book

Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world’s most popular penetration testing distribution. Kali Linux is the most widely used platform and toolkit for penetration testing. Security is currently the hottest field in technology with a projected need for millions of security professionals. This book focuses on enhancing your knowledge in Kali Linux for security by expanding your skills with toolkits and frameworks that can increase your value as a security professional. Kali Linux Cookbook, Second Edition starts by helping you install Kali Linux on different options available. You will also be able to understand the lab architecture and install a Windows host for use in the lab. Next, you will understand the concept of vulnerability analysis and look at the different types of exploits. The book will introduce you to the concept and psychology of Social Engineering and password cracking. You will then be able to use these skills to expand the scope of any breaches you create. Finally, the book will guide you in exploiting specific technologies and gaining access to other systems in the environment. By the end of this book, you will have gained the core knowledge and concepts of the penetration testing process.
Table of Contents (11 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Readers feedback
Customer support
Free Chapter
1
Installing Kali and the Lab Setup
Installing Kali and the Lab Setup
Introduction
Lab architecture and considerations
Installing VirtualBox
Installing Kali on VirtualBox
Using Kali Linux from bootable media
Upgrading Kali Linux
Understanding the advanced customization and optimization of Kali
Installing Windows machines
Installing Metasploitable
Installing OWASP-BWA
Understanding hack me and other online resources
2
Reconnaissance and Scanning
Reconnaissance and Scanning
Introduction
Using KeepNote to organize our data
Getting up and running with Maltego CE
Gathering domain information
Gathering public IP information
Gathering external routing information
Gathering internal routing information
Gathering cloud service information
Identifying network hosts
Profiling hosts
Identifying whether there is a web application firewall
Using SNMP to gather more information
3
Vulnerability Analysis
chevron up
Vulnerability Analysis
Introduction
Installation and configuration of OpenVAS
A basic vulnerability scanning with OpenVAS
Advanced vulnerability scanning with OpenVAS
Installation and Configuration of Nessus
A basic vulnerability scanning with Nessus
Advanced vulnerability scanning with Nessus
The installation and configuration of Nexpose
Basic vulnerability scanning with Nexpose
Advanced vulnerability scanning with Nexpose
4
Finding Exploits in the Target
Finding Exploits in the Target
Introduction
Searching the local exploit database
Searching the online exploit database
The Metasploit setup and configuration
The Armitage setup
Basic exploit attacks with Armitage
Advanced attacks with Armitage
Using the backdoor factory and Armitage
5
Social Engineering
Social Engineering
Introduction
Phishing attacks
Spear-phishing attacks
Credential harvesting with SET
Web jacking
PowerShell attack vector
QRCode attack vector
Infectious media generator
Obfuscating and manipulating URLs
DNS spoofing and ARP spoofing
DHCP spoofing
6
Password Cracking
Password Cracking
Introduction
Resetting local Windows machine password
Cracking remote Windows machine passwords
Windows domain password attacks
Cracking local Linux password hashes
Cracking password hashes with a wordlist
Brute force password hashes
Cracking FTP passwords
Cracking Telnet and SSH passwords
Cracking RDP and VNC passwords
Cracking ZIP file passwords
7
Privilege Escalation
Privilege Escalation
Introduction
Establishing a connection as an elevated user
Remotely bypassing Windows UAC
Local Linux system check for privilege escalation
Local Linux privilege escalation
Remote Linux privilege escalation
DirtyCOW privilege escalation for Linux
8
Wireless Specific Recipes
Wireless Specific Recipes
Introduction
Scanning for wireless networks
Bypassing MAC-based authentication
Breaking WEP encryption
Obtaining WPA/WPA2 keys
Exploiting guest access
Rogue AP deployment
Using wireless networks to scan internal networks
9
Web and Database Specific Recipes
Web and Database Specific Recipes
Introduction
Creating an offline copy of a web application
Scanning for vulnerabilities
Launching website attacks
Scanning WordPress
Hacking WordPress
Performing SQL injection attacks
10
Maintaining Access
Maintaining Access
Introduction
Pivoting and expanding access to the network
Using persistence to maintain system access
Using cymothoa to create a Linux backdoor
Protocol spoofing using pingtunnel
Protocol spoofing using httptunnel
Hiding communications with cryptcat

Installation and configuration of OpenVAS

Since the default Kali Linux media does not include OpenVAS with the initial installation, we will need to perform a full, fresh installation. This is done from the console or over a remote connection.

OpenVAS is an open source vulnerability management platform that was created as a fork of the venerable Nessus platform when Tenable Network Security moved Nessus to a closed source (initially named GNessUs). Over time, the OpenVAS framework became part of the Greenbone Network's commercial vulnerability management solution. Greenbone continues to contribute to OpenVAS, ensuring that it stays up to date and relevant.

Considering that OpenVAS is accessible through a web browser as well as the command line, it is a very powerful tool that can be leveraged either locally through the command line or a browser, or it can be put in place...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 3
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete