Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Kali Linux - An Ethical Hacker's Cookbook
  • Toc
  • feedback
Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

By : Himanshu Sharma
3.8 (20)
close
Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

3.8 (20)
By: Himanshu Sharma

Overview of this book

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) according to your needs, and move on to core functionalities. This book will start with the installation and configuration of Kali Linux so that you can perform your tests. You will learn how to plan attack strategies and perform web application exploitation using tools such as Burp, and Jexboss. You will also learn how to perform network exploitation using Metasploit, Sparta, and Wireshark. Next, you will perform wireless and password attacks using tools such as Patator, John the Ripper, and airoscript-ng. Lastly, you will learn how to create an optimum quality pentest report! By the end of this book, you will know how to conduct advanced penetration testing thanks to the book’s crisp and task-oriented recipes.
Table of Contents (13 chapters)
close
close
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Kali – An Introduction
chevron up
Kali – An Introduction
Introduction
Configuring Kali Linux
Configuring the Xfce environment
Configuring the Mate environment
Configuring the LXDE environment
Configuring the e17 environment
Configuring the KDE environment
Prepping up with custom tools
Pentesting VPN's ike-scan
Setting up proxychains
Going on a hunt with Routerhunter
2
Gathering Intel and Planning Attack Strategies
Gathering Intel and Planning Attack Strategies
Introduction
Getting a list of subdomains
Using Shodan for fun and profit
Shodan Honeyscore
Shodan plugins
Using Nmap to find open ports
Bypassing firewalls with Nmap
Searching for open directories
Performing deep magic with DMitry
Hunting for SSL flaws
Exploring connections with intrace
Digging deep with theharvester
Finding the technology behind web apps
Scanning IPs with masscan
Sniffing around with Kismet
Testing routers with firewalk
3
Vulnerability Assessment
Vulnerability Assessment
Introduction
Using the infamous Burp
Exploiting WSDLs with Wsdler
Using Intruder
Web app pentest with Vega
Exploring SearchSploit
Exploiting routers with RouterSploit
Using Metasploit
Automating Metasploit
Writing a custom resource script
Databases in Metasploit
4
Web App Exploitation – Beyond OWASP Top 10
Web App Exploitation – Beyond OWASP Top 10
Introduction
Exploiting XSS with XSS Validator
Injection attacks with sqlmap
Owning all .svn and .git repositories
Winning race conditions
Exploiting JBoss with JexBoss
Exploiting PHP Object Injection
Backdoors using web shells
Backdoors using meterpreters
5
Network Exploitation on Current Exploitation
Network Exploitation on Current Exploitation
Introduction
Man in the middle with hamster and ferret
Exploring the msfconsole
Railgun in Metasploit
Using the paranoid meterpreter
A tale of a bleeding heart
Redis exploitation
Say no to SQL – owning MongoDBs
Embedded device hacking
Elasticsearch exploit
Good old Wireshark
This is Sparta!
6
Wireless Attacks – Getting Past Aircrack-ng
Wireless Attacks – Getting Past Aircrack-ng
Introduction
7
Password Attacks – The Fault in Their Stars
Password Attacks – The Fault in Their Stars
Introduction
Identifying different types of hash in the wild!
Using hash-identifier
Cracking with patator
Cracking hashes online
Playing with John the ripper
Johnny Bravo!
Using cewl
Generating word list with crunch
8
Have Shell Now What?
Have Shell Now What?
Introduction
Spawning a TTY Shell
Looking for weakness
Horizontal escalation
Vertical escalation
Node hopping – pivoting
Privilege escalation on Windows
Using PowerSploit
Pulling plaintext passwords with mimikatz
Dumping other saved passwords from the machine
Pivoting into the network
Backdooring for persistence
9
Buffer Overflows
Buffer Overflows
Introduction
Exploiting stack-based buffer overflows
Exploiting buffer overflow on real software
SEH bypass
Exploiting egg hunters
An overview of ASLR and NX bypass
10
Playing with Software-Defined Radios
Playing with Software-Defined Radios
Introduction
Radio frequency scanners
Hands-on with RTLSDR scanner
Playing around with gqrx
Kalibrating device for GSM tapping
Decoding ADS-B messages with Dump1090
11
Kali in Your Pocket – NetHunters and Raspberries
Kali in Your Pocket – NetHunters and Raspberries
Introduction
Installing Kali on Raspberry Pi
Installing NetHunter
Superman typing – HID attacks
Can I charge my phone?
Setting up an evil access point
12
Writing Reports
Writing Reports
Introduction
Generating reports using Dradis
Using MagicTree

Setting up proxychains

Sometimes we need to remain untraceable while performing a pentest activity. Proxychains helps us by allowing us to use an intermediary system whose IP can be left in the logs of the system without the worry of it tracing back to us.

Proxychains is a tool that allows any application to follow connection via proxy such as SOCKS5, Tor, and so on.

How to do it...

Proxychains is already installed in Kali. However, we need a list of proxies into its configuration file that we want to use:

  1. To do that we open the config file of proxychains in a text editor with this command:
        leafpad /etc/proxychains.conf

The following screenshot shows the output for the preceding command:

We can add all the proxies we want in the preceding highlighted area and then save.

Proxychains also allows us to use dynamic chain or random chain while connecting to proxy servers.

  1. In the config file uncomment the dynamic_chain or random_chain:

Using proxychains with tor

To learn about tor follow the given steps:

  1. To use proxychains with tor we first need to install tor using the following command:
        apt-get install tor
  1. Once it is installed we run tor by typing tor in the Terminal.
  2. We then open another Terminal and type the following command to use an application via proxychains:
        proxychains toolname -arguments

The following screenshot shows the example of the preceding commands:

End of Section 11
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete