Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kali Linux 2: Windows Penetration Testing
  • Table Of Contents Toc
  • Feedback & Rating feedback
Kali Linux 2: Windows Penetration Testing

Kali Linux 2: Windows Penetration Testing

4.4 (5)
Buy this Book
close
close
Kali Linux 2: Windows Penetration Testing

Kali Linux 2: Windows Penetration Testing

4.4 (5)
Buy this Book

Overview of this book

Microsoft Windows is one of the two most common OS and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, forensics tools and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. First, you are introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities to be able to exploit a system remotely. Next, you will prove that the vulnerabilities you have found are real and exploitable. You will learn to use tools in seven categories of exploitation tools. Further, you perform web access exploits using tools like websploit and more. Security is only as strong as the weakest link in the chain. Passwords are often that weak link. Thus, you learn about password attacks that can be used in concert with other approaches to break into and own a network. Moreover, you come to terms with network sniffing, which helps you understand which users are using services you can exploit, and IP spoofing, which can be used to poison a system's DNS cache. Once you gain access to a machine or network, maintaining access is important. Thus, you not only learn penetrating in the machine you also learn Windows privilege’s escalations. With easy to follow step-by-step instructions and support images, you will be able to quickly pen test your system and network.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Free Chapter
1
1. Sharpening the Saw
chevron up
Icon
1. Sharpening the Saw
Icon
Installing Kali Linux to an encrypted USB drive
Icon
Running Kali from the live CD
Icon
Installing and configuring applications
Icon
Setting up and configuring OpenVAS
Icon
Reporting the tests
Icon
Running services on Kali Linux
Icon
Exploring the Kali Linux Top 10 and more
Icon
Summary
2
2. Information Gathering and Vulnerability Assessment
Icon
2. Information Gathering and Vulnerability Assessment
Icon
Footprinting the network
Icon
Where can you find instructions on this thing?
Icon
A return to OpenVAS
Icon
Using Maltego
Icon
Using Unicorn-Scan
Icon
Monitoring resource use with Htop
Icon
Monkeying around the network
Icon
Summary
3
3. Exploitation Tools (Pwnage)
Icon
3. Exploitation Tools (Pwnage)
Icon
Choosing the appropriate time and tool
Icon
Choosing the right version of Metasploit
Icon
Starting Metasploit
Icon
Creating workspaces to organize your attack
Icon
Using the hosts and services commands
Icon
Using advanced footprinting
Icon
Using the pivot
Icon
Creating the attack path
Icon
Summary
4
4. Web Application Exploitation
Icon
4. Web Application Exploitation
Icon
Surveying the webscape
Icon
Arm yourself with Armitage
Icon
Zinging Windows servers with OWASP ZAP
Icon
Search and destroy with Burp Suite
Icon
Summary
5
5. Sniffing and Spoofing
Icon
5. Sniffing and Spoofing
Icon
Sniffing and spoofing network traffic
Icon
Sniffing network traffic
Icon
Spoofing network traffic
Icon
Summary
6
6. Password Attacks
Icon
6. Password Attacks
Icon
Password attack planning
Icon
My friend Johnny
Icon
John the Ripper (command line)
Icon
xHydra
Icon
Adding a tool to the main menu in Kali 2.x
Icon
Summary
7
7. Windows Privilege Escalation
Icon
7. Windows Privilege Escalation
Icon
Gaining access with Metasploit
Icon
Replacing the executable
Icon
Local privilege escalation with a standalone tool
Icon
Escalating privileges with physical access
Icon
Weaseling in with Weevely
Icon
Summary
8
8. Maintaining Remote Access
Icon
8. Maintaining Remote Access
Icon
Maintaining access
Icon
Maintaining access with Ncat
Icon
The Dropbox
Icon
Cracking the NAC (Network Access Controller)
Icon
Creating a Spear-Phishing Attack with the Social Engineering Toolkit
Icon
Using Backdoor-Factory to Evade Antivirus
Icon
Summary
9
9. Reverse Engineering and Stress Testing
Icon
9. Reverse Engineering and Stress Testing
Icon
Setting up a test environment
Icon
Reverse engineering theory
Icon
Working with Boolean logic
Icon
Practicing reverse engineering
Icon
Stresstesting Windows
Icon
Summary
10
10. Forensics
Icon
10. Forensics
Icon
Getting into Digital Forensics
Icon
Exploring Guymager
Icon
Diving into Autopsy
Icon
Mounting image files
Icon
Summary
11
Index
Icon
Index

Setting up and configuring OpenVAS

Recon is everything, so a good vulnerability scanner is necessary. Kali come with OpenVAS installed. It must be configured and updated before use. Fortunately, Kali comes with a helpful script to set this up. This can be found under Applications | openvas initial setup. Clicking on this will open a terminal window and run the script for you. This will set up the self-signed certificates for SSL and download the latest vulnerability files and related data. It will also generate a password for the admin account on the system.

Tip

Be sure to save this password as you will need it to login. You can change it after your first login.

Setting up and configuring OpenVAS

Kali also comes with a check setup script which will check the services and configuration. If an issue does come up it will give you helpful information on the issue. This script can be found at Applications | Kali Linux | System Services | OpenVas | openvas check setup. Click here and a terminal window will open and run the script.

Setting up and configuring OpenVAS

The script results are as shown in the following screenshot:

Setting up and configuring OpenVAS

Note this check shows the running ports of the services. The check shows a warning that these services are only running on the local interface. This is fine for your work. It may at some point be useful for you to run the OpenVAS server on some other machine to improve the speed of your scans.

Next, we will log into the Greenbone web interface to check OpenVAS. Open the browser and go to https://localhost:9392. You will be shown the security warning for a self-signed certificate. Accept this and you will get the following login screen.

Setting up and configuring OpenVAS

You will log in with the user name admin and the very long and complex password generated during the set up. Don't worry, we're going to change that once we get logged in. Once logged in you will see the following page.

Setting up and configuring OpenVAS

Now go to the Administration | Users tab:

Setting up and configuring OpenVAS

This will take you to the user administration page. Click the wrench link to the right of the name admin and this will open the edit page for the admin user.

Setting up and configuring OpenVAS

This will take you to the edit page. Change the radio button for Use existing value to the blank field and add your new password and click the Save button.

Setting up and configuring OpenVAS

We've now finished the setup of OpenVAS and we're ready to do some real work.

End of Section 5
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY