Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Kali Linux Wireless Pentesting
  • Toc
  • feedback
Mastering Kali Linux Wireless Pentesting

Mastering Kali Linux Wireless Pentesting

By : Raghu Ram, Sak
close
Mastering Kali Linux Wireless Pentesting

Mastering Kali Linux Wireless Pentesting

By: Raghu Ram, Sak

Overview of this book

Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit. This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology. By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.
Table of Contents (11 chapters)
close
close
Preface
chevron up
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
1. Wireless Penetration Testing Fundamentals
1. Wireless Penetration Testing Fundamentals
Wireless communication
Wireless standards
Choosing the right equipment
Kali Linux for the wireless pentester
Summary
2
2. Wireless Network Scanning
2. Wireless Network Scanning
Wireless network discovery
802.11 network terminology
The scanning phase
Tools of the trade
Summary
3
3. Exploiting Wireless Devices
3. Exploiting Wireless Devices
Attacking the firmware
Attacking the services
Attacking SNMP
Attacking UPnP
Checks on misconfiguration
Summary
4
4. Wireless Cracking
4. Wireless Cracking
Overview of different wireless security protocols
Cracking WPA
Summary
5
5. Man-in-the-Middle Attacks
5. Man-in-the-Middle Attacks
MAC address Spoofing/ARP poisoning
Rogue DHCP server
Name resolution spoofing
DNS spoofing
Configuring Ettercap for DNS spoofing
NBNS spoofing
Summary
6
6. Man-in-the-Middle Attacks Using Evil Twin Access Points
6. Man-in-the-Middle Attacks Using Evil Twin Access Points
Creating virtual access points with Hostapd
Creating virtual access points with airbase-ng
Session hijacking using Tamper Data
Credential harvesting
Web-based malware
SSL stripping attack
Browser AutoPwn
Summary
7
7. Advanced Wireless Sniffing
7. Advanced Wireless Sniffing
Capturing traffic with Wireshark
Extracting data from unencrypted protocols
Merging packet capture files
Summary
8
8. Denial of Service Attacks
8. Denial of Service Attacks
An overview of DoS attacks
Management and control frames
Authentication flood attack
The fake beacon flood attack
Metasploit's fake beacon flood attack
The Metasploit deauthentication flood attack
The Metasploit CTS/RTS flood attack
Summary
9
9. Wireless Pentesting from Non-Traditional Platforms
9. Wireless Pentesting from Non-Traditional Platforms
Using OpenWrt for wireless assessments
Using Raspberry Pi for wireless assessments
Accessing Kali Linux from a remote location
Using AutoSSH for reverse shell
Powering and concealing your Raspberry Pi or OpenWrt embedded device
Running Kali on Android phones and tablets
Wireless discovery using Android PCAP
Summary
10
Index
Index

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The iw command is used to show or manipulate wireless devices and their configurations."

A block of code is set as follows:

<html>
<body>
<h1>CSRF Payload</h1>
<form action="http://10.0.0.1/remote_management.php"; method="POST">
  <input type="hidden" name="http_port" value="8080" />
  <input type="hidden" name="http" value="enabled" />
  <input type="hidden" name="single" value="any" />
  <input type="submit" value="Submit request" />
</form>

</body>
</html>

Any command-line input or output is written as follows:

#apt-get update
#apt-get upgrade

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "We will now import the new image into VirtualBox. Navigate to File | Import Appliance… from the VirtualBox application."

Note

Warnings or important notes appear in a box like this.

Tip

Tips and tricks appear like this.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete