Sign In Start Free Trial

Book Overview & Buying
Table Of Contents
Feedback & Rating

Learn Ethical Hacking from Scratch

By : Sabih

4.4 (17)

Learn Ethical Hacking from Scratch

4.4 (17)

By: Sabih

Overview of this book

This book starts with the basics of ethical hacking, how to practice hacking safely and legally, and how to install and interact with Kali Linux and the Linux terminal. You will explore network hacking, where you will see how to test the security of wired and wireless networks. You’ll also learn how to crack the password for any Wi-Fi network (whether it uses WEP, WPA, or WPA2) and spy on the connected devices. Moving on, you will discover how to gain access to remote computer systems using client-side and server-side attacks. You will also get the hang of post-exploitation techniques, including remotely controlling and interacting with the systems that you compromised. Towards the end of the book, you will be able to pick up web application hacking techniques. You'll see how to discover, exploit, and prevent a number of website vulnerabilities, such as XSS and SQL injections. The attacks covered are practical techniques that work against real systems and are purely for educational purposes. At the end of each section, you will learn how to detect, prevent, and secure systems from these attacks.

Preface

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Free Chapter

Introduction

Introduction

What's in this book?

What is hacking?

Why should we learn about hacking?

A glimpse of hacking

Summary

Setting Up a Lab

Setting Up a Lab

Lab overview

Installing Kali Linux

Installing Metasploitable

Installing Windows

Creating and using snapshots

Summary

Linux Basics

Linux Basics

Overview of Kali Linux

Linux commands

Updating resources

Summary

Network Penetration Testing

Network Penetration Testing

What is a network?

Network basics

Connecting to a wireless adapter

MAC addresses

Wireless modes – managed and monitor

Enabling monitor mode manually

Enabling monitor mode using airmon-ng

Summary

Pre-Connection Attacks

Pre-Connection Attacks

Packet sniffing basics

Targeted packet sniffing

Deauthentication attack

What is a fake access point?

Creating fake access points with the MANA Toolkit

Summary

Network Penetration Testing - Gaining Access

Network Penetration Testing - Gaining Access

WEP theory

Basic web cracking

Fake authentication attack

ARP request replay

WPA introduction

WPS cracking

Handshake theory

Capturing the handshake

Creating a wordlist

Wordlist cracking

Securing network from attacks

Summary

Post-Connection Attacks

Post-Connection Attacks

Post-connection attacks

Summary

Man-in-the-Middle Attacks

Man-in-the-Middle Attacks

Man-in-the–middle attacks

Wireshark

Summary

Network Penetration Testing, Detection, and Security

Network Penetration Testing, Detection, and Security

Detecting ARP poisoning

Detecting suspicious behavior

Summary

Gaining Access to Computer Devices

Gaining Access to Computer Devices

Introduction to gaining access

Sever-side attacks

Server-side attack basics

Server-side attacks – Metasploit basics

Metasploit remote code execution

Summary

Scanning Vulnerabilities Using Tools

Scanning Vulnerabilities Using Tools

Installing MSFC

MSFC scan

MSFC analysis

Installing Nexpose

Running Nexpose

Nexpose analysis

Summary

Client-Side Attacks

Client-Side Attacks

Client-side attacks

Installing Veil

Payloads overview

Generating a Veil backdoor

Listening for connections

Testing the backdoor

Fake bdm1 updates

Client-side attacks using the bdm2 BDFProxy

Protection against delivery methods

Summary

Client-Side Attacks - Social Engineering

Client-Side Attacks - Social Engineering

Client-side attacks using social engineering

Maltego overview

Social engineering – linking accounts

Social engineering – Twitter

Social engineering – emails

Social engineering – summary

Downloading and executing AutoIt

Changing the icon and compiling the payload

Changing extensions

Client-side attacks – TDM email spoofing

Summary

Attack and Detect Trojans with BeEF

Attack and Detect Trojans with BeEF

The BeEF tool

BeEF – hook using a MITMf

BeEF – basic commands

BeEF – Pretty Theft

BeEF – Meterpreter 1

Detecting Trojans manually

Detecting Trojans using a sandbox

Summary

Attacks Outside the Local Network

Attacks Outside the Local Network

Port forwarding

External backdoors

IP forwarding

External BeEF

Summary

Post Exploitation

Post Exploitation

An introduction to post exploitation

Meterpreter basics

Filesystem commands

Maintaining access by using simple methods

Maintaining access by using advanced methods

Keylogging

An introduction to pivoting

Pivoting autoroutes

Summary

Website Penetration Testing

Website Penetration Testing

What is a website?

Attacking a website

Summary

Website Pentesting - Information Gathering

Website Pentesting - Information Gathering

Information gathering using tools

Websites on the same server

Information gathering from target websites

Summary

File Upload, Code Execution, and File Inclusion Vulnerabilities

File Upload, Code Execution, and File Inclusion Vulnerabilities

File upload vulnerabilities

Code execution vulnerabilities

Local file inclusion vulnerabilities

Remote file inclusion using Metasploitable

Basic mitigation

Summary

SQL Injection Vulnerabilities

SQL Injection Vulnerabilities

What is SQL?

The dangers of SQLi

Discovering SQLi

SQLi authorization bypass

Discovering an SQLi using the GET method

Basic SELECT statements

Discovering tables

Reading columns and their data

Reading and writing files on the server

The sqlmap tool

Preventing SQLi

Summary

Cross-Site Scripting Vulnerabilities

Cross-Site Scripting Vulnerabilities

Introduction to XSS

Reflected XSS

Stored XSS

XSS BeEF exploitation

XSS protection

Summary

Discovering Vulnerabilities Automatically Using OWASP ZAP

Discovering Vulnerabilities Automatically Using OWASP ZAP

OWASP ZAP start

OWASP ZAP results

Summary

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

4.4 (17)

5 star

76.5%

4 star

5.9%

3 star

5.9%

2 star

5.9%

1 star

5.9%

OWASP ZAP results

After the scan is over and we can see our website on the left, clicking on it will show us some results from the Spider when it was looking for the files:

The very interesting part is the Alerts in the following screenshot. We can see all the vulnerabilities that have been discovered:

At the bottom-left of the preceding screenshot, we can see that we have 6 red flags, the High Priority Alerts, we have 4 orange flags, 5 yellow flags, and 0 blue. These are organized in order of severity.

Clicking on any of the categories will expand it and show the threats that have been found, for example, clicking on Path Traversal (10), we'll see all the URLs that can be exploited to read files from the server:

Clicking on any of the sites, we will see the HTTP request that was sent in order to discover this:

The following screenshot shows the response and why the...

Search

Your notes and bookmarks