Sign In Start Free Trial

Hands-On Penetration Testing with Kali NetHunter

By : Glen D. Singh, Oriyano

3 (4)

Hands-On Penetration Testing with Kali NetHunter

3 (4)

By: Glen D. Singh, Oriyano

Overview of this book

Kali NetHunter is a version of the popular and powerful Kali Linux pentesting platform, designed to be installed on mobile devices. Hands-On Penetration Testing with Kali NetHunter will teach you the components of NetHunter and how to install the software. You’ll also learn about the different tools included and how to optimize and use a package, obtain desired results, perform tests, and make your environment more secure. Starting with an introduction to Kali NetHunter, you will delve into different phases of the pentesting process. This book will show you how to build your penetration testing environment and set up your lab. You will gain insight into gathering intellectual data, exploiting vulnerable areas, and gaining control over target systems. As you progress through the book, you will explore the NetHunter tools available for exploiting wired and wireless devices. You will work through new ways to deploy existing tools designed to reduce the chances of detection. In the concluding chapters, you will discover tips and best practices for integrating security hardening into your Android ecosystem. By the end of this book, you will have learned to successfully use a mobile penetration testing device based on Kali NetHunter and Android to accomplish the same tasks you would traditionally, but in a smaller and more mobile form factor.

Preface

Preface

Who this book is for

What this book covers

To get the most out of this book

Get in touch

Disclaimer

Free Chapter

Section 1: Exploring Kali NetHunter

Section 1: Exploring Kali NetHunter

Introduction to Kali NetHunter

Introduction to Kali NetHunter

What is Kali NetHunter?

Tools within Kali NetHunter

The Android platform and security model

Installing NetHunter

Additional optional hardware

Summary

Understanding the Phases of the Pentesting Process

Understanding the Phases of the Pentesting Process

The need for penetration testing

Types of penetration tests

Phases of penetration testing

Penetration testing methodologies and frameworks

Phases of penetration testing

Deliverables

Summary

Section 2: Common Pentesting Tasks and Tools

Section 2: Common Pentesting Tasks and Tools

Intelligence-Gathering Tools

Intelligence-Gathering Tools

Technical requirements

Objectives of intelligence gathering

Information for the taking

Tools for gathering useful information

Working with Recon-Ng

Going for technical data

Summary

Further reading

Scanning and Enumeration Tools

Scanning and Enumeration Tools

Technical requirements

Scanning

Determining whether a host is up or down

Using Nmap

Port scanning

Full Open/TCP connect scans

Stealth scans

XMAS scans

FIN scans

NULL scans

ACK scans

Tuning and tweaking

Banner grabbing

Enumeration with NetHunter

Enumerating DNS

Enumerating SMTP

Working with SMB

Summary

Further reading

Penetrating the Target

Penetrating the Target

Technical requirements

Concerning passwords

Summary

Further reading

Clearing Tracks and Removing Evidence from a Target

Clearing Tracks and Removing Evidence from a Target

Clearing tracks

Clearing logs on Windows

Clearing logs in Linux

Summary

Section 3: Advanced Pentesting Tasks and Tools

Section 3: Advanced Pentesting Tasks and Tools

Packet Sniffing and Traffic Analysis

Packet Sniffing and Traffic Analysis

The need for sniffing traffic

Types of packet-sniffing techniques

Tools and techniques of packet sniffing

Packet analysis techniques

Summary

Targeting Wireless Devices and Networks

Targeting Wireless Devices and Networks

Wireless network topologies

Wireless standards

Service Set Identifier

Wireless authentication modes

Wireless encryption standard

Wireless threats

Wireless attacks

Bluetooth hacking

Summary

Avoiding Detection

Avoiding Detection

Scanning

MAC spoofing

Fragmentation

Metasploit Payload Generator

Encrypting traffic

Summary

Hardening Techniques and Countermeasures

Hardening Techniques and Countermeasures

Security threats and countermeasures

Client system security

Hardening networking devices

Hardening mobile devices

Summary

Building a Lab

Building a Lab

Technical requirements

Hypervisor

Vulnerable systems

Setting up the lab

Summary

Selecting a Kali Device and Hardware

Selecting a Kali Device and Hardware

Small computers

Mobile hardware

External components

Summary

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

3 (4)

5 star

50%

4 star

0

3 star

0

2 star

0

1 star

50%

Stealth scans

A stealth scan (sometimes known as a half open scan) is much like a full open scan with a minor difference that makes it less suspicious on the victim's device. The primary difference is that a full TCP three-way handshake does not occur. Looking at the following diagram, the initiator (device A) would send a TCP SYN packet to device B for the purpose of determining whether a port is open. Device B will respond with a SYN/ACK packet to the initiator (device A) if the port is open. Next, device A will send an RST to terminate the connection. If the port is closed, device B will sent an RST packet:

Stealth scan showing open and closed service ports

The benefit of using this type of scan is that it reduces the chances of being detected.

To execute a stealth scan, select (TCP SYN) from the list in the nmap window in the NetHunter app and enter the target IP address...

Search

Your notes and bookmarks