Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Learn Kali Linux 2019
  • Toc
  • feedback
Learn Kali Linux 2019

Learn Kali Linux 2019

By : Joshua Crumbaugh, Glen D. Singh
4.6 (13)
close
Learn Kali Linux 2019

Learn Kali Linux 2019

4.6 (13)
By: Joshua Crumbaugh, Glen D. Singh

Overview of this book

The current rise in hacking and security breaches makes it more important than ever to effectively pentest your environment, ensuring endpoint protection. This book will take you through the latest version of Kali Linux and help you use various tools and techniques to efficiently deal with crucial security aspects. Through real-world examples, you’ll understand how to set up a lab and later explore core penetration testing concepts. Throughout the course of this book, you’ll get up to speed with gathering sensitive information and even discover different vulnerability assessment tools bundled in Kali Linux 2019. In later chapters, you’ll gain insights into concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections to further build on your pentesting skills. You’ll also focus on techniques such as bypassing controls, attacking the end user and maintaining persistence access through social media. Finally, this pentesting book covers best practices for performing complex penetration testing techniques in a highly secured environment. By the end of this book, you’ll be able to use Kali Linux to detect vulnerabilities and secure your system by applying penetration testing techniques of varying complexity.
Table of Contents (22 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: Kali Linux Basics
Section 1: Kali Linux Basics
2
Introduction to Hacking
Introduction to Hacking
Who is a hacker?
Exploring important terminology
Penetration testing phases
Penetration testing methodologies
Penetration testing approaches
Types of penetration testing
Hacking phases
Summary
Questions
Further reading
3
Setting Up Kali - Part 1
Setting Up Kali - Part 1
Technical requirements
Lab overview
Building our lab
Summary
Questions
Further reading
4
Setting Up Kali - Part 2
Setting Up Kali - Part 2
Technical requirements
Installing Windows as a VM
Installing Ubuntu 8.10
Troubleshooting Kali Linux
Summary
Further reading
5
Getting Comfortable with Kali Linux 2019
Getting Comfortable with Kali Linux 2019
Technical requirements
Understanding Kali Linux
What's new in Kali Linux 2019?
Basics of Kali Linux
Summary
Questions
Further reading
6
Section 2: Reconnaissance
Section 2: Reconnaissance
7
Passive Information Gathering
Passive Information Gathering
Technical requirements
Reconnaissance and footprinting
Understanding passive information gathering
Understanding OSINT
Using the top OSINT tools
Identifying target technology and security controls
Finding data leaks in cloud resources
Understanding Google hacking and search operators
Leveraging whois and copying websites with HTTrack
Finding subdomains using Sublist3r
Summary
Questions
Further reading
8
Active Information Gathering
Active Information Gathering
Technical requirements
Understanding active information gathering
DNS interrogation
Scanning
Nmap
NSE scripts
Zenmap
Hping3
SMB, LDAP enumeration, and null sessions
User enumeration through noisy authentication controls
Web footprints and enumeration with EyeWitness
Metasploit auxiliary modules
Summary
Questions
Further reading
9
Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
10
Working with Vulnerability Scanners
Working with Vulnerability Scanners
Technical requirements
Nessus and its policies
Scanning with Nessus
Exporting Nessus results
Analyzing Nessus results
Using web application scanners
Summary
Questions
Further reading
11
Understanding Network Penetration Testing
Understanding Network Penetration Testing
Technical requirements
Introduction to network penetration testing
Understanding the MAC address
Connecting a wireless adapter to Kali Linux
Managing and monitoring wireless modes
Summary
Questions
Further reading
12
Network Penetration Testing - Pre-Connection Attacks
Network Penetration Testing - Pre-Connection Attacks
Technical requirements
Getting started with packet sniffing using airodump-ng
Targeted packet sniffing using airodump-ng
Deauthenticating clients on a wireless network
Creating a rogue AP/evil twin
Performing a password spraying attack
Setting up watering hole attacks
Exploiting weak encryption to steal credentials
Summary
Questions
Further reading
13
Network Penetration Testing - Gaining Access
Network Penetration Testing - Gaining Access
Technical requirements
Gaining access
WEP cracking
WPA cracking
Securing your network from the aforementioned attacks
Configuring wireless security settings to secure your network
Exploiting vulnerable perimeter systems with Metasploit
Penetration testing Citrix and RDP-based remote access systems
Plugging PWN boxes and other tools directly into a network
Bypassing NAC
Summary
Questions
Further reading
14
Network Penetration Testing - Post-Connection Attacks
chevron up
Network Penetration Testing - Post-Connection Attacks
Technical requirements
Gathering information
MITM attacks
Session hijacking
DHCP attacks
Exploiting LLMNR and NetBIOS-NS
WPAD protocol attacks
Wireshark
Escalating privileges
Lateral movement tactics
PowerShell tradecraft
Launching a VLAN hopping attack
Summary
Questions
Further reading
15
Network Penetration Testing - Detection and Security
Network Penetration Testing - Detection and Security
Technical requirements
Using Wireshark to understand ARP
Detecting ARP poisoning attacks
Detecting suspicious activity
MITM remediation techniques
Summary
Questions
Further reading
16
Client-Side Attacks - Social Engineering
Client-Side Attacks - Social Engineering
Technical requirements
Basics of social engineering
Types of social engineering
Defending against social engineering
Recon for social engineering (doxing)
Planning for each type of social engineering attack
Social engineering tools
Summary
Questions
Further reading
17
Performing Website Penetration Testing
Performing Website Penetration Testing
Technical requirements
Information gathering
Cryptography
File upload and file inclusion vulnerabilities
Exploiting file upload vulnerabilities
Exploiting code execution vulnerabilities
Exploiting LFI vulnerabilities
Preventing vulnerabilities
Summary
Questions
Further reading
18
Website Penetration Testing - Gaining Access
Website Penetration Testing - Gaining Access
Technical requirements
Exploring the dangers of SQL injection
SQL injection vulnerabilities and exploitation
Cross-Site Scripting vulnerabilities
Discovering vulnerabilities automatically
Summary
Questions
Further reading
19
Best Practices
Best Practices
Technical requirements
Guidelines for penetration testers
Web application security blueprints and checklists
Summary
Questions
Further reading
20
Assessments
Assessments
Chapter 1: Introduction to Hacking
Chapter 2: Setting Up Kali - Part
Chapter 4: Getting Comfortable with Kali Linux 2019
Chapter 5: Passive Information Gathering
Chapter 6: Active Information Gathering
Chapter 7: Working with Vulnerability Scanners
Chapter 8: Understanding Network Penetration Testing
Chapter 9: Network Penetration Testing - Pre-Connection Attacks
Chapter 10: Network Penetration Testing - Gaining Access
Chapter 11: Network Penetration Testing - Post-Connection Attacks
Chapter 12: Network Penetration Testing - Detection and Security
Chapter 13: Client-Side Attacks - Social Engineering
Chapter 14: Performing Website Penetration Testing
Chapter 15: Website Penetration Testing - Gaining Access
Chapter 16: Best Practices
21
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

WPAD protocol attacks

Within a corporate network, system administrators usually allow employees to access the internet through a proxy server. The proxy server usually improves performance and security, and monitors web traffic entering and leaving the corporate network. WPAD is a technique that is used on client machines to discover the URL of a configuration file via DHCP discovery methods. Once a client machine discovers a file, it is downloaded on the client machine and executed. The script will determine the proxy for the client.

In this exercise, we are going to use Responder on Kali Linux to capture a victim's user credentials. Before we begin, the following topology will be used in this exercise:

Using the following steps, we will be able to easily exploit WPAD in a Windows environment:

The lab configurations are the same as those in the previous section.
  1. Ensure...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 8
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete