Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying The Ultimate Kali Linux Book
  • Table Of Contents Toc
  • Feedback & Rating feedback
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book

By : Glen D. Singh
4.1 (27)
Buy this Book
close
close
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book

4.1 (27)
By: Glen D. Singh
Buy this Book

Overview of this book

Kali Linux is the most popular and advanced penetration testing Linux distribution within the cybersecurity industry. Using Kali Linux, a cybersecurity professional will be able to discover and exploit various vulnerabilities and perform advanced penetration testing on both enterprise wired and wireless networks. This book is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts. Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks. Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment. By the end of this Kali Linux book, you’ll have gained the skills to perform advanced penetration testing on enterprise networks using Kali Linux.
Table of Contents (23 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Conventions used
Icon
Disclaimer
Icon
Share Your Thoughts
1
Section 1: Getting Started with Penetration Testing
Icon
Section 1: Getting Started with Penetration Testing
Free Chapter
2
Chapter 1: Introduction to Ethical Hacking
Icon
Chapter 1: Introduction to Ethical Hacking
Icon
Identifying threat actors and their intent
Icon
Understanding what matters to threat actors
Icon
Discovering cybersecurity terminologies
Icon
Exploring the need for penetration testing and its phases
Icon
Understanding penetration testing approaches
Icon
Exploring hacking phases
Icon
Understanding the Cyber Kill Chain framework
Icon
Summary
Icon
Further reading
3
Chapter 2: Building a Penetration Testing Lab
Icon
Chapter 2: Building a Penetration Testing Lab
Icon
Technical requirements
Icon
Understanding the lab overview and its technologies
Icon
Setting up a hypervisor and virtually isolated networks
Icon
Setting up and working with Kali Linux
Icon
Deploying Metasploitable 2 as a target system
Icon
Implementing Metasploitable 3 using Vagrant
Icon
Setting up vulnerability web application systems
Icon
Summary
Icon
Further reading
4
Chapter 3: Setting Up for Advanced Hacking Techniques
Icon
Chapter 3: Setting Up for Advanced Hacking Techniques
Icon
Technical requirements
Icon
Building an AD red team lab
Icon
Setting up a wireless penetration testing lab
Icon
Summary
Icon
Further reading
5
Section 2: Reconnaissance and Network Penetration Testing
Icon
Section 2: Reconnaissance and Network Penetration Testing
6
Chapter 4: Reconnaissance and Footprinting
Icon
Chapter 4: Reconnaissance and Footprinting
Icon
Technical requirements
Icon
Understanding the importance of reconnaissance
Icon
Understanding passive information gathering
Icon
Exploring open source intelligence
Icon
Using OSINT strategies to gather intelligence
Icon
Summary
Icon
Further reading
7
Chapter 5: Exploring Active Information Gathering
Icon
Chapter 5: Exploring Active Information Gathering
Icon
Technical requirements
Icon
Understanding active reconnaissance
Icon
Exploring Google hacking strategies
Icon
Exploring DNS reconnaissance
Icon
Enumerating subdomains
Icon
Profiling websites using EyeWitness
Icon
Exploring active scanning techniques
Icon
Enumerating common network services
Icon
Performing user enumeration through noisy authentication controls
Icon
Finding data leaks in the cloud
Icon
Summary
Icon
Further reading
8
Chapter 6: Performing Vulnerability Assessments
Icon
Chapter 6: Performing Vulnerability Assessments
Icon
Technical requirements
Icon
Nessus and its policies
Icon
Vulnerability discovery using Nmap
Icon
Working with Greenbone Vulnerability Manager
Icon
Using web application scanners
Icon
Summary
Icon
Further reading
9
Chapter 7: Understanding Network Penetration Testing
Icon
Chapter 7: Understanding Network Penetration Testing
Icon
Technical requirements
Icon
Introduction to network penetration testing
Icon
Working with bind and reverse shells
Icon
Antimalware evasion techniques
Icon
Working with wireless adapters
Icon
Managing and monitoring wireless modes
Icon
Summary
Icon
Further reading
10
Chapter 8: Performing Network Penetration Testing
Icon
Chapter 8: Performing Network Penetration Testing
Icon
Technical requirements
Icon
Discovering live systems
Icon
Profiling a target system
Icon
Exploring password-based attacks
Icon
Identifying and exploiting vulnerable services
Icon
Understanding watering hole attacks
Icon
Further reading
11
Section 3: Red Teaming Techniques
Icon
Section 3: Red Teaming Techniques
12
Chapter 9: Advanced Network Penetration Testing — Post Exploitation
Icon
Chapter 9: Advanced Network Penetration Testing — Post Exploitation
Icon
Technical requirements
Icon
Post-exploitation using Meterpreter
Icon
Data encoding and exfiltration
Icon
Understanding MITM and packet sniffing attacks
Icon
Summary
Icon
Further reading
13
Chapter 10: Working with Active Directory Attacks
Icon
Chapter 10: Working with Active Directory Attacks
Icon
Technical requirements
Icon
Understanding Active Directory
Icon
Enumerating Active Directory
Icon
Leveraging network-based trust
Icon
Summary
Icon
Further reading
14
Chapter 11: Advanced Active Directory Attacks
chevron up
Icon
Chapter 11: Advanced Active Directory Attacks
Icon
Technical requirements
Icon
Understanding Kerberos
Icon
Abusing trust on IPv6 with Active Directory
Icon
Attacking Active Directory
Icon
Domain dominance and persistence
Icon
Summary
Icon
Further reading
15
Chapter 12: Delving into Command and Control Tactics
Icon
Chapter 12: Delving into Command and Control Tactics
Icon
Technical requirements
Icon
Understanding C2
Icon
Setting up C2 operations
Icon
Post-exploitation using Empire
Icon
Working with Starkiller
Icon
Summary
Icon
Further reading
16
Chapter 13: Advanced Wireless Penetration Testing
Icon
Chapter 13: Advanced Wireless Penetration Testing
Icon
Technical requirements
Icon
Introduction to wireless networking
Icon
Performing wireless reconnaissance
Icon
Compromising WPA and WPA2 networks
Icon
Performing AP-less attacks
Icon
Exploiting enterprise wireless networks
Icon
Creating a Wi-Fi honeypot
Icon
Discovering WPA3 attacks
Icon
Securing your wireless network
Icon
Summary
Icon
Further reading
17
Section 4: Social Engineering and Web Application Attacks
Icon
Section 4: Social Engineering and Web Application Attacks
18
Chapter 14: Performing Client-Side Attacks – Social Engineering
Icon
Chapter 14: Performing Client-Side Attacks – Social Engineering
Icon
Technical requirements
Icon
Fundamentals of social engineering
Icon
Types of social engineering
Icon
Defending against social engineering
Icon
Planning for each type of social engineering attack
Icon
Exploring social engineering tools and techniques
Icon
Summary
Icon
Further reading
19
Chapter 15: Understanding Website Application Security
Icon
Chapter 15: Understanding Website Application Security
Icon
Technical requirements
Icon
Understanding web applications
Icon
Exploring the OWASP Top 10: 2021
Icon
Getting started with FoxyProxy and Burp Suite
Icon
Understanding injection-based attacks
Icon
Exploring broken access control attacks
Icon
Discovering cryptographic failures
Icon
Understanding insecure design
Icon
Exploring security misconfiguration
Icon
Summary
Icon
Further reading
20
Chapter 16: Advanced Website Penetration Testing
Icon
Chapter 16: Advanced Website Penetration Testing
Icon
Technical requirements
Icon
Identifying vulnerable and outdated components
Icon
Exploiting identification and authentication failures
Icon
Understanding software and data integrity failures
Icon
Understanding security logging and monitoring failures
Icon
Performing server-side request forgery
Icon
Automating SQL injection attacks
Icon
Understanding cross-site scripting
Icon
Performing client-side attacks
Icon
Summary
Icon
Further reading
21
Chapter 17: Best Practices for the Real World
Icon
Chapter 17: Best Practices for the Real World
Icon
Technical requirements
Icon
Guidelines for penetration testers
Icon
Penetration testing checklist
Icon
Creating a hacker's tool bag
Icon
Setting up remote access
Icon
Next steps ahead
Icon
Summary
Icon
Further reading
Icon
Why subscribe?
22
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts

Attacking Active Directory

As an aspiring penetration tester, it's important to understand how to simulate real-world cyber-attacks during a penetration test to perform both lateral and vertical movement within an Active Directory domain. Over the next few sections, you will explore various popular tools that are definitely needed within your arsenal as a cybersecurity professional.

Lateral movement with CrackMapExec

CrackMapExec (CME) is a post-exploitation tool that allows penetration testers to easily automate the process of gathering sensitive information from an Active Directory domain within an organization. This tool is very useful as it also allows penetration testers to compromise the trust between domain clients and domain controllers within the network.

Using a tool such as CME within an Active Directory domain, penetration testers and red team professionals are able to quickly identify whether a user credential can be used to gain access to other systems...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 5
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY