Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying The Ultimate Kali Linux Book
  • Table Of Contents Toc
  • Feedback & Rating feedback
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book

By : Glen D. Singh
4.8 (30)
Buy this Book
close
close
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book

4.8 (30)
By: Glen D. Singh
Buy this Book

Overview of this book

Embark on an exciting journey into the world of Kali Linux – the central hub for advanced penetration testing. Honing your pentesting skills and exploiting vulnerabilities or conducting advanced penetration tests on wired and wireless enterprise networks, Kali Linux empowers cybersecurity professionals. In its latest third edition, this book goes further to guide you on how to setup your labs and explains breaches using enterprise networks. This book is designed for newcomers and those curious about penetration testing, this guide is your fast track to learning pentesting with Kali Linux 2024.x. Think of this book as your stepping stone into real-world situations that guides you through lab setups and core penetration testing concepts. As you progress in the book you’ll explore the toolkit of vulnerability assessment tools in Kali Linux, where gathering information takes the spotlight. You'll learn how to find target systems, uncover device security issues, exploit network weaknesses, control operations, and even test web applications. The journey ends with understanding complex web application testing techniques, along with industry best practices. As you finish this captivating exploration of the Kali Linux book, you'll be ready to tackle advanced enterprise network testing – with newfound skills and confidence.
Table of Contents (21 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Free Chapter
1
Introduction to Ethical Hacking
chevron up
Icon
Introduction to Ethical Hacking
Icon
Understanding the need for cybersecurity
Icon
Exploring cybersecurity terminology
Icon
Identifying threat actors and their intent
Icon
Understanding what matters to threat actors
Icon
Exploring the importance of penetration testing
Icon
Penetration testing methodologies
Icon
Discovering penetration testing approaches
Icon
Types of penetration testing
Icon
Exploring the phases of penetration testing
Icon
Understanding the Cyber Kill Chain framework
Icon
Summary
Icon
Further reading
2
Building a Penetration Testing Lab
Icon
Building a Penetration Testing Lab
Icon
Technical requirements
Icon
An overview of the lab setup and technologies used
Icon
Setting up a hypervisor and virtual networks
Icon
Setting up and working with Kali Linux
Icon
Setting up a vulnerable web application
Icon
Deploying Metasploitable 2 as a vulnerable machine
Icon
Building and deploying Metasploitable 3
Icon
Summary
Icon
Further reading
3
Setting Up for Advanced Penetration Testing Techniques
Icon
Setting Up for Advanced Penetration Testing Techniques
Icon
Technical requirements
Icon
Building an Active Directory red team lab
Icon
Setting up a wireless penetration testing lab
Icon
Summary
Icon
Further reading
4
Passive Reconnaissance
Icon
Passive Reconnaissance
Icon
Technical requirements
Icon
The importance of reconnaissance
Icon
Exploring passive reconnaissance
Icon
Creating a sock puppet
Icon
Anonymizing internet-based traffic
Icon
Summary
Icon
Further reading
5
Exploring Open-Source Intelligence
Icon
Exploring Open-Source Intelligence
Icon
Technical requirements
Icon
Google hacking techniques
Icon
Domain reconnaissance
Icon
Sub-domain harvesting
Icon
Identifying organizational infrastructure
Icon
Harvesting employees’ data using Hunter
Icon
Automating social media reconnaissance with Sherlock
Icon
Summary
Icon
Further reading
6
Active Reconnaissance
Icon
Active Reconnaissance
Icon
Technical requirements
Icon
Understanding active information
Icon
Profiling websites using EyeWitness
Icon
Exploring active scanning techniques
Icon
Using scanning evasion techniques
Icon
Enumerating network services
Icon
Discovering data leaks in the cloud
Icon
Summary
Icon
Further reading
7
Performing Vulnerability Assessments
Icon
Performing Vulnerability Assessments
Icon
Technical requirements
Icon
Getting started with Nessus
Icon
Vulnerability identification using Nmap
Icon
Working with Greenbone Vulnerability Manager
Icon
Using web application scanners
Icon
Summary
Icon
Further reading
8
Understanding Network Penetration Testing
Icon
Understanding Network Penetration Testing
Icon
Technical requirements
Icon
Introduction to network penetration testing
Icon
Working with bind and reverse shells
Icon
Antimalware evasion techniques
Icon
Working with wireless adapters
Icon
Managing and Monitoring wireless modes
Icon
Summary
Icon
Further reading
9
Performing Network Penetration Testing
Icon
Performing Network Penetration Testing
Icon
Technical requirements
Icon
Exploring password-based attacks
Icon
Performing host discovery
Icon
Identifying and exploiting vulnerable services
Icon
Summary
Icon
Further reading
10
Post-Exploitation Techniques
Icon
Post-Exploitation Techniques
Icon
Technical requirements
Icon
Pass-the-hash techniques
Icon
Post exploitation using Meterpreter
Icon
Data encoding and exfiltration
Icon
Summary
Icon
Further reading
11
Delving into Command and Control Tactics
Icon
Delving into Command and Control Tactics
Icon
Technical requirements
Icon
Understanding C2
Icon
Setting up C2 operations
Icon
Post-exploitation using Empire
Icon
Working with Starkiller
Icon
Summary
Icon
Further reading
12
Working with Active Directory Attacks
Icon
Working with Active Directory Attacks
Icon
Technical requirements
Icon
Understanding Active Directory
Icon
Enumerating Active Directory
Icon
Leveraging network-based trust
Icon
Summary
Icon
Further reading
13
Advanced Active Directory Attacks
Icon
Advanced Active Directory Attacks
Icon
Technical requirements
Icon
Understanding Kerberos
Icon
Abusing trust on IPv6 with Active Directory
Icon
Attacking Active Directory
Icon
Domain dominance and persistence
Icon
Summary
Icon
Further reading
14
Advanced Wireless Penetration Testing
Icon
Advanced Wireless Penetration Testing
Icon
Technical Requirements
Icon
Introduction to Wireless Networking
Icon
Performing Wireless Reconnaissance
Icon
Compromising WPA/WPA2 Networks
Icon
Performing AP-less Attacks
Icon
Exploiting Enterprise Networks
Icon
Setting Up a Wi-Fi Honeypot
Icon
Exploiting WPA3 Attacks
Icon
Summary
Icon
Further Reading
15
Social Engineering Attacks
Icon
Social Engineering Attacks
Icon
Technical requirements
Icon
Fundamentals of social engineering
Icon
Types of social engineering
Icon
Planning for each type of social engineering attack
Icon
Defending against social engineering
Icon
Exploring social engineering tools and techniques
Icon
Summary
Icon
Further reading
16
Understanding Website Application Security
Icon
Understanding Website Application Security
Icon
Technical requirements
Icon
Understanding web applications
Icon
Exploring the OWASP Top 10: 2021
Icon
Getting started with FoxyProxy and Burp Suite
Icon
Understanding injection-based attacks
Icon
Exploring broken access control attacks
Icon
Discovering cryptographic failures
Icon
Understanding insecure design
Icon
Exploring security misconfiguration
Icon
Summary
Icon
Further reading
17
Advanced Website Penetration Testing
Icon
Advanced Website Penetration Testing
Icon
Technical requirements
Icon
Identifying vulnerable and outdated components
Icon
Exploiting identification and authentication failures
Icon
Understanding software and data integrity failures
Icon
Exploring server-side request forgery
Icon
Understanding security logging and monitoring failures
Icon
Understanding cross-site scripting
Icon
Automating SQL injection attacks
Icon
Performing client-side attacks
Icon
Summary
Icon
Further reading
18
Best Practices for the Real World
Icon
Best Practices for the Real World
Icon
Technical requirements
Icon
Guidelines for penetration testers
Icon
Penetration testing checklist
Icon
Creating a hacker’s toolkit
Icon
Setting up remote access
Icon
Next steps ahead
Icon
Summary
Icon
Further reading
19
Index
Icon
Index
Appendix
Icon
Setting Up a Penetration Testing Lab on Ubuntu Desktop
Icon
Technical requirements
Icon
An overview of the lab setup and technologies used
Icon
Setting up a hypervisor and virtual networks
Icon
Setting up Kali Linux on Ubuntu
Icon
Setting up Metasploitable 3 on Ubuntu
Icon
Summary

Discovering penetration testing approaches

Each penetration test approach is a bit different from the others, and it’s important that you know about all of them. Imagine a potential client calling to request a black box test on their external network infrastructure; as a penetration tester, we must be familiar with the terminology and what is expected by the customer. The following are the approaches used:

  • A white box assessment is typical of web application testing but can extend to any form of penetration testing. The key difference between white, black, and gray box testing is the amount of information provided to the penetration testers prior to the engagement. In a white box assessment, the penetration tester is provided with full information about the targeted applications, systems, and networks, and is usually given user credentials with varying degrees of access to quickly and thoroughly identify vulnerabilities in the targeted systems and networks. This approach reduces the time required by the ethical hacker and penetration tester to perform reconnaissance to identify the attack surface of the target. Not all security testing is done using the white box approach; sometimes, only the target organization’s name is provided to the penetration tester.
  • Black box assessments are one of the most common forms of network penetration testing and are most typical among external network penetration tests and social engineering penetration tests. In a black box assessment, the penetration testers are given very little or no information about the targeted organization, its networks, or its systems except the organization’s name. This particular form of testing is efficient when trying to determine what a real adversary will find and their strategies to gain unauthorized access to the organization’s network and techniques for compromising their systems.
  • Gray box assessments are a hybrid of white and black box testing and are typically used to provide a realistic testing scenario while also giving penetration testers enough information to reduce the time needed to conduct reconnaissance and other black box testing activities. In addition, it’s important in any assessment to ensure you are testing all in-scope systems. In a true black box, it’s possible to miss systems, and as a result, they are left out of the assessment.

Having completed this section, you have learned about white, gray, and black box security testing approaches. Up next, you will learn about different types of penetration testing in the industry.

End of Section 8
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY