When breaking into the cybersecurity industry, specifically in the ethical hacking and penetration testing fields, you will often hear about the famous Linux distribution known as Kali Linux. Kali Linux is a penetration testing Linux distribution that is built to support the needs of cybersecurity professionals during each phase of a penetration test. As a cybersecurity author, lecturer, and industry professional, I’ve heard from many people within the cybersecurity and information technology industries, and even from students, about the importance of finding a book that guides the reader to thoroughly understand how to perform penetration testing from beginner to advanced level using a step-by-step approach with Kali Linux. This was the motivation and inspiration behind creating the ultimate book that will be easy to understand for everyone and help all readers to become proficient and develop new skills while using the latest tools and techniques.

Over the years, I’ve researched and created a lot of cybersecurity-related content, and one of the most important things about being both a red and blue teamer (offensive and defensive) is always staying up to date on how to discover the latest security vulnerabilities and understanding the Tactics, Techniques, and Procedures (TTPs) that are commonly used by cybercriminals. As a result, ethical hackers and penetration testers need to be equipped with the latest knowledge, skills, and tools to efficiently discover and exploit hidden security vulnerabilities on their targets’ systems and networks, with the intent of helping organizations reduce their attack surface and improve their cyber defenses. During the writing of this book, I’ve used a student-centric and learner-friendly approach, helping you to easily understand the most complex topics, terminologies, and why there is a need to test for security flaws on a system and network.

This book begins by introducing you to the mindset of a threat actor such as a hacker and comparing a hacker’s mindset to that of penetration testers. It’s important to understand how a threat actor thinks and what is most valuable to them. While penetration testers may have a similar mindset to a hacker, their objective is to discover and help resolve the security vulnerabilities before a real cyber attack occurs on an organization. Furthermore, you will learn how to create a lab environment using virtualization technologies to reduce the cost of buying equipment. The lab environment will emulate a network with vulnerable systems and web application servers. Additionally, a fully patched Windows Active Directory lab has been created to demonstrate the security vulnerabilities found within a Windows domain, where you will learn how to compromise Active Directory services.

You will soon learn how to perform real-world intelligence gathering on organizations using popular tools and strategies for reconnaissance and information gathering. Learning ethical hacking and penetration testing would not be complete without learning how to perform vulnerability assessments using industry-standard tools. Furthermore, you will spend some time learning how to perform exploitation on common security vulnerabilities. Following the exploitation phase, you will be exposed to post-exploitation techniques and learn how to set up Command and Control (C2) operations to maintain access on a compromised network to expand your foothold as a penetration tester and exfiltrate data from a compromised host.

You will learn how to perform Active Directory enumeration and exploitation, as many organizations have a Windows environment running Active Directory.

You will learn how to abuse the trust of Active Directory and take over a Windows domain by creating a golden ticket, a silver ticket, and a skeleton key. Furthermore, wireless attacks are included to help aspiring penetration testers gain the skills needed to test for security vulnerabilities on wireless networks, such as exploiting the WPA3 wireless security standard. Finally, the last section includes techniques for discovering and exploiting web applications and performing social engineering techniques and procedures.

In this edition, the procedures for building virtual lab environments have been improved and made easier to understand and follow as a beginner. A new and dedicated chapter on Open Source Intelligence (OSINT) focuses on collecting and analyzing publicly available information on targeted systems, networks, and organizations to develop a profile of intelligence that can be exploited during penetration testing. The theory and practical labs were improved throughout the entire book, and new labs on web application and social engineering were included.

By completing this book, you will be taken through an amazing journey from beginner to expert in terms of learning, understanding, and developing your skills in ethical hacking and penetration testing as an aspiring cybersecurity professional within the industry.