Mastering Kali Linux for advanced penetration testing : a practical guide to testing your network's security with Kali Linux, the preferred choice of penetration testers and hackers / Robert W. Beggs ; cover image by Robert W. Beggs.

Format:

Book

Author/Creator:

Beggs, Robert W., author, cover designer.

Series:

Community experience distilled.

Community Experience Distilled

Language:

English

Subjects (All):

Operating systems (Computers).

Linux.

Physical Description:

1 online resource (356 p.)

Edition:

1st ed.

Place of Publication:

Birmingham, [England] : Packt Publishing, 2014.

Language Note:

English

Summary:

This book provides an overview of the kill chain approach to penetration testing, and then focuses on using Kali Linux to provide examples of how this methodology is applied in the real world. After describing the underlying concepts, step-by-step examples are provided that use selected tools to demonstrate the techniques. If you are an IT professional or a security consultant who wants to maximize the success of your network testing using some of the advanced features of Kali Linux, then this book is for you. This book will teach you how to become an expert in the pre-engagement, management,

Contents:

Cover; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Table of Contents; Preface; Part 1: The Attacker's Kill Chain; Chapter 1: Starting with Kali Linux; Kali Linux; Configuring network services and secure communications; Adjusting network proxy settings; Securing communications with Secure Shell; Updating Kali Linux; The Debian package management system; Packages and repositories; Dpkg; Using Advanced Packaging Tools; Configuring and customizing Kali Linux; Resetting the root password; Adding a non-root user; Speeding up Kali operations

Sharing folders with Microsoft WindowsCreating an encrypted folder with TrueCrypt; Managing third-party applications; Installing third-party applications; Running third-party applications with non-root privileges; Effective management of penetration tests; Summary; Chapter 2: Identifying the Target - Passive Reconnaissance; Basic principles of reconnaissance; Open Source intelligence; DNS reconnaissance and route mapping; WHOIS; DNS reconnaissance; IPv4; IPv6; Mapping the route to the target; Obtaining user information; Gathering names and e-mail addresses; Profiling users for password lists

SummaryChapter 3: Active Reconnaissance and Vulnerability Scanning; Stealth scanning strategies; Adjusting source IP stack and tool identification settings; Modifying packet parameters; Using proxies with anonymity networks (Tor and Privoxy); Identifying the network infrastructure; Enumerating hosts; Live host discovery; Port, operating system, and service discovery; Port scanning; Fingerprinting the operating system; Determining active services; Employing comprehensive reconnaissance applications; nmap; The recon-ng framework; Maltego; Vulnerability scanning; Summary; Chapter 4: Exploit

Threat modelingUsing online and local vulnerability resources; The Metasploit Framework; Exploiting a vulnerable application; Exploiting multiple targets with Armitage; Team testing with Armitage; Scripting the Armitage attack; Bypassing IDs and antivirus detection; Summary; Chapter 5: Post Exploit - Action on the Objective; Bypassing Windows User Account Control; Conducting a rapid reconnaissance of a compromised system; Using the WMIC scripting language; Finding and taking sensitive data - pillaging the target; Creating additional accounts; Using Metasploit for post-exploit activities

Escalating user privileges on a compromised hostReplaying authentication tokens using incognito; Manipulating access credentials with Windows Credential Editor; Escalating from Administrator to SYSTEM; Accessing new accounts with horizontal escalation; Covering your tracks; Summary; Chapter 6: Post Exploit - Persistence; Compromising the existing system and application files for remote access; Remotely enabling the Telnet service; Remotely enabling Windows Terminal Services; Remotely enabling Virtual Network Computing; Using persistent agents; Employing Netcat as a persistent agent

Maintaining persistence with the Metasploit Framework

Notes:

Includes index.

Description based on online resource; title from PDF title page (ebrary, viewed July 9, 2014).

ISBN:

1-78216-313-1

OCLC:

882610698