Introduction to Kali Purple : Harness the Synergy of Offensive and Defensive Cybersecurity Strategies of Kali Linux.

Format:

Book

Author/Creator:

Lane, Karl.

Language:

English

Subjects (All):

Computer security.

Penetration testing (Computer security).

Web applications--Testing.

Web applications.

Physical Description:

1 online resource (377 pages)

Edition:

1st ed.

Place of Publication:

Birmingham : Packt Publishing, Limited, 2024.

Summary:

Combine the offensive capabilities of Kali Linux with the defensive strength of a security operations center to enhance cybersecurity for business and training purposesKey FeaturesGain practical experience in defensive security methodsLearn the correct process for acquiring, installing, and configuring a robust SOC from homeCreate training scenarios for junior technicians and analysts using real-world cybersecurity utilitiesPurchase of the print or Kindle book includes a free PDF eBookBook DescriptionIntroduction to Kali Purple combines red team tools from the Kali Linux OS and blue team tools commonly found within a security operations center (SOC) for an all-in-one approach to cybersecurity. This book takes you from an overview of today's cybersecurity services and their evolution to building a solid understanding of how Kali Purple can enhance training and support proof-of-concept scenarios for your technicians and analysts. After getting to grips with the basics, you’ll learn how to develop a cyber defense system for Small Office Home Office (SOHO ) services. This is demonstrated through the installation and configuration of supporting tools such as virtual machines, the Java SDK, Elastic, and related software. You’ll then explore Kali Purple’s compatibility with the Malcolm suite of tools, including Arkime, CyberChef, Suricata, and Zeek. As you progress, the book introduces advanced features, such as security incident response with StrangeBee’s Cortex and TheHive and threat and intelligence feeds. Finally, you’ll delve into digital forensics and explore tools for social engineering and exploit development. By the end of this book, you’ll have a clear and practical understanding of how this powerful suite of tools can be implemented in real-world scenarios.What you will learnSet up and configure a fully functional miniature security operations centerExplore and implement the government-created Malcolm suite of toolsUnderstand traffic and log analysis using Arkime and CyberChefCompare and contrast intrusion detection and prevention systemsExplore incident response methods through Cortex, TheHive, and threat intelligence feed integrationLeverage purple team techniques for social engineering and exploit developmentWho this book is forThis book is for entry-level cybersecurity professionals eager to explore a functional defensive environment. Cybersecurity analysts, SOC analysts, and junior penetration testers seeking to better understand their targets will find this content particularly useful. If you’re looking for a proper training mechanism for proof-of-concept scenarios, this book has you covered. While not a prerequisite, a solid foundation of offensive and defensive cybersecurity terms, along with basic experience using any Linux operating system, will make following along easier.

Contents:

Cover

Title Page

Copyright and Credits

Dedicated

Contributors

Table of Contents

Preface

Part 1: Introduction, History, and Installation

Chapter 1: Introduction to Cybersecurity

How we got here

Stuxnet

The Target cyberattack of 2013

Offensive security

Nmap

Metasploit Framework

Burp Suite

Wireshark

Aircrack -ng

John the Ripper

Hydra

SQLmap

Maltego

Social Engineering Toolkit (SET)

Defensive security

Confidentiality

Integrity

Availability

Summary

Questions

Further reading

Chapter 2: Kali Linux and the ELK Stack

The evolution of Kali Linux

Elasticsearch, Logstash, and Kibana (ELK stack)

Elasticsearch

Logstash

Kibana

Agents and monitoring

Beats

X-Pack

Chapter 3: Installing the Kali Purple Linux Environment

Technical requirements

Acquiring the Kali Purple distribution

Linux backup

Windows backup

macOS backup

Linux

Mac

Windows

The installation of a VM

Windows users

macOS users

Linux users

Linux VirtualBox installation

macOS VirtualBox installation

Windows VirtualBox installation

Setting the environment PATH variable in Windows

Setting the environment PATH variable in macOS or Linux

The installation of Kali Purple

The installation of the Java SDK

Chapter 4: Configuring the ELK Stack

Chapter 5: Sending Data to the ELK Stack

Understanding the data flow

Filebeat

Linux and macOS download and installation

Types of Beats

Elastic Agent

Logstash and filters

Further reading.

Part 2: Data Analysis, Triage, and Incident Response

Chapter 6: Traffic and Log Analysis

Understanding packets

Malcolm

Arkime

CyberChef and obfuscation

Chapter 7: Intrusion Detection and Prevention Systems

IDS

Traffic monitoring

Anomaly detection

Signature-based detection

Real-time alerts

Log and event analysis

Network and host-based detection

Response and mitigation

Regulatory compliance

Integration with security infrastructure

IPS

Real-time threat prevention

Automated response

Policy enforcement

Inline protection

Application layer protection

Performance optimization

Suricata

Zeek

Chapter 8: Security Incident and Response

Incident response

Docker

Cortex

TheHive

Challenge!

Part 3: Digital Forensics, Offensive Security, and NIST CSF

Chapter 9: Digital Forensics

Digital forensics and malware analysis

Portable Executable Identifier (PEiD)

PEScan

IDA Pro

Volatility3

ApateDNS

SET

BeEF

Chapter 10: Integrating the Red Team and External Tools

OWASP ZAP

Mozilla Firefox

Google Chrome

Metasploit

Scanners

Nikto

Nessus

Greenbone Vulnerability Management and OpenVAS

Password cracking

Medusa

BurpSuite integration

Chapter 11: Autopilot, Python, and NIST Control

Autopilot

Python

NIST Control

Identify

Protect

Detect

Respond

Recover

Govern

Summary.

Questions

Appendix

Index

Other Books You May Enjoy.

Notes:

Description based on publisher supplied metadata and other sources.

Other Format:

Print version: Lane, Karl Introduction to Kali Purple

ISBN:

9781835087350

OCLC:

1441722952