Learning Kali Linux: security testing, penetration testing, and ethical hacking

Intro

Copyright

Table of Contents

Preface

What This Book Covers

New in This Edition

Who This Book Is For

The Value and Importance of Ethics

Conventions Used in This Book

O'Reilly Online Learning

How to Contact Us

Acknowledgments

Chapter 1. Foundations of Kali Linux

Heritage of Linux

About Linux

Acquiring and Installing Kali Linux

Virtual Machines

Low-Cost Computing

Windows Subsystem for Linux

Desktops

Xfce Desktop

GNOME Desktop

Logging In Through the Desktop Manager

Cinnamon and MATE

Using the Command Line

File and Directory Management

Process Management

Other Utilities

User Management

Service Management

Package Management

Remote Access

Log Management

Summary

Useful Resources

Chapter 2. Network Security Testing Basics

Security Testing

Network Security Testing

Monitoring

Layers

Stress Testing

Denial-of-Service Tools

Encryption Testing

Packet Captures

Using tcpdump

Berkeley Packet Filters

Wireshark

Poisoning Attacks

ARP Spoofing

DNS Spoofing

Summary

Useful Resources

Chapter 3. Reconnaissance

What Is Reconnaissance?

Open Source Intelligence

Google Hacking

Automating Information Grabbing

Recon-ng

Maltego

DNS Reconnaissance and whois

DNS Reconnaissance

Regional Internet Registries

Passive Reconnaissance

Port Scanning

TCP Scanning

UDP Scanning

Port Scanning with nmap

High-Speed Scanning

Service Scanning

Manual Interaction

Summary

Useful Resources

Chapter 4. Looking for Vulnerabilities

Understanding Vulnerabilities

Vulnerability Types

Buffer Overflow

Race Condition

Input Validation

Access Control

Vulnerability Scanning

Local Vulnerabilities

Using lynis for Local Checks

OpenVAS Local Scanning

Root Kits

Remote Vulnerabilities

Quick Start with OpenVAS

Creating a Scan

OpenVAS Reports

Network Device Vulnerabilities

Auditing Devices

Database Vulnerabilities

Identifying New Vulnerabilities

Summary

Useful Resources

Chapter 5. Automated Exploits

What Is an Exploit?

Cisco Attacks

Management Protocols

Other Devices

Exploit Database

Metasploit

Starting with Metasploit

Working with Metasploit Modules

Importing Data

Exploiting Systems

Armitage

Social Engineering

Summary

Useful Resources

Chapter 6. Owning Metasploit

Scanning for Targets

Port Scanning

SMB Scanning

Vulnerability Scanning

Exploiting Your Target

Using Meterpreter

Meterpreter Basics

User Information

Process Manipulation

Privilege Escalation

Pivoting to Other Networks

Maintaining Access

Cleaning Up

Summary

Useful Resources

Chapter 7. Wireless Security Testing

The Scope of Wireless

802.11

Bluetooth

Zigbee

WiFi Attacks and Testing Tools

802.11 Terminology and Functioning

Identifying Networks

Intro; Copyright; Table of Contents; Preface; What This Book Covers; Who This Book Is For; The Value and Importance of Ethics; Conventions Used in This Book; Using Code Examples; O'Reilly Safari; How to Contact Us; Acknowledgments; Chapter 1. Foundations of Kali Linux; Heritage of Linux; About Linux; Acquiring and Installing Kali Linux; Desktops; GNOME Desktop; Logging In Through the Desktop Manager; Xfce Desktop; Cinnamon and MATE; Using the Command Line; File and Directory Management; Process Management; Other Utilities; User Management; Service Management; Package Management

Log ManagementSummary; Useful Resources; Chapter 2. Network Security Testing Basics; Security Testing; Network Security Testing; Monitoring; Layers; Stress Testing; Denial-of-Service Tools; Encryption Testing; Packet Captures; Using tcpdump; Berkeley Packet Filters; Wireshark; Poisoning Attacks; ARP Spoofing; DNS Spoofing; Summary; Useful Resources; Chapter 3. Reconnaissance; What Is Reconnaissance?; Open Source Intelligence; Google Hacking; Automating Information Grabbing; Recon-NG; Maltego; DNS Reconnaissance and whois; DNS Reconnaissance; Regional Internet Registries

Passive ReconnaissancePort Scanning; TCP Scanning; UDP Scanning; Port Scanning with Nmap; High-Speed Scanning; Service Scanning; Manual Interaction; Summary; Useful Resources; Chapter 4. Looking for Vulnerabilities; Understanding Vulnerabilities; Vulnerability Types; Buffer Overflow; Race Condition; Input Validation; Access Control; Local Vulnerabilities; Using lynis for Local Checks; OpenVAS Local Scanning; Root Kits; Remote Vulnerabilities; Quick Start with OpenVAS; Creating a Scan; OpenVAS Reports; Network Device Vulnerabilities; Auditing Devices; Database Vulnerabilities

Identifying New VulnerabilitiesSummary; Useful Resources; Chapter 5. Automated Exploits; What Is an Exploit?; Cisco Attacks; Management Protocols; Other Devices; Exploit Database; Metasploit; Starting with Metasploit; Working with Metasploit Modules; Importing Data; Exploiting Systems; Armitage; Social Engineering; Summary; Useful Resources; Chapter 6. Owning Metasploit; Scanning for Targets; Port Scanning; SMB Scanning; Vulnerability Scans; Exploiting Your Target; Using Meterpreter; Meterpreter Basics; User Information; Process Manipulation; Privilege Escalation; Pivoting to Other Networks

Maintaining AccessSummary; Useful Resources; Chapter 7. Wireless Security Testing; The Scope of Wireless; 802.11; Bluetooth; Zigbee; WiFi Attacks and Testing Tools; 802.11 Terminology and Functioning; Identifying Networks; WPS Attacks; Automating Multiple Tests; Injection Attacks; Password Cracking on WiFi; besside-ng; coWPAtty; Aircrack-ng; Fern; Going Rogue; Hosting an Access Point; Phishing Users; Wireless Honeypot; Bluetooth Testing; Scanning; Service Identification; Other Bluetooth Testing; Zigbee Testing; Summary; Useful Resources; Chapter 8. Web Application Testing; Web Architecture