Home Page Icon
Home Page
Table of Contents for
Cover Page
Close
Cover Page
by Daniel G. Graham
Ethical Hacking
Cover Page
Title Page
Copyright Page
Dedication
About the Author
About the Technical Reviewer
BRIEF CONTENTS
CONTENTS IN DETAIL
ACKNOWLEDGMENTS
FOREWORD
INTRODUCTION
Why Read This Book?
Installing Python
What Is in the Book?
Reaching Out
1 SETTING UP
Virtual Lab
Setting Up VirtualBox
Setting Up pfSense
Setting Up Metasploitable
Setting Up Kali Linux
Setting Up the Ubuntu Linux Desktop
Your First Hack: Exploiting a Backdoor in Metasploitable
PART I NETWORK FUNDAMENTALS
2 CAPTURING TRAFFIC WITH ARP SPOOFING
How the Internet Transmits Data
ARP Spoofing Attacks
Performing an ARP Spoofing Attack
Detecting an ARP Spoofing Attack
Exercises
3 ANALYZING CAPTURED TRAFFIC
Packets and the Internet Protocol Stack
Viewing Packets in Wireshark
Analyzing Packets Collected by Your Firewall
Exercises
4 CRAFTING TCP SHELLS AND BOTNETS
Sockets and Process Communication
Accessing the Victim Machine
Writing a Reverse Shell Client
Writing a TCP Server That Listens for Client Connections
Loading the Reverse Shell onto the Metasploitable Server
Botnets
Exercises
PART II CRYPTOGRAPHY
5 CRYPTOGRAPHY AND RANSOMWARE
Encryption
Encrypting and Decrypting a File
Email Encryption
Encrypting a File with RSA
Writing Ransomware
Exercises
6 TLS AND DIFFIE-HELLMAN
Transport Layer Security
Using Diffie-Hellman to Compute a Shared Key
Elliptic-Curve Diffie-Hellman
Writing TLS Sockets
SSL Stripping and HSTS Bypass
Exercise: Add Encryption to your Ransomware Server
PART III SOCIAL ENGINEERING
7 PHISHING AND DEEPFAKES
A Sophisticated and Sneaky Social Engineering Attack
Faking Emails
Faking Websites
Creating Deepfake Videos
Exercises
8 SCANNING TARGETS
Link Analysis
Google Dorking
Scanning the Entire Internet
IPv6 and NAT Limitations
Vulnerability Databases
Vulnerability Scanners
Exercises
PART IV EXPLOITATION
9 FUZZING FOR ZERO-DAY VULNERABILITIES
Case Study: Exploiting the Heartbleed OpenSSL Vulnerability
Fuzzing
Symbolic Execution
Dynamic Symbolic Execution
Using DSE to Crack a Passcode
Exercises
10 BUILDING TROJANS
Case Study: Re-Creating Drovorub by Using Metasploit
Hiding an Implant in a Legitimate File
Evading Antivirus by Using Encoders
Creating a Windows Trojan
Creating an Android Trojan
Exercises
11 BUILDING AND INSTALLING LINUX ROOTKITS
Writing a Linux Kernel Module
Modifying System Calls
Hooking the Shutdown Syscall
Hiding Files
Using Armitage to Exploit a Host and Install a Rootkit
Exercises
12 STEALING AND CRACKING PASSWORDS
SQL Injection
Stealing Passwords from a Website’s Database
Writing Your Own SQL Injection Tool
Using SQLMap
Hashing Passwords
Building a Salted Hash Cracker
Popular Hash Cracking and Brute-Forcing Tools
Exercises
13 SERIOUS CROSS-SITE SCRIPTING EXPLOITATION
Cross-Site Scripting
Finding Vulnerabilities with OWASP Zed Attack Proxy
Using Browser Exploitation Framework Payloads
Moving from Browser to Machine
Exercise: Hunting for Bugs in a Bug Bounty Program
PART V CONTROLLING THE NETWORK
14 PIVOTING AND PRIVILEGE ESCALATION
Pivoting from a Dual-Homed Device
Extracting Password Hashes on Linux
Exercises
15 MOVING THROUGH THE CORPORATE WINDOWS NETWORK
Creating a Windows Virtual Lab
Extracting Password Hashes with Mimikatz
Passing the Hash with NT LAN Manager
Exploring the Corporate Windows Network
Attacking the DNS Service
Attacking Active Directory and LDAP Services
Attacking Kerberos
Exercise: Kerberoasting
16 NEXT STEPS
Setting Up a Hardened Hacking Environment
Other Topics
Connect with Others
INDEX
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title Page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset