Home Page Icon
Home Page
Table of Contents for
Kali Linux 2: Windows Penetration Testing
Close
Kali Linux 2: Windows Penetration Testing
by Bo Weaver, Wolf Halton
Kali Linux 2: Windows Penetration Testing
Kali Linux 2: Windows Penetration Testing
Table of Contents
Kali Linux 2: Windows Penetration Testing
Credits
About the Authors
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
1. Sharpening the Saw
Installing Kali Linux to an encrypted USB drive
Prerequisites for installation
Booting Up
Installing configuration
Setting up the drive
Booting your new installation of Kali
Running Kali from the live CD
Installing and configuring applications
Gedit – the Gnome text editor
Terminator – the terminal emulator for multitasking
EtherApe – the graphical protocol analysis tool
Setting up and configuring OpenVAS
Reporting the tests
KeepNote – the standalone document organizer
Dradis – the web-based document organizer
Running services on Kali Linux
Exploring the Kali Linux Top 10 and more
Summary
2. Information Gathering and Vulnerability Assessment
Footprinting the network
Exploring the network with Nmap
Zenmap
The difference verbosity makes
Scanning a network range
Where can you find instructions on this thing?
A return to OpenVAS
Using Maltego
Using Unicorn-Scan
Monitoring resource use with Htop
Monkeying around the network
Summary
3. Exploitation Tools (Pwnage)
Choosing the appropriate time and tool
Choosing the right version of Metasploit
Starting Metasploit
Creating workspaces to organize your attack
Using the hosts and services commands
Using advanced footprinting
Interpreting the scan and building on the result
Exploiting poor patch management
Finding out whether anyone is home
Using the pivot
Mapping the network to pivot
Creating the attack path
Grabbing system on the target
Setting Up the route
Exploring the inner network
Abusing the Windows NET USE command
Adding a Windows user from the command line
Summary
4. Web Application Exploitation
Surveying the webscape
Concept of Robots.txt
Concept of .htaccess
Quick solutions to cross-site scripting
Reducing buffer overflows
Avoiding SQL injection
Arm yourself with Armitage
Working with a single known host
Discovering new machines with NMap
Zinging Windows servers with OWASP ZAP
Using ZAP as an attack proxy
Reading the ZAP interface
Search and destroy with Burp Suite
Targeting the test subject
Using Burp Suite as a Proxy
Installing the Burp Suite security certificate
Spidering a site with Burp Spider
Summary
5. Sniffing and Spoofing
Sniffing and spoofing network traffic
Sniffing network traffic
Basic sniffing with tcpdump
More basic sniffing with WinDump (Windows tcpdump)
Packet hunting with Wireshark
Dissecting the packet
Swimming with Wireshark
Spoofing network traffic
Ettercap
Using Ettercap on the command line
Summary
6. Password Attacks
Password attack planning
Cracking the NTLM code (Revisited)
Password lists
Cleaning a password list
My friend Johnny
John the Ripper (command line)
xHydra
Adding a tool to the main menu in Kali 2.x
Summary
7. Windows Privilege Escalation
Gaining access with Metasploit
Replacing the executable
Local privilege escalation with a standalone tool
Escalating privileges with physical access
Robbing the Hives with samdump2
Owning the registry with chntpw
Weaseling in with Weevely
Preparing to use Weevely
Creating an agent
Testing Weevely locally
Testing Weevely on a Windows server
Getting help in Weevely
Getting the system info
Using filesystem commands in Weevely
Writing into files
Summary
8. Maintaining Remote Access
Maintaining access
Covering our tracks
Maintaining access with Ncat
Phoning Home with Metasploit
The Dropbox
Cracking the NAC (Network Access Controller)
Creating a Spear-Phishing Attack with the Social Engineering Toolkit
Using Backdoor-Factory to Evade Antivirus
Summary
9. Reverse Engineering and Stress Testing
Setting up a test environment
Creating your victim machine(s)
Testing your testing environment
Reverse engineering theory
One general theory of reverse engineering
Working with Boolean logic
Reviewing a while loop structure
Reviewing the for loop structure
Understanding the decision points
Practicing reverse engineering
Demystifying debuggers
Using the Valgrind Debugger to discover memory leaks
Translating your app to assembler with the EDB-Debugger
EDB-Debugger symbol mapper
Running OllyDbg
Introduction to disassemblers
Running JAD
Create your own disassembling code with Capstone
Some miscellaneous reverse engineering tools
Running Radare2
Additional members of the Radare2 tool suite
Running rasm2
Running rahash2
Running radiff2
Running rafind2
Running rax2
Stresstesting Windows
Dealing with Denial
Putting the network under Siege
Configuring your Siege engine
Summary
10. Forensics
Getting into Digital Forensics
Exploring Guymager
Starting Kali for Forensics
Acquiring a drive to be legal evidence
Cloning With Guymager
Diving into Autopsy
Mounting image files
Summary
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Table of Contents
Next
Next Chapter
Kali Linux 2: Windows Penetration Testing
Kali Linux 2: Windows Penetration Testing
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset