Home Page Icon
Home Page
Table of Contents for
Kali Linux Intrusion and Exploitation Cookbook
Close
Kali Linux Intrusion and Exploitation Cookbook
by Ishan Girdhar, Dhruv Shah
Kali Linux Intrusion and Exploitation Cookbook
Kali Linux Intrusion and Exploitation Cookbook
Kali Linux Intrusion and Exploitation Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Why subscribe?
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting ready
How to do it…
How it works…
There's more…
See also
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. Getting Started - Setting Up an Environment
Introduction
Installing Kali Linux on Cloud - Amazon AWS
Getting ready
How to do it...
How it works...
There's more...
Installing Kali Linux on Docker
Getting ready
How to do it...
How it works...
There's more...
Installing NetHunter on OnePlus One
Getting ready
How to do it...
How it works...
There's more...
Installing Kali Linux on a virtual machine
Getting ready
How to do it...
How it works...
Customizing Kali Linux for faster package updates
Getting ready
How to do it...
How it works...
Customizing Kali Linux for faster operations
Getting ready
How to do it...
How it works...
Configuring remote connectivity services - HTTP, TFTP, and SSH
Getting ready
How to do it...
How it works...
Configuring Nessus and Metasploit
Getting ready
How to do it...
How it works...
There's more...
Configuring third-party tools
Getting ready
How to do it...
How it works...
Installing Docker on Kali Linux
Getting ready
How to do it...
How it works...
2. Network Information Gathering
Introduction
Discovering live servers over the network
Getting ready
How to do it...
How it works...
There's more...
See also
Bypassing IDS/IPS/firewall
Getting ready
How to do it...
How it works...
There's more...
Discovering ports over the network
Getting ready
How to do it...
How it works...
There's more...
See also
Using unicornscan for faster port scanning
Getting ready
How to do it...
How it works...
There's more...
Service fingerprinting
Getting ready
How to do it...
How it works...
There's more...
Determining the OS using nmap and xprobe2
Getting ready
How to do it...
How it works...
There's more...
Service enumeration
Getting ready
How to do it...
How it works...
There's more...
Open-source information gathering
Getting ready
How to do it...
How it works...
There's more...
3. Network Vulnerability Assessment
Introduction
Using nmap for manual vulnerability assessment
Getting ready
How to do it...
How it works...
There's more...
See also...
Integrating nmap with Metasploit
Getting ready
How to do it...
How it works...
There's more...
Walkthrough of Metasploitable assessment with Metasploit
Getting ready...
How to do it...
How it works...
There's more...
See also...
Vulnerability assessment with OpenVAS framework
Getting ready
How to do it...
How it works...
There's more...
PTES
OWASP
Web Application Hacker's Methodology
See also...
4. Network Exploitation
Introduction
Gathering information for credential cracking
Getting ready
How to do it...
Cracking FTP login using custom wordlist
Getting ready
How to do it...
How it works...
There's more...
Cracking SSH login using custom wordlist
Getting ready
How to do it...
How it works...
There's more...
Cracking HTTP logins using custom wordlist
Getting ready
How to do it...
How it works...
There's more...
Cracking MySql and PostgreSQL login using custom wordlist
Getting ready
How to do it...
How it works...
There's more...
Cracking Cisco login using custom wordlist
Getting ready
How to do it...
How it works...
There's more...
Exploiting vulnerable services (Unix)
Getting ready
How to do it...
How it works...
There's more...
Exploiting vulnerable services (Windows)
Getting ready
How to do it...
How it works...
There's more...
Exploiting services using exploit-db scripts
Getting ready
How to do it...
How it works...
There's more...
5. Web Application Information Gathering
Introduction
Setting up API keys for recon-ng
Getting ready
How to do it...
How it works...
Using recon-ng for reconnaissance
Getting ready
How to do it...
Gathering information using theharvester
Getting ready
How to do it...
How it works...
Using DNS protocol for information gathering
Getting ready
How to do it...
How it works...
There's more...
Web application firewall detection
Getting ready
How to do it...
How it works...
HTTP and DNS load balancer detection
Getting ready
How to do it...
How it works...
Discovering hidden files/directories using DirBuster
Getting ready
How to do it...
How it works...
CMS and plugins detection using WhatWeb and p0f
Getting ready
How to do it...
How it works...
There's more...
Finding SSL cipher vulnerabilities
Getting ready
How to do it...
How it works...
6. Web Application Vulnerability Assessment
Introduction
Running vulnerable web applications in Docker
Getting ready
How to do it...
How it works...
Using W3af for vulnerability assessment
Getting ready
How to do it...
How it works...
Using Nikto for web server assessment
Getting ready
How to do it...
How it works...
Using Skipfish for vulnerability assessment
Getting ready
How to do it...
How it works...
Using Burp Proxy to intercept HTTP traffic
Getting ready
How to do it...
How it works...
Using Burp Intruder for customized attack automation
Getting ready
How to do it...
How it works...
Using Burp Sequencer to test the session randomness
Getting ready
How to do it...
How it works...
7. Web Application Exploitation
Introduction
Using Burp for active/passive scanning
Getting ready
How to do it...
How it works...
Using sqlmap to find SQL Injection on the login page
Getting ready
How to do it...
How it works...
Exploiting SQL Injection on URL parameters using SQL Injection
Getting ready
How to do it...
How it works...
Getting ready
How to do it...
How it works...
Using Weevely for file upload vulnerability
Getting ready
How to do it...
How it works...
Exploiting Shellshock using Burp
Getting ready
How to do it...
How it works...
Using Metasploit to exploit Heartbleed
Getting ready
How to do it...
How it works...
Using the FIMAP tool for file inclusion attacks (RFI/LFI)
Getting ready
How to do it...
How it works...
8. System and Password Exploitation
Introduction
Using local password-attack tools
Getting ready
How to do it...
How it works...
There's more...
Cracking password hashes
Getting ready
How to do it...
How it works...
There's more...
Using Social-Engineering Toolkit
Getting ready
How to do it...
How it works...
There's more...
Using BeEF for browser exploitation
Getting ready
How to do it...
How it works...
There's more...
Cracking NTLM hashes using rainbow tables
Getting ready
How to do it...
How it works...
There's more...
9. Privilege Escalation and Exploitation
Introduction
Using WMIC to find privilege-escalation vulnerabilities
Getting ready
How to do it...
How it works...
There's more...
Sensitive-information gathering
Getting ready
How to do it...
There's more...
Unquoted service-path exploitation
Getting ready
How to do it...
How it works...
There's more...
See also...
Service permission issues
Getting ready
How to do it...
How it works...
There's more...
Misconfigured software installations/insecure file permissions
Getting ready
How to do it...
How it works...
There's more...
See also...
Linux privilege escalation
Getting ready
How to do it...
How it works...
There's more...
See also...
10. Wireless Exploitation
Introduction
Setting up a wireless network
Getting ready
How to do it...
Bypassing MAC address filtering
Getting ready
How to do it...
There's more...
Sniffing network traffic
Getting ready
How to do it...
How it works...
There's more...
Cracking WEP encryption
Getting ready
How to do it...
How it works...
There's more...
Cracking WPA/WPA2 encryption
Getting ready
How to do it...
How it works...
There's more...
Cracking WPS
Getting ready
How to do it...
How it works...
There's more...
Denial-of-service attacks
Getting ready
How to do it...
How it works...
There's more...
A. Pen Testing 101 Basics
Introduction
What is penetration testing?
What is vulnerability assessment
Penetration testing versus vulnerability assessment
Objectives of penetration testing
Types of penetration testing
Black box
White box
Gray box
Who should be doing penetration testing?
What is the goal here?
General penetration testing phases
Gathering requirements
Preparing and planning
Defining scope
Conducting a penetration test
Categorization of vulnerabilities
Asset risk rating
Reporting
Conclusion
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Table of Contents
Next
Next Chapter
Kali Linux Intrusion and Exploitation Cookbook
Kali Linux Intrusion and Exploitation Cookbook
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset