This chapter focused on client-side attacks. First, we installed a tool called Veil, which we use to exploit backdoors, through which we can gain access to a user's system. We then looked at payloads, before generating our own and testing it against antivirus programs. We also learned how to create a backdoor Meterpreter that was used to control a target computer without being detected by antivirus software. We concluded by looking at delivery methods, as well as how to protect systems from such attacks.The next chapter we are going to focus on using the social engineering to launch attacks on the client
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Preface
- Introduction
- Setting Up a Lab
- Linux Basics
- Network Penetration Testing
- Pre-Connection Attacks
- Network Penetration Testing - Gaining Access
- Post-Connection Attacks
- Man-in-the-Middle Attacks
- Network Penetration Testing, Detection, and Security
- Gaining Access to Computer Devices
- Scanning Vulnerabilities Using Tools
- Client-Side Attacks
- Client-Side Attacks - Social Engineering
- Client-side attacks using social engineering 
- Maltego overview
- Social engineering – linking accounts
- Social engineering – Twitter
- Social engineering – emails
- Social engineering – summary
- Downloading and executing AutoIt 
- Changing the icon and compiling the payload
- Changing extensions
- Client-side attacks – TDM email spoofing
- Summary
- Attack and Detect Trojans with BeEF
- Attacks Outside the Local Network
- Post Exploitation
- Website Penetration Testing
- Website Pentesting - Information Gathering
- File Upload, Code Execution, and File Inclusion Vulnerabilities
- SQL Injection Vulnerabilities
- Cross-Site Scripting Vulnerabilities
- Discovering Vulnerabilities Automatically Using OWASP ZAP
- Other Books You May Enjoy
Summary
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.