Index
Symbols
- # (hash sign), File and Directory Management
- / (root directory), File and Directory Management
- 802.11 protocols
- basics of, 802.11
- functioning, 802.11 Terminology and Functioning
- monitor mode, 802.11 Terminology and Functioning
- network types, 802.11 Terminology and Functioning
- vulnerability issues of WiFi, WiFi Attacks and Testing Tools
- ; (semi-colon), Command Injection
- < operator, Other Utilities
- > operator, Other Utilities
- | (pipe) operator, Other Utilities
A
- ABI (application binary interface), Intermediate Languages
- access control lists, TCP Scanning
- access control vulnerabilities, Access Control
- access, maintaining, Maintaining Access-Maintaining Access, Maintaining Access and Cleanup-Maintaining Access
- Active Directory servers, Security Account Manager
- ad hoc networks, 802.11 Terminology and Functioning
- Address Resolution Protocol (ARP), Stress Testing
- adduser command, User Management
- Advanced Package Tool (apt), About Linux, Package Management
- Advanced RISC Machine (ARM), Acquiring and Installing Kali Linux
- AES (Advanced Encryption Standard), Encryption Testing
- AfriNIC (African Network Information Center), Regional Internet Registries
- aircrack-ng package, Injection Attacks, besside-ng, Aircrack-ng-Aircrack-ng
- aireplay-ng program, Injection Attacks
- airodump-ng program, coWPAtty
- Ajax (Asynchronous JavaScript and XML), XML Entity Injection
- allintext: keyword, Google Hacking
- allinurl: keyword, Google Hacking
- amap tool, Service Scanning
- Apache Killer, Slowloris attack
- API keys, Recon-NG
- APNIC (Asia Pacific Network Information Centre), Regional Internet Registries
- application layer, Layers
- application servers, Application Server, Java-Based Application Servers
- APs (access points)
- in enterprise environments, 802.11 Terminology and Functioning
- hosting with Linux, Hosting an Access Point
- in infrastructure networks, 802.11 Terminology and Functioning
- rougue access points, Going Rogue-Wireless Honeypot
- apt
- -cache command, Package Management
- autoremove command, Package Management
- install packagename command, Package Management
- remove packagename command, Package Management
- upgrade command, Package Management
- arbitrary code execution, Buffer Overflow
- ARIN (American Registry for Internet Numbers), Regional Internet Registries
- Armitage, Armitage-Armitage
- ARP (Address Resolution Protocol), ARP Spoofing
- arpspoof, DNS Spoofing
- ASICs (application-specific integrated circuits), Cisco Attacks
- asymmetric encryption, Encryption Testing
- attacks (see also threats)
- automated web attacks, Automated Web Attacks-Java-Based Application Servers
- cache poisoning attacks, DNS Spoofing
- Cisco attacks, Cisco Attacks-Other Devices
- cross-site request forgery (CSRF), Cross-Site Request Forgery
- cross-site scripting (XSS), Cross-Site Scripting, Proxystrike
- deauthentication attacks, besside-ng
- denial-of-service attacks, Denial-of-Service Tools-DHCP attacks
- DHCP attacks, DHCP attacks
- Evil Twin attacks, Phishing Users
- injection attacks, Injection Attacks, Web-Based Attacks-Command Injection
- maintaining access post-attack, Maintaining Access-Maintaining Access, Maintaining Access and Cleanup-Maintaining Access
- Pixie Dust attack, WPS Attacks, Automating Multiple Tests
- poisoning attacks, Poisoning Attacks-DNS Spoofing
- post-attack cleanup, Metasploit and Cleanup
- session hijacking, Session Hijacking
- Slowloris attack, Slowloris attack-Slowloris attack
- social engineering attacks, Reconnaissance, Open Source Intelligence, Social Engineering-Social Engineering
- spoofing attacks, Poisoning Attacks
- SQL-based attacks, SQL Injection, Proxystrike, SQL-Based Attacks-SQL-Based Attacks
- WannaCry ransomware attack, Vulnerability Scans
- web-based attacks, Web-Based Attacks-Session Hijacking
- WiFi attacks, WiFi Attacks and Testing Tools-Injection Attacks
- attributions, Using Code Examples
- authentication process, Password Storage, PAM and Crypt
- automated web attacks
- dirbuster program, dirbuster and gobuster
- gobuster program, dirbuster and gobuster
- Java-based application servers, Java-Based Application Servers
- nikto scanner, nikto
- reconnaissance, Recon-Recon
- Vega program, Vega
- Autopsy, Using the Command Line
- AV (attack vector), Importing Data, Determining Threat Potential and Severity
- availability, Stress Testing
B
- backdoors, maintaining, Maintaining Access, Maintaining Access and Cleanup-Maintaining Access
- background processes, Process Management
- BackTrack Linux, Acquiring and Installing Kali Linux
- beacon frames, Identifying Networks
- beacons, 802.11 Terminology and Functioning
- BeagleBone, Acquiring and Installing Kali Linux
- Berkeley Systems Distribution (BSD), About Linux
- besside-ng program, besside-ng
- big-endian systems, Return to libc
- Birthday Paradox, User Information, Password Storage
- black-box testing, Remote Vulnerabilities, Identifying New Vulnerabilities
- bluelog tool, Other Bluetooth Testing
- blueranger.sh program, Other Bluetooth Testing
- Bluetooth protocol
- determining device proximity, Other Bluetooth Testing
- device discoverability and, Bluetooth
- history of, Bluetooth
- logging device activity, Other Bluetooth Testing
- radio band range used for, Bluetooth Testing
- security testing, Bluetooth Testing-Other Bluetooth Testing
- bluez-tools package, Scanning
- boundary testing, Identifying New Vulnerabilities
- Bourne Again Shell (bash), Using the Command Line, User Management
- BPF (Berkeley Packet Filter), Berkeley Packet Filters
- BSSID (base station set identifier), Identifying Networks, Automating Multiple Tests
- btscanner program, Scanning
- buffer overflow, Buffer Overflow-Buffer Overflow, Buffer Overflows
- Bugtraq, Understanding Vulnerabilities, Exploit Database
- built-in commands, Using the Command Line
- Burp Suite, Burp Suite-Burp Suite, Web-Based Cracking-Web-Based Cracking
C
- C library (libc) attacks, Return to libc
- cache poisoning attacks, DNS Spoofing
- cache: keyword, Google Hacking
- caching servers, DNS Reconnaissance
- CAM (content addressable memory), Poisoning Attacks
- CaseFile, CaseFile-CaseFile
- CAT (Cisco Auditing Tool), Auditing Devices, Cisco Attacks
- CCMP (CCM mode protocol), besside-ng
- CGE (Cisco Global Exploiter) program, Management Protocols
- cge.pl script, Auditing Devices, Management Protocols
- chance, defined, Determining Threat Potential and Severity
- check_credentials module, User Information
- chmod (set permissions) command, File and Directory Management
- CIA triad, Security Testing
- CIFS (Common Internet File System), Vulnerability Scans
- Cinnamon desktop environment, Cinnamon and MATE
- cipher suites, Encryption Testing
- Cisco attacks
- management protocols, Management Protocols
- router and switch basics, Cisco Attacks
- routersploit program, Other Devices-Other Devices
- cisco-ocs tool, Auditing Devices
- cisco-torch program, Auditing Devices, Management Protocols
- clearev function, Metasploit and Cleanup
- collisions, User Information, Identifying Networks
- command chaining, Other Utilities
- command injection, Command Injection
- command line
- benefits of using, Using the Command Line
- command types, Using the Command Line
- file and directory management, File and Directory Management-File and Directory Management
- input and output utilities, Other Utilities
- manual pages, Process Management
- process management, Process Management-Process Management
- | (pipe) operator, Other Utilities
- compilation errors, Programming Errors
- compiled programming languages
- C language, Compiled Languages
- functions in, Compiled Languages
- linkers, Compiled Languages
- modular programming, Compiled Languages
- object code, Compiled Languages
- preprocessors in, Compiled Languages
- program execution in, Compiled Languages
- stack frames in, Compiled Languages
- syntax of, Compiled Languages
- variables and statements in, Compiled Languages
- confidentiality, Security Testing
- configuration, Acquiring and Installing Kali Linux-Acquiring and Installing Kali Linux
- cookies, Session Hijacking
- Counter Mode CBC-MAC Protocol, besside-ng
- coWPAtty program, coWPAtty
- cross-site scripting (XSS), Cross-Site Scripting, Proxystrike
- cryptographic algorithms, PAM and Crypt
- cryptographic hashes, Password Storage
- CSRF (cross-site request forgery), Cross-Site Request Forgery
- CutyCapt utility, Capturing Data
- CVE (Common Vulnerabilities and Exposures), Exploit Database
- CVSS (Common Vulnerability Scoring System), Importing Data
- cymothoa program, Maintaining Access
D
- daemons, Local Vulnerabilities
- data breaches, common causes of, Reconnaissance
- data layer, Layers
- data validation, Input Validation, Web-Based Attacks
- database servers, Database Server
- database vulnerabilities, Database Vulnerabilities, Web-Based Attacks
- davtest program, Assorted Tasks
- ddd program, Debugging
- deauthentication attacks, besside-ng
- Debian, About Linux, Acquiring and Installing Kali Linux
- debugging, Debugging-Debugging
- delete_user module, Metasploit and Cleanup
- denial-of-service testing
- deauthentication attacks and, besside-ng
- DHCP attacks, DHCP attacks
- exploiting Cisco devices, Management Protocols
- Slowloris attack, Slowloris attack-Slowloris attack
- SSL-based stress testing, SSL-based stress testing
- stress testing and, Denial-of-Service Tools
- DES (Digital Encryption Standard), Security Account Manager
- desktop environments
- Cinnamon, Cinnamon and MATE
- desktop manager, Logging In Through the Desktop Manager
- GNOME, GNOME Desktop-GNOME Desktop
- K Desktop Environment (KDE), Cinnamon and MATE
- MATE, Cinnamon and MATE
- per distribution, About Linux
- selecting, Desktops, Cinnamon and MATE
- Xfce, Xfce Desktop
- DHCP (Dynamic Host Configuration Protocol), DHCP attacks
- DHCPig tool, DHCP attacks
- dictionaries, Local Cracking
- Diffie-Hellman key, Encryption Testing, Encryption Testing
- dig program, Using nslookup and dig
- dirbuster program, dirbuster and gobuster
- disassembling programs, Disassembling-Disassembling
- display managers, Logging In Through the Desktop Manager
- distributions (Linux), About Linux
- DNS (Domain Name System), DNS Reconnaissance and whois
- DNS reconnaissance
- automating, Automating DNS recon
- dig program, Using nslookup and dig
- DNS lookups, DNS Reconnaissance
- nslookup, Using nslookup and dig-Using nslookup and dig
- RIRs (regional internet registries) and, Regional Internet Registries
- role in security testing, DNS Reconnaissance and whois
- dnsrecon tool, Automating DNS recon
- dnsspoof program, DNS Spoofing
- downloading, Acquiring and Installing Kali Linux-Acquiring and Installing Kali Linux
- dpkg command, Package Management
- Dradis Framework, Organizing Your Data-Dradis Framework
- drivers, Acquiring and Installing Kali Linux
- dual-mode editors, Text Editors
- DVWA (Damn Vulnerable Web Application), Zed Attack Proxy
E
- EasyScreenCast utility, Capturing Data
- EDR (Enhanced Data Rate), Service Identification
- EIP (extended instruction pointer), Heap Overflows
- ElementaryOS, About Linux
- ELF (Executable and Linkable Format), Disassembling
- emacs text editor, Text Editors
- encryption testing
- cipher suite of algorithms, Encryption Testing
- Diffie-Hellman key, Encryption Testing
- encryption basics, Encryption Testing
- encryption types, Encryption Testing
- Heartbleed, Encryption Testing
- key handling, Encryption Testing
- sslscan tool, Encryption Testing-Encryption Testing
- enum4linux tool, Service Scanning
- Equifax data breach, Web-Based Attacks
- ESMTP (Extended SMTP), Manual Interaction
- ESSIDs (extended service set identifiers), Automating Multiple Tests
- EternalBlue vulnerability, Vulnerability Scans
- ethical issues
- password cracking, Cracking Passwords
- performing exploits, What Is an Exploit?
- permission for security testing, The Value and Importance of Ethics, Stress Testing, Aircrack-ng
- pivoting, Owning Metasploit
- spoofing attacks, Poisoning Attacks
- Ettercap, DNS Spoofing
- EULA (end-user license agreement), Process Manipulation
- event logs, clearing, Metasploit and Cleanup
- Evil Twin attacks, Phishing Users
- executive summaries, Executive Summary
- Exploit Database, Exploit Database
- exploits
- Armitage, Armitage-Armitage
- basics of, Automated Exploits
- Cisco attacks, Cisco Attacks-Other Devices
- defined, Understanding Vulnerabilities, What Is an Exploit?
- ethical considerations, What Is an Exploit?
- Exploit Database, Exploit Database
- Metasploit development framework, Metasploit-Exploiting Systems
- role in security testing, What Is an Exploit?
- root-level exploits, Acquiring Passwords
- social engineering attacks, Social Engineering
F
- false positives, OpenVAS Reports
- Fedora Core, About Linux
- Feistel, Horst, Encryption Testing
- Fern application, Fern-Fern
- file and directory management
- chmod (set permissions) command, File and Directory Management
- executable files, File and Directory Management
- finding programs, File and Directory Management
- Linux filesystem structure, File and Directory Management
- locate command, File and Directory Management
- ls (listing files and directories) command, File and Directory Management
- ls-la (long listing of all files) command, File and Directory Management
- pwd (print working directory) command, File and Directory Management
- updatedb program, File and Directory Management
- filetype: keyword, Google Hacking
- filtering and searching, File and Directory Management, Other Utilities
- find program, File and Directory Management
- Findings section (report writing), Findings
- firewalls, TCP Scanning, Firewall
- firmware, defined, Cisco Attacks
- flooding tools, Stress Testing, High-Speed Scanning
- foreground processes, Process Management
- FQDNs (fully qualified domain names), DNS Reconnaissance
- fragroute program, Stress Testing, Wireshark
- frequency analyses, Aircrack-ng
- full screens, Using the Command Line
- full-connect scans, Port Scanning with Nmap
- functional testing, Identifying New Vulnerabilities
- functions, defined, Buffer Overflow, Compiled Languages
- fuzzers, Looking for Vulnerabilities, Identifying New Vulnerabilities-Identifying New Vulnerabilities, Burp Suite, Zed Attack Proxy, Web-Based Cracking
G
- gcc-multilib package, Privilege Escalation
- gdb debugger, Debugging-Disassembling
- getuid program, User Information
- git version-control system, About Linux
- GNOME Toolkit (GTK), Xfce Desktop
- GNU Object Model Environment (GNOME), About Linux, GNOME Desktop-GNOME Desktop
- GNU Project, About Linux
- gobuster program, dirbuster and gobuster
- Google Dorks, Google Hacking-Google Hacking
- Google Hacking, Google Hacking-Google Hacking
- Google Hacking Database, Google Hacking
- graphical user interfaces (GUIs), About Linux
- gratuitous ARP messages, ARP Spoofing
- gray-box testing, Remote Vulnerabilities
- Greenbone Security Assistant, Remote Vulnerabilities
- grep program, Other Utilities
- groupadd command, User Management
- GUI-based text editors, GUI-Based Editors
H
- H.323 protocol, Stress Testing
- half-open connections, Stress Testing
- half-open scans, Port Scanning with Nmap
- handles, Process Manipulation
- theHarvester tool, Automating Information Grabbing-Automating Information Grabbing
- hash functions, Password Storage
- hash sign (#), File and Directory Management
- HashCat program, HashCat
- hashdump program, User Information, Acquiring Passwords
- hcitool program, Service Identification
- hciutil program, Scanning
- heap overflows, Heap Overflows
- heap spraying, Heap Overflows
- Heartbleed, Encryption Testing
- honeypots, Wireless Honeypot
- hostapd service, Hosting an Access Point
- hostnames, DNS Reconnaissance
- hping3 tool, Stress Testing, High-Speed Scanning
- HTTP (Hypertext Transport Protocol), Management Protocols
- hydra program, Hydra
- hypervisors
- selecting, Acquiring and Installing Kali Linux
- tools provided by, Acquiring and Installing Kali Linux
I
- I-BGP (Interior Border Gateway Protocol), Cisco Attacks
- ICANN (Internet Corporation for Assigned Names and Numbers), Regional Internet Registries
- IEEE (Electrical and Electronics Engineers), 802.11
- incremental method, John the Ripper
- infrastructure networks, 802.11 Terminology and Functioning
- init startup process, Service Management
- initialization vectors, Aircrack-ng
- injection attacks, Injection Attacks, Web-Based Attacks-Command Injection
- input validation vulnerabilities, Input Validation, Web-Based Attacks
- input/output streams, Other Utilities
- InSpy program, Automating Information Grabbing
- installation, Acquiring and Installing Kali Linux-Acquiring and Installing Kali Linux
- integrity, Security Testing
- intermediate languages, Intermediate Languages-Intermediate Languages
- Internet Control Message Protocol (ICMP), Stress Testing
- interpreted programming languages, Interpreted Languages
- interprocess communication (IPC), Process Management
- intext: keyword, Google Hacking
- Intruder tool, Burp Suite
- inurl: keyword, Google Hacking
- inviteflood tool, Stress Testing
- IOS (Internetwork Operating System), Auditing Devices
- IP (Internet Protocol) addresses, Layers
- IPC (interprocess communication), Process Management
- IPv4 addresses, Layers, Stress Testing
- IPv6 addresses, Layers, Stress Testing
- IS-IS (Intermediate System to Intermediate System), Cisco Attacks
J
- Java Remote Method Invocation (RMI), Exploiting Systems, Pivoting to Other Networks
- Java-based application servers, Java-Based Application Servers
- JBoss, Java-Based Application Servers
- JBoss-Autopwn, Java-Based Application Servers
- John the Ripper program, Local Cracking-John the Ripper
- Joy, Bill, Acquiring and Installing Kali Linux
K
- K Desktop Environment (KDE), About Linux, Cinnamon and MATE
- Kali Linux
- acquiring and installing, Acquiring and Installing Kali Linux-Acquiring and Installing Kali Linux
- basics of, Foundations of Kali Linux-Summary
- design focus of, Preface
- exploiting vulnerabilities, Automated Exploits-Summary
- Metasploit development framework, Owning Metasploit-Summary
- network security testing basics, Network Security Testing Basics-Summary
- overview of topics covered, What This Book Covers
- password cracking, Cracking Passwords-Summary
- prerequisites to learning, Who This Book Is For
- programming and security testing, Advanced Techniques and Concepts-Summary
- reconnaissance, Reconnaissance-Summary
- reporting, Reporting-Summary
- vulnerability analysis, Looking for Vulnerabilities-Summary
- web application testing, Web Application Testing-Summary
- wireles security testing, Wireless Security Testing-Summary
- Kerberos authentication, User Information
- keys, Encryption Testing
- keywords, Google Hacking-Google Hacking
- kill command, Process Management
- killall program, Process Management
- KillerBee package, Zigbee Testing
- Kismet, Identifying Networks
- kismet program, coWPAtty
- Knoppix Linux, Acquiring and Installing Kali Linux
L
- LACNIC (Latin America and Caribbean Network Information Centre), Regional Internet Registries
- layers
- LDAP (Lightweight Directory Access Protocol), PAM and Crypt
- Leafpad, GUI-Based Editors
- LightDM, Logging In Through the Desktop Manager
- link: keyword, Google Hacking
- Linux
- basics of, About Linux-About Linux
- benefits of, Foundations of Kali Linux
- filesystem structure, File and Directory Management
- heritage of, Heritage of Linux
- little-endian systems, Return to libc
- LM (LanManager) hashes, Security Account Manager, HashCat
- load balancers, Load Balancer
- local password cracking, Local Cracking-HashCat
- HashCat program, HashCat
- John the Ripper program, John the Ripper
- rainbow tables, Rainbow Tables
- local vulnerabilities
- basics of, Local Vulnerabilities
- defined, Understanding Vulnerabilities
- lynis program for local checks, Using lynis for Local Checks-Using lynis for Local Checks
- OpenVAS for local scanning, OpenVAS Local Scanning-OpenVAS Local Scanning
- root kits, Root Kits-Root Kits
- locate command, File and Directory Management
- log management
- application entries, Log Management
- benefits of, Log Management
- nxlog package, Package Management
- parsing logs, Log Management
- role in network security testing, Monitoring
- rsyslog system logger, Log Management
- selecting log delivery facilities, Log Management
- ls (listing files and directories) command, File and Directory Management
- ls-la (long listing of all files) command, File and Directory Management
- ltrace program, Tracing Programs
- Lucifer cipher, Encryption Testing
- lynis program, Using lynis for Local Checks-Using lynis for Local Checks
M
- MAC (media access control) address, Layers
- machines (Maltego), Maltego
- main functions, Compiled Languages
- Makefiles, Compiling and Building
- man program, Process Management
- mangling rules, Local Cracking
- manual pages, Process Management
- manual testing, tools for, Monitoring
- masscan port scanner, High-Speed Scanning-High-Speed Scanning
- MATE desktop environment, Cinnamon and MATE
- Matlego, Maltego-Maltego
- MD5 (Message Digest 5) algorithm, Encryption Testing, Password Storage
- memory addresses/segments, Compiled Languages
- memory usage, listing, Process Management, Monitoring
- Metasploit development framework
- benefits of, Metasploit
- exploiting systems, Exploiting Systems-Exploiting Systems
- exploiting targets, Exploiting Your Target-Exploiting Your Target
- importing data, Importing Data-Importing Data
- maintaining access post-attack, Maintaining Access-Maintaining Access, Maintaining Access
- Meterpreter and, Using Meterpreter-Process Manipulation
- password cracking and, John the Ripper
- pivoting to other networks, Pivoting to Other Networks-Pivoting to Other Networks
- post-attack cleanup, Metasploit and Cleanup
- privilege escalation, Privilege Escalation-Privilege Escalation
- purpose of, Metasploit
- scanning for targets, Scanning for Targets-Vulnerability Scans
- scripts and modules in, Metasploit
- starting, Starting with Metasploit
- working with modules, Working with Metasploit Modules-Working with Metasploit Modules
- writing modules in, Extending Metasploit-Extending Metasploit
- Metasploitable, Quick Start with OpenVAS
- Meterpreter
- basics of, Meterpreter Basics
- benefits of, Exploiting Systems, Using Meterpreter
- exploiting targets, Exploiting Your Target
- gathering user information, User Information-User Information
- password cracking and, Acquiring Passwords
- process manipulation, Process Manipulation-Process Manipulation
- Methodology section (report writing), Methodology
- micro kernels, About Linux
- migrate command, Maintaining Access
- mimikatz module, User Information
- Minix, About Linux
- modular programming, Compiled Languages
- monitor mode, 802.11 Terminology and Functioning
- monitoring, Monitoring-Monitoring
- monolithic kernel, About Linux
- Moore, H. D., Metasploit
- Morris worm, Buffer Overflows
- MS08-067 vulnerability, Acquiring Passwords
- MS17-010 vulnerability, Vulnerability Scans
- msfconsole, Starting with Metasploit-Exploiting Systems
- msv program, User Information
- multi/handler module, Maintaining Access
- Multics operating system, Heritage of Linux
N
- na6 and ns6 tools, Stress Testing
- namespaces, Intermediate Languages
- Neighbor Discovery Protocol, Stress Testing
- Nessus, Remote Vulnerabilities
- netcat, Monitoring
- network device vulnerabilities
- auditing devices, Auditing Devices-Auditing Devices
- Cisco devices and, Network Device Vulnerabilities
- database vulnerabilities, Database Vulnerabilities
- network layer, Layers
- network security testing
- availability, Security Testing
- CIA triad, Security Testing
- confidentiality, Security Testing
- denial-of-service tools, Denial-of-Service Tools-DHCP attacks
- encryption testing, Encryption Testing-Encryption Testing
- ethical considerations, The Value and Importance of Ethics, Stress Testing
- integrity, Security Testing
- layers, Layers-Layers
- monitoring, Monitoring-Monitoring
- network device vulnerabilities, Network Device Vulnerabilities-Database Vulnerabilities
- network protocol stacks and, Network Security Testing Basics
- Open Systems Interconnection (OSI) model, Network Security Testing Basics
- packet captures, Packet Captures-Wireshark
- penetration testing, Security Testing
- poisoning attacks, Poisoning Attacks-DNS Spoofing
- security testing defined, Network Security Testing Basics, Security Testing
- stress testing, Network Security Testing Basics, Stress Testing-Stress Testing
- networks, identifying wireless, Identifying Networks-Identifying Networks
- next-generation firewalls, Firewall
- nikto scanner, nikto
- nmap tool, Port Scanning with Nmap-High-Speed Scanning, Importing Data, Scanning for Targets, Writing Nmap Modules-Writing Nmap Modules
- nonce, Aircrack-ng
- nonpersistent cross-site scripting, Cross-Site Scripting
- note taking tools, Taking Notes-Capturing Data
- nslookup, Using nslookup and dig-Using nslookup and dig
- NTLM (NT LanManager), Security Account Manager
- NTP (Network Transfer Protocol), Auditing Devices
- nxlog package, Package Management
O
- objdump program, Disassembling
- opcodes (operation codes), Disassembling
- open source intelligence
- automating information grabbing, Automating Information Grabbing-Automating Information Grabbing
- defined, Open Source Intelligence
- Google Hacking, Google Hacking-Google Hacking
- Maltego, Maltego-Maltego
- Recon-NG, Recon-NG-Recon-NG
- role of in security testing, Open Source Intelligence
- Open Systems Interconnection (OSI) model, Network Security Testing Basics, Layers
- OpenVAS scanner
- local scanning with, OpenVAS Local Scanning-OpenVAS Local Scanning
- quick start with, Quick Start with OpenVAS-Quick Start with OpenVAS
- remote scanning with, Remote Vulnerabilities
- Report dashboard, OpenVAS Reports-OpenVAS Reports
- scan creation, Creating a Scan-Creating a Scan
- Operating Systems: Design and Implementation (Tannenbaum), About Linux
- ophcrack program, ophcrack
- OPSEC (operations security), What Is Reconnaissance?
- oscanner program, Database Vulnerabilities
- OSPF (Open Shortest Path First), Cisco Attacks
- OUI (organizationally unique identifier), Layers
- OWASP (Open Web Application Security Project), Vulnerability Types, Zed Attack Proxy
P
- p0f program, Passive Reconnaissance-Passive Reconnaissance
- package formats (Linux), About Linux
- package management
- Advanced Package Tool (apt), Package Management
- apt autoremove command, Package Management
- apt install packagename command, Package Management
- apt remove packagename command, Package Management
- apt upgrade command, Package Management
- apt-cache command, Package Management
- dpkg command, Package Management
- installing software, Package Management
- removing packages, Package Management
- searching for packages, Package Management
- updating local package databases, Package Management
- updating package metadata, Package Management
- viewing package contents, Package Management
- vulnerabilities introduced by packages, OpenVAS Local Scanning
- package repositories, About Linux
- packet captures
- Berkeley Packet Filter (BPF), Berkeley Packet Filters
- coWPAtty program and, coWPAtty
- purpose of, Packet Captures
- tcpdump, Using tcpdump-Using tcpdump
- Wireshark, Wireshark-Wireshark
- packet injections, Injection Attacks
- packets
- flooding tools for stress testing, Stress Testing, High-Speed Scanning
- mangling for stress testing, Stress Testing
- OSI model and, Network Security Testing Basics
- PAM (pluggable authentication module), Using lynis for Local Checks, Password Storage, PAM and Crypt
- Parallels, Acquiring and Installing Kali Linux, Acquiring and Installing Kali Linux
- Paros Proxy, Paros Proxy
- parsero program, Assorted Tasks
- passive reconnaissance, Passive Reconnaissance-Passive Reconnaissance
- passwd files, PAM and Crypt, Acquiring Passwords
- passwd program, User Management, Local Vulnerabilities
- password cracking
- acquiring passwords, Acquiring Passwords-Acquiring Passwords
- authentication process, Password Storage
- local cracking, Local Cracking-HashCat
- mathematical possibilities of, Local Cracking
- need for, Cracking Passwords
- password storage methods, Password Storage-PAM and Crypt
- remote cracking, Remote Cracking-Patator
- web-based cracking, Web-Based Cracking-Web-Based Cracking
- on WiFi, Password Cracking on WiFi-Fern
- password hashes, User Information, Security Account Manager, PAM and Crypt
- patator program, Patator
- payloads, Exploiting Systems
- PDU (protocol data unit), Packet Captures
- penetration testing, Security Testing
- permissions
- listing file details, File and Directory Management
- owner, group, and world, File and Directory Management
- setting, File and Directory Management
- specifying individual, File and Directory Management
- superuser (root) permissions, User Management
- persistence module, Maintaining Access
- persistent cross-site scripting attacks, Cross-Site Scripting
- PGP (Pretty Good Privacy), Automating Information Grabbing
- phishing, Social Engineering
- physical layer, Layers
- PIDs (process IDs), Process Management
- pig.py script, DHCP attacks
- pipe (|) operator, Other Utilities
- pivoting
- ethical considerations, Owning Metasploit
- Metasploit and, Pivoting to Other Networks-Pivoting to Other Networks
- purpose of, Using Meterpreter
- Pixie Dust attack, WPS Attacks, Automating Multiple Tests
- pixiewps program, WPS Attacks
- pointers, Heap Overflows
- poisoning attacks
- ARP spoofing, ARP Spoofing-ARP Spoofing
- DNS spoofing, DNS Spoofing
- spoofing attacks, Poisoning Attacks
- switched networks and, Poisoning Attacks
- port scanning
- high-speed scanning, High-Speed Scanning-High-Speed Scanning
- Metasploit and, Port Scanning-Port Scanning
- nmap tool, Port Scanning with Nmap-High-Speed Scanning
- role in security testing, Port Scanning
- TCP scanning, TCP Scanning
- UDP scanning, UDP Scanning
- post-exploitation modules, Using Meterpreter
- post/windows/manage/migrate module, Process Manipulation
- PowerShell, Exploiting Your Target
- presentation layer, Layers
- print working directory (pwd) command, File and Directory Management
- privilege escalation, Access Control, Privilege Escalation-Privilege Escalation
- ProcDump utility, Process Manipulation
- process handles, Process Manipulation
- process management
- foreground and background processes, Process Management
- interprocess communication (IPC), Process Management
- kill command, Process Management
- killall program, Process Management
- PIDs (process IDs), Process Management
- process basics, Process Management
- ps (list processes) command, Process Management-Other Utilities
- ps -ea (detailed processes listing) command, Process Management
- ps aux (detailed processes listing) command, Process Management
- signals, Process Management
- TERM signal (SIGTERM), Process Management
- top (refresh) command, Process Management
- process manipulation, Process Manipulation-Process Manipulation
- processor usage, listing, Process Management, Monitoring
- programming and security testing
- benefits of writing programs, Advanced Techniques and Concepts
- disassembling and reverse engineering, Disassembling and Reverse Engineering-Other File Types
- errors in programming, Programming Errors-Return to libc
- extending Metasploit, Extending Metasploit-Extending Metasploit
- maintaining access and cleanup, Maintaining Access and Cleanup-Maintaining Access
- programming basics, Programming Basics-Compiling and Building
- writing nmap modules, Writing Nmap Modules-Writing Nmap Modules
- programs, locating, File and Directory Management
- promiscuous mode, 802.11 Terminology and Functioning
- proof-of-concept code, Exploit Database
- protocol analyzers, Packet Captures
- protocols, defining, Network Security Testing Basics
- protos-sip program, Identifying New Vulnerabilities
- proxy-based tools
- benefits of using proxies, Using Proxies
- Burp Suite, Burp Suite-Burp Suite, Web-Based Cracking-Web-Based Cracking
- Paros Proxy, Paros Proxy
- ProxyStrike, Proxystrike
- WebScarab, WebScarab
- ProxyStrike, Proxystrike
- ps (list processes) command, Process Management-Other Utilities
- ps -ea (detailed processes listing) command, Process Management
- ps aux (detailed processes listing) command, Process Management
- pseudocode, Intermediate Languages-Intermediate Languages
- public key encryption, Encryption Testing
- pwd (print working directory) command, File and Directory Management
- PWDUMP format, RainbowCrack project
Q
- QoD (Quality of Detection), OpenVAS Reports
R
- R-U-Dead-Yet, Slowloris attack
- ra6 and rs6 tools, Stress Testing
- race conditions, Race Condition
- rainbow chains technique, RainbowCrack project
- rainbow tables
- benefits and drawbacks of, Rainbow Tables
- ophcrack program and, ophcrack
- RainbowCrack project, RainbowCrack project
- RainbowCrack project, RainbowCrack project
- Raspberry Pi
- advantages of, Acquiring and Installing Kali Linux
- Kali support for, Acquiring and Installing Kali Linux
- rcrack program, RainbowCrack project
- reaver program, WPS Attacks
- Recon-NG, Recon-NG-Recon-NG
- reconnaissance
- automated web attacks, Recon-Recon
- automating information grabbing, Automating Information Grabbing-Automating Information Grabbing
- basics of, Reconnaissance-What Is Reconnaissance?
- defined, What Is Reconnaissance?
- DNS reconnaissance and whois, DNS Reconnaissance and whois-Using whois
- manual interactions, Manual Interaction
- open source intelligence, Open Source Intelligence-Maltego
- operations security and, What Is Reconnaissance?
- passive reconnaissance, Passive Reconnaissance-Passive Reconnaissance
- port scanning, Port Scanning-High-Speed Scanning
- service scanning, Service Scanning-Manual Interaction
- RedFang program, Scanning
- RedHat Enterprise Linux (RHEL), About Linux
- RedHat Package Manager (RPM), About Linux
- reduction functions, RainbowCrack project
- reflected cross-site scripting, Cross-Site Scripting
- registers, Disassembling
- regular expressions, File and Directory Management
- remote password cracking, Remote Cracking-Patator
- challenges of, Remote Cracking
- hydra program, Hydra
- patator program, Patator
- remote vulnerabilities
- basics of, Remote Vulnerabilities
- defined, Understanding Vulnerabilities
- OpenVas quick start, Quick Start with OpenVAS-Quick Start with OpenVAS
- OpenVAS reports, OpenVAS Reports-OpenVAS Reports
- scan creation, Creating a Scan-Creating a Scan
- reporting
- determining threat potential and severity, Determining Threat Potential and Severity
- importance of, Reporting
- organizing data, Organizing Your Data-CaseFile
- taking notes, Taking Notes-Capturing Data
- writing reports, Writing Reports-Findings
- resources, listing programs consuming, Process Management, Monitoring
- reverse connections, Exploiting Systems
- reverse engineering
- debugging and, Debugging-Debugging
- defined, Advanced Techniques and Concepts
- disassembling, Disassembling-Disassembling
- of other file types, Other File Types
- tracing programs, Tracing Programs-Tracing Programs
- RIPE NCC (Reseaux IP Europeens Network Coordination Centre), Regional Internet Registries
- RIRs (regional internet registries), DNS Reconnaissance and whois, Regional Internet Registries
- risk, defined, Understanding Vulnerabilities, Determining Threat Potential and Severity
- RMI (Java Remote Method Invocation), Exploiting Systems, Pivoting to Other Networks
- rockyou word list, Local Cracking, Hydra
- rogue access points
- dangers of, Going Rogue
- phishing users, Phishing Users-Phishing Users
- root directory (/), File and Directory Management
- root kits, Root Kits-Root Kits
- root users, User Management, Local Vulnerabilities, Privilege Escalation
- root-level exploits, Acquiring Passwords
- Rootkit Hunter, Root Kits
- rougue access points
- hosting access points, Hosting an Access Point
- types of, Going Rogue
- wireless honeypots, Wireless Honeypot
- routers
- management protocols exploited, Management Protocols
- network layer controlling routing, Layers
- router and switch basics, Cisco Attacks
- Router Solicitation and Router Advertisement in ICMPv6, Stress Testing
- routersploit program, Other Devices-Other Devices
- RSA (Rivest-Shamir-Adleman) algorithm, Encryption Testing, Encryption Testing
- RST (reset) messages, TCP Scanning
- rsyslog system logger, Log Management
- rtgen program, RainbowCrack project
- RTP (Real-time Transport Protocol), Stress Testing
- rtsort program, RainbowCrack project
- runtime errors, Programming Errors
S
- salting passwords, PAM and Crypt
- SAM (Security Account Manager), User Information, Password Storage-Security Account Manager
- Samba package, Service Scanning
- scanning
- for Bluetooth devices, Scanning
- port scanning, Port Scanning-High-Speed Scanning
- service scanning, Service Scanning-Manual Interaction
- for targets, Scanning for Targets-Vulnerability Scans
- SCO (synchronous connection-oriented) communication, Service Identification
- scope of engagement, Owning Metasploit, Cracking Passwords
- screen captures, Capturing Data
- scripting languages, Interpreted Languages
- SDP (service discovery protocol), Service Identification
- search engines, Google Hacking
- searching and filtering, File and Directory Management, Other Utilities
- searchsploit program, Exploit Database
- segmentation faults, Buffer Overflows
- semicolon (;), Command Injection
- Server Message Block (SMB) protocol, SMB Scanning
- service identification (Bluetooth), Service Identification-Service Identification
- service management
- administrative privileges for, Service Management
- monitoring service failures, Monitoring
- services defined, Service Management
- starting, stopping, restarting, Service Management
- systemctl program, Service Management
- tracking service state remotely, Monitoring
- service scanning, Service Scanning-Manual Interaction
- session hijacking, Session Hijacking
- session identifiers, Session Hijacking
- session layer, Layers
- setoolkit, Social Engineering
- setuid programs, Local Vulnerabilities
- sfuzz program, Identifying New Vulnerabilities
- SHA (Secure Hash Algorithm), Encryption Testing, Password Storage
- shadow file, PAM and Crypt, Acquiring Passwords
- shells, Using the Command Line, User Management
- SIDs (security identifiers), Database Vulnerabilities, Security Account Manager
- signals, Process Management
- single-crack mode, John the Ripper
- SIP (Session Initiation Protocol), Stress Testing
- site: keyword, Google Hacking
- skipfish program, Recon-Recon
- slowhttptest program, Slowloris attack
- Slowloris attack, Slowloris attack-Slowloris attack
- smart-home devices, Zigbee
- SMB (Server Message Block) protocol, Service Scanning
- SMB scanning, SMB Scanning
- smbclient tool, Service Scanning
- SMTP (Simple Mail Transfer Protocol), Manual Interaction
- SNMP (Simple Network Management Protocol), Auditing Devices, Management Protocols
- social engineering attacks, Reconnaissance, Open Source Intelligence, Social Engineering-Social Engineering
- software testing, Identifying New Vulnerabilities-Identifying New Vulnerabilities
- Song, Dug, DNS Spoofing
- spidering, Using Proxies
- split DNS, Automating DNS recon
- spoofing attacks
- ARP spoofing, ARP Spoofing-ARP Spoofing
- DNS spoofing, DNS Spoofing
- ethics considerations, Poisoning Attacks
- SQL injection attacks, SQL Injection, Proxystrike, SQL-Based Attacks-SQL-Based Attacks
- sqlmap program, SQL-Based Attacks
- sqlninja program, SQL-Based Attacks
- SSH (Secure Shell), Management Protocols
- SSID (service set identifier), 802.11 Terminology and Functioning
- SSL (Secure Sockets Layer), SSL-based stress testing, Encryption Testing
- SSL-based stress testing, SSL-based stress testing
- sslscan tool, Encryption Testing-Encryption Testing
- stack frames, Buffer Overflow, Compiled Languages
- stack overflow, Buffer Overflow, Buffer Overflows
- Stallman, Richard, About Linux
- STDIN, STDOUT, and STDERR, Other Utilities
- stored cross-site scripting, Cross-Site Scripting
- strace program, Tracing Programs
- stress testing
- denial-of-service testing and, Denial-of-Service Tools
- fragroute program, Stress Testing
- hping3 tool, Stress Testing, High-Speed Scanning
- information generated by, Network Security Testing Basics
- IPv6 addresses, Stress Testing
- potential ways of, Stress Testing
- reasons for failures during, Stress Testing
- SSL-based stress testing, SSL-based stress testing
- SYN floods, Stress Testing, High-Speed Scanning
- of web servers, Stress Testing
- strncpy function, Buffer Overflows
- Structured Query Language (SQL), SQL Injection
- sudo command, Privilege Escalation
- superuser (root) permissions, User Management
- symmetric encryption, Encryption Testing
- SYN floods, Stress Testing, High-Speed Scanning
- SYN/ACK messages, TCP Scanning
- syntax, Compiled Languages
- SysInternals tools, Process Manipulation
- syslog system logger, Log Management
- system calls, Tracing Programs
- systemctl verb service, Service Management
- systemd program, Service Management
T
- Tannenbaum, Andrew, About Linux
- targets
- determining, Reconnaissance
- exploiting, Exploiting Your Target-Exploiting Your Target
- scanning for, Scanning for Targets-Vulnerability Scans
- TCP (Transport Control Protocol) connections, Stress Testing
- TCP scanning, TCP Scanning
- tcp6 tool, Stress Testing
- tcpdump, Using tcpdump-Using tcpdump
- TechSpy module, Automating Information Grabbing
- Telnet protocol, Monitoring, Manual Interaction, Management Protocols
- temporary root privileges, Local Vulnerabilities
- TERM signal (SIGTERM), Process Management
- Text Editor program, GUI-Based Editors
- text editors, Text Editors-Capturing Data
- TFTP (Trivial File Transfer Protocol), Auditing Devices
- thc-ssl-dos program, SSL-based stress testing
- theHarvester tool, Automating Information Grabbing-Automating Information Grabbing
- Thompson, Ken, Heritage of Linux
- threats (see also attacks)
- defined, Understanding Vulnerabilities, Determining Threat Potential and Severity
- determining potential and severity, Determining Threat Potential and Severity
- three-way handshakes, TCP Scanning
- TLDs (top-level domains), DNS Reconnaissance
- TLS (Transport Layer Security), Stress Testing, SSL-based stress testing, Encryption Testing
- tokens, extracting, User Information
- Tomcat, Java-Based Application Servers
- top (refresh) command, Process Management
- Torvalds, Linus, About Linux
- touch program, File and Directory Management
- transforms (Maltego), Maltego-Maltego
- transport layer, Layers
- triad, Security Testing
- troff typesetting language, Process Management
- TSK (The Sleuth Kit), Using the Command Line
- twitter_mentions module, Recon-NG
- typographical conventions, Conventions Used in This Book
U
- Ubuntu Linux, About Linux
- udev vulnerabilities, Privilege Escalation
- UDP (User Datagram Protocol), Stress Testing
- UDP scanning, UDP Scanning
- Unix/Unics, Heritage of Linux, Process Management
- unshadow command, Acquiring Passwords
- updatedb program, File and Directory Management
- user information, gathering, User Information-User Information
- user management, User Management
- useradd command, User Management
- usernames, brute-forcing in Burp Suite, Web-Based Cracking
V
- valgrind program, Identifying New Vulnerabilities
- Vega program, Vega
- version-control systems, About Linux, Package Management
- vi text editor, Text Editors
- virtual machines (VMs), Acquiring and Installing Kali Linux
- VirtualBox, Acquiring and Installing Kali Linux, Acquiring and Installing Kali Linux
- VMware, Acquiring and Installing Kali Linux, Acquiring and Installing Kali Linux
- VoIP (Voice over IP), Stress Testing
- vulnerability analysis
- basics of, Looking for Vulnerabilities-Understanding Vulnerabilities
- CVE (Common Vulnerabilities and Exposures), Exploit Database
- CVSS (Common Vulnerability Scoring System), Importing Data
- database vulnerabilities, Web-Based Attacks
- defined, Understanding Vulnerabilities
- determining source of vulnerabilities, Programming Basics
- DVWA (Damn Vulnerable Web Application), Zed Attack Proxy
- EternalBlue vulnerability, Vulnerability Scans
- identifying new vulnerabilities, Identifying New Vulnerabilities-Identifying New Vulnerabilities
- input validation vulnerabilities, Web-Based Attacks
- local vulnerabilities, Understanding Vulnerabilities, Local Vulnerabilities-Root Kits
- MS08-067 vulnerability, Acquiring Passwords
- MS17-010 vulnerability, Vulnerability Scans
- network device vulnerabilities, Network Device Vulnerabilities-Database Vulnerabilities
- potential for web-based attacks, Web Server
- remote vulnerabilities, Understanding Vulnerabilities, Remote Vulnerabilities-OpenVAS Reports
- reporting findings of, Findings
- technical versus human vulnerabilities, SSL-based stress testing
- udev vulnerabilities, Privilege Escalation
- vulnerability scans, Vulnerability Scans
- vulnerability types, Vulnerability Types-Access Control
W
- WannaCry ransomware attack, Vulnerability Scans
- war driving, Identifying Networks
- wash program, WPS Attacks
- watchdog capability, Monitoring
- web application architecture
- application servers, Application Server
- database servers, Database Server
- firewalls, Firewall
- load balancers, Load Balancer
- protocols and languages used, Web Architecture
- remote servers and, Web Architecture
- web servers, Web Server
- web application testing
- automated web attacks, Automated Web Attacks-Java-Based Application Servers
- exploiting file uploads, Assorted Tasks
- making content searchable, Assorted Tasks
- need for, Web Application Testing
- proxy-based tools, Using Proxies-Proxystrike
- SQL-based attacks, SQL-Based Attacks-SQL-Based Attacks
- web application architecture, Web Architecture-Database Server
- web-based attacks, Web-Based Attacks-Session Hijacking
- web servers
- Apache Killer, Slowloris attack
- caching servers, DNS Reconnaissance
- potential for compromise, Web Server
- Slowloris attack, Slowloris attack-Slowloris attack
- SSL-based stress testing, SSL-based stress testing
- stress testing for, Stress Testing
- testing for outdated protocols, Encryption Testing
- web-based attacks
- automated web attacks, Automated Web Attacks-Java-Based Application Servers
- command injection, Command Injection
- cross-site request forgery (CSRF), Cross-Site Request Forgery
- cross-site scripting (XSS), Cross-Site Scripting, Proxystrike
- password cracking, Web-Based Cracking-Web-Based Cracking
- potential vulnerabilities, Web-Based Attacks
- session hijacking, Session Hijacking
- SQL injection, SQL Injection, Proxystrike, SQL-Based Attacks-SQL-Based Attacks
- XML entity injection, XML Entity Injection
- WebDAV, Assorted Tasks
- WebScarab, WebScarab
- WEP (Wired Equivalent Privacy), 802.11, Automating Multiple Tests
- wesside-ng program, besside-ng
- which program, File and Directory Management
- white-box testing, Remote Vulnerabilities
- whois
- role in security testing, DNS Reconnaissance and whois
- using, Using whois-Using whois
- WiFi Alliance, 802.11
- WiFi Protected Setup (WPS), WPS Attacks
- wifi-honey program, Wireless Honeypot
- wifiarp program, Injection Attacks
- wifidns program, Injection Attacks
- wifiphisher program, Phishing Users-Phishing Users
- wifitap program, Injection Attacks
- wifite program, Automating Multiple Tests
- Windows file sharing, Acquiring Passwords
- wireless honeypots, Wireless Honeypot
- wireless security testing
- Bluetooth testing, Bluetooth Testing-Other Bluetooth Testing
- goal of, WiFi Attacks and Testing Tools
- identifying networks, Identifying Networks-Identifying Networks
- need for, Wireless Security Testing
- password cracking on WiFi, Password Cracking on WiFi-Fern
- rogue access points, Going Rogue-Wireless Honeypot
- WiFi attacks and testing tools, WiFi Attacks and Testing Tools-Injection Attacks
- wireless communication types, The Scope of Wireless-Zigbee
- Zigbee testing, Zigbee Testing
- Wireshark, Wireshark-Wireshark, Identifying Networks
- WLANs (wireless local area networks), 802.11
- word lists, Local Cracking
- wordlist package, Local Cracking
- working directory, File and Directory Management
- WPA (Wireless Protected Access), 802.11, Automating Multiple Tests
- WPS attacks, WPS Attacks
X
- Xfce, About Linux, Xfce Desktop
- Xmas scan, High-Speed Scanning
- XML entity injection, XML Entity Injection
- XSS (cross-site scripting), Cross-Site Scripting, Proxystrike
- XXE (XML external entity), XML Entity Injection
Y
- Yellowdog Updater Modified (yum), About Linux
Z
- Z-Wave protocol, Zigbee
- Zed Attack Proxy (ZAP), Zed Attack Proxy-Zed Attack Proxy, Web-Based Cracking
- Zigbee protocol, Zigbee, Zigbee Testing
- zone transfers, Automating DNS recon
- zsh shell, User Management
- zzuf program, Identifying New Vulnerabilities
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.