Card | Table | RUSMARC | |
Sharma, Himanshu. Kali Linux, an ethical hacker's cookbook: practical recipes that combine strategies, attacks, and tools for advanced penetration testing / Himanshu Sharma. — Second edition. — 1 online resource : illustrations. — Previous edition published: 2017. — <URL:http://elib.fa.ru/ebsco/2094781.pdf>.Record create date: 5/16/2019 Subject: Penetration testing (Computer security); Computer security.; Computers — Access control.; Computer networks — Security measures.; Computer networks — Security measures.; Computer security.; Computers — Access control.; Penetration testing (Computer security); COMPUTERS / Security / General.; COMPUTERS / Networking / Security.; COMPUTERS / Security / Online Safety & Privacy. Collections: EBSCO Allowed Actions: –
Action 'Read' will be available if you login or access site from another network
Action 'Download' will be available if you login or access site from another network
Group: Anonymous Network: Internet |
Annotation
With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2018.4/2019) as per your requirements and help you move on to core functionalities.
Document access rights
Network | User group | Action | ||||
---|---|---|---|---|---|---|
Finuniversity Local Network | All |
![]() ![]() ![]() |
||||
Internet | Readers |
![]() ![]() |
||||
![]() |
Internet | Anonymous |
Table of Contents
- Cover
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Table of Contents
- Preface
- Chapter 1: Kali - An Introduction
- Configuring Kali Linux
- Getting ready
- How to do it...
- How it works...
- Configuring the Xfce environment
- How to do it...
- Configuring the MATE environment
- How to do it...
- Configuring the LXDE environment
- How to do it...
- Configuring the E17 environment
- How to do it...
- Configuring the KDE environment
- How to do it...
- Prepping with custom tools
- Getting ready
- How to do it...
- Aquatone
- Subfinder
- There's more...
- Zone Walking using DNSRecon
- Getting ready
- How to do it...
- There's more...
- Setting up I2P for anonymity
- How to do it...
- There's more...
- Pentesting VPN's ike-scan
- Getting ready
- How to do it...
- Cracking the PSK
- There's more...
- Setting up proxychains
- How to do it...
- Using proxychains with Tor
- How to do it...
- Going on a hunt with Routerhunter
- Getting ready
- How to do it...
- Configuring Kali Linux
- Chapter 2: Gathering Intel and Planning Attack Strategies
- Getting a list of subdomains
- How to do it...
- Using Shodan for fun and profit
- Getting ready
- How to do it...
- Shodan Honeyscore
- How to do it...
- Shodan plugins
- How to do it...
- Censys
- How to do it...
- See also
- Using Nmap to find open ports
- How to do it...
- Using scripts
- See also
- How to do it...
- Bypassing firewalls with Nmap
- How to do it...
- TCP ACK scan (-sA)
- TCP Window scan (-sW)
- Idle scan
- How it works...
- How to do it...
- Searching for open directories using GoBuster
- How to do it...
- Hunting for SSL flaws
- How to do it...
- See also
- Automating brute force with BruteSpray
- How to do it...
- Digging deep with TheHarvester
- How to do it...
- How it works...
- Finding technology behind webapps using WhatWeb
- How to do it...
- Scanning IPs with masscan
- How to do it...
- Finding origin servers with CloudBunny
- How to do it...
- Sniffing around with Kismet
- How to do it...
- See also
- Testing routers with Firewalk
- How to do it...
- How it works...
- Getting a list of subdomains
- Chapter 3: Vulnerability Assessment - Poking for Holes
- Using the infamous Burp
- How to do it...
- Exploiting WSDLs with Wsdler
- How to do it...
- Using Intruder
- How to do it...
- Using golismero
- How to do it...
- See also
- Exploring Searchsploit
- How to do it...
- Exploiting routers with routersploit
- Getting ready
- How to do it...
- Using Metasploit
- How to do it...
- Automating Metasploit
- How to do it...
- Writing a custom resource script
- How to do it...
- See also
- Setting up a database in Metasploit
- How to do it...
- Generating payloads with MSFPC
- How to do it...
- Emulating threats with Cobalt Strike
- Getting ready
- How to do it...
- There's more...
- Using the infamous Burp
- Chapter 4: Web App Exploitation - Beyond OWASP Top 10
- Exploiting XSS with XSS Validator
- Getting ready
- How to do it...
- Injection attacks with sqlmap
- How to do it...
- See also
- Owning all .svn and .git repositories
- How to do it...
- Winning race conditions
- How to do it...
- See also
- Exploiting XXEs
- How to do it...
- See also
- Exploiting Jboss with JexBoss
- How to do it...
- Exploiting PHP Object Injection
- How to do it...
- See also
- Automating vulnerability detection using RapidScan
- Getting ready
- How to do it...
- Backdoors using meterpreter
- How to do it...
- See also
- Backdoors using webshells
- How to do it...
- Exploiting XSS with XSS Validator
- Chapter 5: Network Exploitation
- Introduction
- MITM with hamster and ferret
- Getting ready
- How to do it...
- Exploring the msfconsole
- How to do it...
- Railgun in Metasploit
- How to do it...
- There's more...
- See also
- Using the paranoid meterpreter
- How to do it...
- There's more...
- The tale of a bleeding heart
- How to do it...
- Exploiting Redis
- How to do it...
- Saying no to SQL – owning MongoDBs
- Getting ready
- How to do it...
- Hacking embedded devices
- How to do it...
- Exploiting Elasticsearch
- How to do it...
- See also
- Good old Wireshark
- Getting ready
- How to do it...
- See also
- This is Sparta
- Getting ready
- How to do it...
- Exploiting Jenkins
- How to do it...
- See also
- Shellver – reverse shell cheatsheet
- Getting ready
- How to do it...
- Generating payloads with MSFvenom Payload Creator (MSFPC)
- How to do it...
- Chapter 6: Wireless Attacks - Getting Past Aircrack-ng
- The good old Aircrack
- Getting ready
- How to do it...
- How it works...
- Hands-on with Gerix
- Getting ready
- How to do it...
- Dealing with WPAs
- How to do it...
- Owning employee accounts with Ghost Phisher
- How to do it...
- Pixie dust attack
- Getting ready
- How to do it...
- See also
- Setting up rogue access points with WiFi-Pumpkin
- Getting ready
- How to do it...
- See also
- Using Airgeddon for Wi-Fi attacks
- How to do it...
- See also
- The good old Aircrack
- Chapter 7: Password Attacks - The Fault in Their Stars
- Identifying different types of hashes in the wild
- How to do it...
- See also
- Hash-identifier to the rescue
- How to do it...
- Cracking with Patator
- How to do it...
- Playing with John the Ripper
- How to do it...
- See also
- Johnny Bravo!
- How to do it...
- Using ceWL
- How to do it...
- Generating wordlists with crunch
- How to do it...
- Using Pipal
- How to do it...
- Identifying different types of hashes in the wild
- Chapter 8: Have Shell, Now What?
- Spawning a TTY shell
- How to do it...
- Looking for weaknesses
- How to do it...
- There's more...
- Horizontal escalation
- How to do it...
- Vertical escalation
- How to do it...
- Node hopping – pivoting
- How to do it...
- There's more...
- Privilege escalation on Windows
- How to do it...
- Pulling a plaintext password with Mimikatz
- How to do it...
- Dumping other saved passwords from the machine
- How to do it...
- Pivoting
- How to do it...
- Backdooring for persistance
- How to do it...
- Age of Empire
- Getting ready
- How to do it...
- See also
- Automating Active Directory (AD) exploitation with DeathStar
- How to do it...
- See also
- Exfiltrating data through Dropbox
- How to do it...
- Data exfiltration using CloakifyFactory
- How to do it...
- Spawning a TTY shell
- Chapter 9: Buffer Overflows
- Exploiting stack-based buffer overflows
- How to do it...
- Exploiting buffer overflows on real software
- Getting ready
- How to do it...
- SEH bypass
- How to do it...
- See also
- Exploiting egg hunters
- Getting ready
- How to do it...
- See also
- An overview of ASLR and NX bypass
- How to do it...
- See also
- Exploiting stack-based buffer overflows
- Chapter 10: Elementary, My Dear Watson - Digital Forensics
- Using the volatility framework
- Getting ready
- How to do it...
- See also
- Using Binwalk
- How to do it...
- See also
- Capturing a forensic image with guymager
- How to do it...
- Using the volatility framework
- Chapter 11: Playing with Software-Defined Radios
- Radio-frequency scanners
- Getting ready
- How to do it...
- Hands-on with the RTLSDR scanner
- How to do it...
- Playing around with gqrx
- How to do it...
- See also
- Kalibrating your device for GSM tapping
- How to do it...
- See also
- Decoding ADS-B messages with Dump1090
- How to do it...
- See also
- Radio-frequency scanners
- Chapter 12: Kali in Your Pocket - NetHunters and Raspberries
- Installing Kali on Raspberry Pi
- Getting ready
- How to do it...
- Installing NetHunter
- Getting ready
- How to do it...
- Superman typing – human interface device (HID) attacks
- How to do it...
- Can I charge my phone?
- How to do it...
- Setting up an evil access point
- How to do it...
- Installing Kali on Raspberry Pi
- Chapter 13: Writing Reports
- Using Dradis
- How to do it...
- Using MagicTree
- How to do it...
- Using Serpico
- Getting ready
- How to do it...
- Using Dradis
- Other Books You May Enjoy
- Index
Usage statistics
|
Access count: 0
Last 30 days: 0 Detailed usage statistics |