Table of Contents for
Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition by Gerard Johansen Published by Packt Publishing, 2016
  1. Cover
  2. Table of Contents
  3. Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
  4. Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
  5. Credits
  6. Disclaimer
  7. About the Authors
  8. About the Reviewer
  9. www.PacktPub.com
  10. Preface
  11. What you need for this book
  12. Who this book is for
  13. Conventions
  14. Reader feedback
  15. Customer support
  16. 1. Beginning with Kali Linux
  17. Kali Linux tool categories
  18. Downloading Kali Linux
  19. Using Kali Linux
  20. Configuring the virtual machine
  21. Updating Kali Linux
  22. Network services in Kali Linux
  23. Installing a vulnerable server
  24. Installing additional weapons
  25. Summary
  26. 2. Penetration Testing Methodology
  27. Vulnerability assessment versus penetration testing
  28. Security testing methodologies
  29. General penetration testing framework
  30. Information gathering
  31. The ethics
  32. Summary
  33. 3. Target Scoping
  34. Preparing the test plan
  35. Profiling test boundaries
  36. Defining business objectives
  37. Project management and scheduling
  38. Summary
  39. 4. Information Gathering
  40. Using public resources
  41. Querying the domain registration information
  42. Analyzing the DNS records
  43. Getting network routing information
  44. Utilizing the search engine
  45. Metagoofil
  46. Accessing leaked information
  47. Summary
  48. 5. Target Discovery
  49. Identifying the target machine
  50. OS fingerprinting
  51. Summary
  52. 6. Enumerating Target
  53. Understanding the TCP/IP protocol
  54. Understanding the TCP and UDP message format
  55. The network scanner
  56. Unicornscan
  57. Zenmap
  58. Amap
  59. SMB enumeration
  60. SNMP enumeration
  61. VPN enumeration
  62. Summary
  63. 7. Vulnerability Mapping
  64. Vulnerability taxonomy
  65. Automated vulnerability scanning
  66. Network vulnerability scanning
  67. Web application analysis
  68. Fuzz analysis
  69. Database assessment tools
  70. Summary
  71. 8. Social Engineering
  72. Attack process
  73. Attack methods
  74. Social Engineering Toolkit
  75. Summary
  76. 9. Target Exploitation
  77. Vulnerability and exploit repositories
  78. Advanced exploitation toolkit
  79. MSFConsole
  80. MSFCLI
  81. Ninja 101 drills
  82. Writing exploit modules
  83. Summary
  84. 10. Privilege Escalation
  85. Password attack tools
  86. Network spoofing tools
  87. Network sniffers
  88. Summary
  89. 11. Maintaining Access
  90. Working with tunneling tools
  91. Creating web backdoors
  92. Summary
  93. 12. Wireless Penetration Testing
  94. Wireless network recon
  95. Wireless testing tools
  96. Post cracking
  97. Sniffing wireless traffic
  98. Summary
  99. 13. Kali Nethunter
  100. Installing Kali Nethunter
  101. Nethunter icons
  102. Nethunter tools
  103. Third-party applications
  104. Wireless attacks
  105. HID attacks
  106. Summary
  107. 14. Documentation and Reporting
  108. Types of reports
  109. The executive report
  110. The management report
  111. The technical report
  112. Network penetration testing report (sample contents)
  113. Preparing your presentation
  114. Post-testing procedures
  115. Summary
  116. A. Supplementary Tools
  117. Web application tools
  118. Network tool
  119. Summary
  120. B. Key Resources
  121. Paid incentive programs
  122. Reverse engineering resources
  123. Penetration testing learning resources
  124. Exploit development learning resources
  125. Penetration testing on a vulnerable environment
  126. Online web application challenges
  127. Virtual machines and ISO images
  128. Network ports
  129. Index

About the Authors

Gerard Johansen is an information security professional with over a decade of experience in areas such as penetration testing, vulnerability management, threat assessment modeling, and incident response. Beginning his information security career as a cybercrime investigator, Gerard has built on that experience while working as a consultant and security analyst for clients and organizations ranging from healthcare to finance. Gerard is a graduate of Norwich Univer sity with a Masters of Science in Information Assurance, and he is a certified information systems security professional.

Gerard is currently employed with an information security consulting firm in the United States focusing on penetration testing and threat assessments. He has also contributed to several online publications focused on various aspects of penetration testing.

I would like to thank Lisa, Caleb, and Jenna for their support during this project. Their support was instrumental. I would also like to thank Dr. Marie Wright, who opened my eyes to the challenging and rewarding nature of information security. To the staff at Packt Publishing, especially Sanjeet, your patience and support made this possible. Finally, to all those in the past, present, and future who have shown me new and inventive ways to help keep the keys to the kingdom safe, thank you.

Lee Allen is currently working as a security architect at a prominent university. Throughout the years, he has continued his attempts to remain up to date with the latest and greatest developments in the security industry and the security community. He has several industry certifications including the OSWP and has been working in the IT industry for over 15 years.

Lee Allen is the author of Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide, Packt Publishing.

I would like to thank my wife, Kellie, and our children for allowing me to give the time I needed to work on this book. I would also like to thank my grandparents, Raymond and Ruth Johnson, and my wife's parents, George and Helen Slocum. I appreciate your encouragement and support throughout the years.

Tedi Heriyanto is currently working as an information security analyst at a financial institution. He has worked with several well-known institutions in Indonesia and overseas, for designing secure network architecture, deploying and managing enterprise-wide security systems, developing information security policies and procedures, performing various network, web and mobile application penetration testing, and also giving information security trainings. In his spare times, he perseveres to deepen his knowledge and skills in the field of information security. He shares his knowledge in information security field by writing information security books and has written several of them.

I would like to thank my family for supporting me during the book writing process. After this book has been published, I would have more free time for you all. A huge thanks to the Packt publishing team and their technical reviewers and editors, who provide comments, feedbacks, and support to make the book development project successful. Last but not least, I would like to give my big thanks to my co-authors, Lee Allen, Shakeel Ali and Gerard Johansen, whose technical knowledge, motivation, ideas, challenges, questions, and suggestions make this book writing process a wonderful journey.

Finally, I would like to thank you, the reader, who had bought this book; I hope you enjoy reading the book as much as I enjoyed writing it. I wish you good luck in your information security endeavor.

Shakeel Ali is a security and risk management consultant at a Fortune 500 company. He is also the key founder of Cipher Storm Ltd., UK. His expertise in the security industry markedly exceeds the standard number of security assessments, audits, compliance, governance, incident response, and forensic projects that he carries out in day-to-day operations. He has also supported the security and research initiatives at CSS Providers SAL. As a senior security evangelist, and having spent endless nights, he provides constant security support to various businesses, fi nancial institutions, educational organizations, and government entities globally. He is an active, independent researcher who writes various articles and white papers and manages Ethical-Hacker.net to provide insights into threat intelligence space. He also regularly participates in BugCon Security Conferences held in Mexico, to highlight the best-of-breed cyber security threats and their solutions from practically driven counter measures.

I would like to thank all my friends, reviewers, and colleagues who were wholeheartedly involved in this book project. Special thanks to the entire Packt publishing team and their technical editors and reviewers, who have given invaluable comments, suggestions, feedbacks, and support to make this project successful. I also want to thank my co-authors, Lee Allen, Tedi Heriyanto, and Gerard Johansen, whose continuous dedication, contributions, ideas, and technical discussions led to the production of such a useful book that you see today. Last but not the least, thanks to my pals from past and present with whom the sudden discovery never ends and their vigilant eyes that turn the IT industry into a secure and stable environment.