Kali Linux penetration testing bible

Detalles Bibliográficos
Otros Autores: Khawaja, Gus, author (author)
Formato: Libro electrónico
Idioma:Inglés
Publicado: Hoboken, New Jersey : Wiley [2021]
Materias:
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009631677206719
Tabla de Contenidos:
  • Cover
  • Title Page
  • Copyright Page
  • About the Author
  • About the Technical Editor
  • Acknowledgments
  • Contents at a Glance
  • Contents
  • Introduction
  • What Does This Book Cover?
  • Companion Download Files
  • How to Contact the Publisher
  • How to Contact the Author
  • Chapter 1 Mastering the Terminal Window
  • Kali Linux File System
  • Terminal Window Basic Commands
  • Tmux Terminal Window
  • Starting Tmux
  • Tmux Key Bindings
  • Tmux Session Management
  • Navigating Inside Tmux
  • Tmux Commands Reference
  • Managing Users and Groups in Kali
  • Users Commands
  • Groups Commands
  • Managing Passwords in Kali
  • Files and Folders Management in Kali Linux
  • Displaying Files and Folders
  • Permissions
  • Manipulating Files in Kali
  • Searching for Files
  • Files Compression
  • Manipulating Directories in Kali
  • Mounting a Directory
  • Managing Text Files in Kali Linux
  • Vim vs. Nano
  • Searching and Filtering Text
  • Remote Connections in Kali
  • Remote Desktop Protocol
  • Secure Shell
  • SSH with Credentials
  • Passwordless SSH
  • Kali Linux System Management
  • Linux Host Information
  • Linux OS Information
  • Linux Hardware Information
  • Managing Running Services
  • Package Management
  • Process Management
  • Networking in Kali Linux
  • Network Interface
  • IPv4 Private Address Ranges
  • Static IP Addressing
  • DNS
  • Established Connections
  • File Transfers
  • Summary
  • Chapter 2 Bash Scripting
  • Basic Bash Scripting
  • Printing to the Screen in Bash
  • Variables
  • Commands Variable
  • Script Parameters
  • User Input
  • Functions
  • Conditions and Loops
  • Conditions
  • Loops
  • File Iteration
  • Summary
  • Chapter 3 Network Hosts Scanning
  • Basics of Networking
  • Networking Protocols
  • TCP
  • UDP
  • Other Networking Protocols
  • IP Addressing
  • IPv4
  • Subnets and CIDR
  • IPv6
  • Port Numbers
  • Network Scanning.
  • Identifying Live Hosts
  • Ping
  • ARP
  • Nmap
  • Port Scanning and Services Enumeration
  • TCP Port SYN Scan
  • UDP
  • Basics of Using Nmap Scans
  • Services Enumeration
  • Operating System Fingerprinting
  • Nmap Scripting Engine
  • NSE Category Scan
  • NSE Arguments
  • DNS Enumeration
  • DNS Brute-Force
  • DNS Zone Transfer
  • DNS Subdomains Tools
  • Fierce
  • Summary
  • Chapter 4 Internet Information Gathering
  • Passive Footprinting and Reconnaissance
  • Internet Search Engines
  • Shodan
  • Google Queries
  • Information Gathering Using Kali Linux
  • Whois Database
  • TheHarvester
  • DMitry
  • Maltego
  • Summary
  • Chapter 5 Social Engineering Attacks
  • Spear Phishing Attacks
  • Sending an E-mail
  • The Social Engineer Toolkit
  • Sending an E-mail Using Python
  • Stealing Credentials
  • Payloads and Listeners
  • Bind Shell vs. Reverse Shell
  • Bind Shell
  • Reverse Shell
  • Reverse Shell Using SET
  • Social Engineering with the USB Rubber Ducky
  • A Practical Reverse Shell Using USB Rubber Ducky and PowerShell
  • Generating a PowerShell Script
  • Starting a Listener
  • Hosting the PowerShell Script
  • Running PowerShell
  • Download and Execute the PS Script
  • Reverse Shell
  • Replicating the Attack Using the USB Rubber Ducky
  • Summary
  • Chapter 6 Advanced Enumeration Phase
  • Transfer Protocols
  • FTP (Port 21)
  • Exploitation Scenarios for an FTP Server
  • Enumeration Workflow
  • Service Scan
  • Advanced Scripting Scan with Nmap
  • More Brute-Forcing Techniques
  • SSH (Port 22)
  • Exploitation Scenarios for an SSH Server
  • Advanced Scripting Scan with Nmap
  • Brute-Forcing SSH with Hydra
  • Advanced Brute-Forcing Techniques
  • Telnet (Port 23)
  • Exploitation Scenarios for Telnet Server
  • Enumeration Workflow
  • Service Scan
  • Advanced Scripting Scan
  • Brute-Forcing with Hydra
  • E-mail Protocols
  • SMTP (Port 25)
  • Nmap Basic Enumeration.
  • Nmap Advanced Enumeration
  • Enumerating Users
  • POP3 (Port 110) and IMAP4 (Port 143)
  • Brute-Forcing POP3 E-mail Accounts
  • Database Protocols
  • Microsoft SQL Server (Port 1433)
  • Oracle Database Server (Port 1521)
  • MySQL (Port 3306)
  • CI/CD Protocols
  • Docker (Port 2375)
  • Jenkins (Port 8080/50000)
  • Brute-Forcing a Web Portal Using Hydra
  • Step 1: Enable a Proxy
  • Step 2: Intercept the Form Request
  • Step 3: Extracting Form Data and Brute-Forcing with Hydra
  • Web Protocols 80/443
  • Graphical Remoting Protocols
  • RDP (Port 3389)
  • RDP Brute-Force
  • VNC (Port 5900)
  • File Sharing Protocols
  • SMB (Port 445)
  • Brute-Forcing SMB
  • SNMP (Port UDP 161)
  • SNMP Enumeration
  • Summary
  • Chapter 7 Exploitation Phase
  • Vulnerabilities Assessment
  • Vulnerability Assessment Workflow
  • Vulnerability Scanning with OpenVAS
  • Installing OpenVAS
  • Scanning with OpenVAS
  • Exploits Research
  • SearchSploit
  • Services Exploitation
  • Exploiting FTP Service
  • FTP Login
  • Remote Code Execution
  • Spawning a Shell
  • Exploiting SSH Service
  • SSH Login
  • Telnet Service Exploitation
  • Telnet Login
  • Sniffing for Cleartext Information
  • E-mail Server Exploitation
  • Docker Exploitation
  • Testing the Docker Connection
  • Creating a New Remote Kali Container
  • Getting a Shell into the Kali Container
  • Docker Host Exploitation
  • Exploiting Jenkins
  • Reverse Shells
  • Using Shells with Metasploit
  • Exploiting the SMB Protocol
  • Connecting to SMB Shares
  • SMB Eternal Blue Exploit
  • Summary
  • Chapter 8 Web Application Vulnerabilities
  • Web Application Vulnerabilities
  • Mutillidae Installation
  • Apache Web Server Installation
  • Firewall Setup
  • Installing PHP
  • Database Installation and Setup
  • Mutillidae Installation
  • Cross-Site Scripting
  • Reflected XSS
  • Stored XSS
  • Exploiting XSS Using the Header.
  • Bypassing JavaScript Validation
  • SQL Injection
  • Querying the Database
  • Bypassing the Login Page
  • Execute Database Commands Using SQLi
  • SQL Injection Automation with SQLMap
  • Testing for SQL Injection
  • Command Injection
  • File Inclusion
  • Local File Inclusion
  • Remote File Inclusion
  • Cross-Site Request Forgery
  • The Attacker Scenario
  • The Victim Scenario
  • File Upload
  • Simple File Upload
  • Bypassing Validation
  • Encoding
  • OWASP Top 10
  • Summary
  • Chapter 9 Web Penetration Testing and Secure Software Development Lifecycle
  • Web Enumeration and Exploitation
  • Burp Suite Pro
  • Web Pentest Using Burp Suite
  • More Enumeration
  • Nmap
  • Crawling
  • Vulnerability Assessment
  • Manual Web Penetration Testing Checklist
  • Common Checklist
  • Special Pages Checklist
  • Secure Software Development Lifecycle
  • Analysis/Architecture Phase
  • Application Threat Modeling
  • Assets
  • Entry Points
  • Third Parties
  • Trust Levels
  • Data Flow Diagram
  • Development Phase
  • Testing Phase
  • Production Environment (Final Deployment)
  • Summary
  • Chapter 10 Linux Privilege Escalation
  • Introduction to Kernel Exploits and Missing Configurations
  • Kernel Exploits
  • Kernel Exploit: Dirty Cow
  • SUID Exploitation
  • Overriding the Passwd Users File
  • CRON Jobs Privilege Escalation
  • CRON Basics
  • Crontab
  • Anacrontab
  • Enumerating and Exploiting CRON
  • sudoers
  • sudo Privilege Escalation
  • Exploiting the Find Command
  • Editing the sudoers File
  • Exploiting Running Services
  • Automated Scripts
  • Summary
  • Chapter 11 Windows Privilege Escalation
  • Windows System Enumeration
  • System Information
  • Windows Architecture
  • Listing the Disk Drives
  • Installed Patches
  • Who Am I?
  • List Users and Groups
  • Networking Information
  • Showing Weak Permissions
  • Listing Installed Programs
  • Listing Tasks and Processes.
  • File Transfers
  • Windows Host Destination
  • Linux Host Destination
  • Windows System Exploitation
  • Windows Kernel Exploits
  • Getting the OS Version
  • Find a Matching Exploit
  • Executing the Payload and Getting a Root Shell
  • The Metasploit PrivEsc Magic
  • Exploiting Windows Applications
  • Running As in Windows
  • PSExec Tool
  • Exploiting Services in Windows
  • Interacting with Windows Services
  • Misconfigured Service Permissions
  • Overriding the Service Executable
  • Unquoted Service Path
  • Weak Registry Permissions
  • Exploiting the Scheduled Tasks
  • Windows PrivEsc Automated Tools
  • PowerUp
  • WinPEAS
  • Summary
  • Chapter 12 Pivoting and Lateral Movement
  • Dumping Windows Hashes
  • Windows NTLM Hashes
  • SAM File and Hash Dump
  • Using the Hash
  • Mimikatz
  • Dumping Active Directory Hashes
  • Reusing Passwords and Hashes
  • Pass the Hash
  • Pivoting with Port Redirection
  • Port Forwarding Concepts
  • SSH Tunneling and Local Port Forwarding
  • Remote Port Forwarding Using SSH
  • Dynamic Port Forwarding
  • Dynamic Port Forwarding Using SSH
  • Summary
  • Chapter 13 Cryptography and Hash Cracking
  • Basics of Cryptography
  • Hashing Basics
  • One-Way Hash Function
  • Hashing Scenarios
  • Hashing Algorithms
  • Message Digest 5
  • Secure Hash Algorithm
  • Hashing Passwords
  • Securing Passwords with Hash
  • Hash-Based Message Authenticated Code
  • Encryption Basics
  • Symmetric Encryption
  • Advanced Encryption Standard
  • Asymmetric Encryption
  • Rivest Shamir Adleman
  • Cracking Secrets with Hashcat
  • Benchmark Testing
  • Cracking Hashes in Action
  • Attack Modes
  • Straight Mode
  • Combinator
  • Mask and Brute-Force Attacks
  • Brute-Force Attack
  • Hybrid Attacks
  • Cracking Workflow
  • Summary
  • Chapter 14 Reporting
  • Overview of Reports in Penetration Testing
  • Scoring Severities.
  • Common Vulnerability Scoring System Version 3.1.