454 457
455 458
456 459
457 460
458 461
459 462
460 463
461 464
462 465
463 466
464 467
465 468
466 469
467 470
468 471
469 472
470 473
471 474
472 475
473 477
474 478
475 479
476 480
477 481
478 482
479 483
480 484
481 485
482 486
483 487
484 488
485 ii
486 iii
487 iv
488 v
489 489
Kali Linux Penetration Testing Bible
Gus Khawaja
Introduction
Kali is a popular Linux distribution used by security professionals and is becoming an important tool for daily use and for certifications. Penetration testers need to master Kali's hundreds of tools for pentesting, digital forensics, and reverse engineering. Kali Linux Penetration Testing Bible is a hands‐on guide for getting the most from Kali Linux for pentesting. This book is for working cybersecurity professionals in offensive, hands‐on roles, including red teamers, white‐hat hackers, and ethical hackers. Defensive specialists will also find this book valuable, as they need to be familiar with the tools used by attackers.
This comprehensive pentesting book covers every aspect of the art and science of penetration testing. It covers topics like building a modern Dockerized environment, the basics of bash language in Linux, finding vulnerabilities in different ways, identifying false positives, and practical penetration testing workflows. You'll also learn to automate penetration testing with Python and dive into advanced subjects like buffer overflow, privilege escalation, and beyond.
By reading this book, you will:
Gain a thorough understanding of the hundreds of penetration testing tools available in Kali Linux.
Master the entire range of techniques for ethical hacking so you can be more effective in your job and gain coveted certifications.
Learn how penetration testing works in practice and fill the gaps in your knowledge to become a pentesting expert.
Discover the tools and techniques that hackers use so you can boost your network's defenses.
What Does This Book Cover?
This book goes deep into the subject of penetration testing. For established penetration testers, this book fills all the practical gaps, so you have one complete resource that will help you as your career progresses. For newcomers to the field, Kali Linux Penetration Testing Bible is your best guide to how ethical hacking really works.
Chapter 1: Mastering the Terminal Window
This chapter outlines the in and outs of the Linux system Terminal window and covers how to manage the file system like the pros. You will learn how to manage users and groups inside Kali, and you will see how to manipulate files and folders during your engagements and much more.
Chapter 2: Bash Scripting
Bash scripting is an essential skill for a penetration tester. In this chapter you will learn how to start to use programming principles such as variables, functions, conditions, loops, and much more.
Chapter 3: Network Hosts Scanning
This chapter teaches you how to conduct network scans like professionals. You will learn first about the basics of networking, and then you will delve deep into the port scanning techniques.
Chapter 4: Internet Information Gathering
This chapter discusses the passive information gathering phase in penetration testing. You will be introduced to how to deal with advanced search engine queries. Also, you will learn how to use Shodan and other tools to get the job done.
Chapter 5: Social Engineering Attacks
This chapter focuses on how to take advantage of human weakness to exploit organizations. You will learn about how to send phishing emails and steal credentials. On top of that, you will see how to use the Social Engineer Toolkit as a penetration tester. Finally, you will see how USB Rubber Ducky operates in similar SE attacks.
Chapter 6: Advanced Enumeration Phase
This chapter reviews how to handle the enumeration phase in a penetration testing engagement. Enumeration means collecting the necessary information that will allow us to exploit the specific service (e.g., FTP, SSH, etc.).
Chapter 7: Exploitation Phase
This chapter discusses some actual attacks and shows you how to get inside the systems. In the previous chapters, you had all the information about each service, and in this one, we will take this step further and exploit the vulnerabilities.
Chapter 8: Web Application Vulnerabilities
This chapter focuses on the basics of web application vulnerabilities. The goal is to allow you test web applications with ease during your engagements. Every company has a website these days, and it's crucial to understand this topic from A to Z.
Chapter 9: Web Penetration Testing and Secure Software Development Lifecycle
In this chapter, you will mainly learn about