Ethical Hacking

Ethical Hacking

by Daniel G. Graham
Released September 2021
Publisher(s): No Starch Press
ISBN: 9781718501874

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

A crash course in modern hacking techniques, Ethical Hacking is already being used to prepare the next generation of offensive security experts. In its many hands-on labs, you’ll explore crucial skills for any aspiring penetration tester, security researcher, or malware analyst.

You’ll begin with the basics: capturing a victim’s network traffic with an ARP spoofing attack and then viewing it in Wireshark. From there, you’ll deploy reverse shells that let you remotely run commands on a victim’s computer, encrypt files by writing your own ransomware in Python, and fake emails like the ones used in phishing attacks. In advanced chapters, you’ll learn how to fuzz for new vulnerabilities, craft trojans and rootkits, exploit websites with SQL injection, and escalate your privileges to extract credentials, which you’ll use to traverse a private network.

You’ll work with a wide range of professional penetration testing tools—and learn to write your own tools in Python—as you practice tasks like:

•Deploying the Metasploit framework’s reverse shells and embedding them in innocent-seeming files
•Capturing passwords in a corporate Windows network using Mimikatz
•Scanning (almost) every device on the internet to find potential victims
•Installing Linux rootkits that modify a victim’s operating system
•Performing advanced Cross-Site Scripting (XSS) attacks that execute sophisticated JavaScript payloads

Along the way, you’ll gain a foundation in the relevant computing technologies. Discover how advanced fuzzers work behind the scenes, learn how internet traffic gets encrypted, explore the inner mechanisms of nation-state malware like Drovorub, and much more.

Developed with feedback from cybersecurity students, Ethical Hacking addresses contemporary issues in the field not often covered in other books and will prepare you for a career in penetration testing. Most importantly, you’ll be able to think like an ethical hacker?: someone who can carefully analyze systems and creatively gain access to them.

Table of contents

  1. Cover Page
  2. Title Page
  3. Copyright Page
  4. Dedication
  5. About the Author
  6. About the Technical Reviewer
  7. BRIEF CONTENTS
  8. CONTENTS IN DETAIL
  9. ACKNOWLEDGMENTS
  10. FOREWORD
  11. INTRODUCTION
    1. Why Read This Book?
    2. Installing Python
    3. What Is in the Book?
    4. Reaching Out
  12. 1 SETTING UP
    1. Virtual Lab
    2. Setting Up VirtualBox
    3. Setting Up pfSense
    4. Setting Up Metasploitable
    5. Setting Up Kali Linux
    6. Setting Up the Ubuntu Linux Desktop
    7. Your First Hack: Exploiting a Backdoor in Metasploitable
  13. PART I NETWORK FUNDAMENTALS
  14. 2 CAPTURING TRAFFIC WITH ARP SPOOFING
    1. How the Internet Transmits Data
    2. ARP Spoofing Attacks
    3. Performing an ARP Spoofing Attack
    4. Detecting an ARP Spoofing Attack
    5. Exercises
  15. 3 ANALYZING CAPTURED TRAFFIC
    1. Packets and the Internet Protocol Stack
    2. Viewing Packets in Wireshark
    3. Analyzing Packets Collected by Your Firewall
    4. Exercises
  16. 4 CRAFTING TCP SHELLS AND BOTNETS
    1. Sockets and Process Communication
    2. Accessing the Victim Machine
    3. Writing a Reverse Shell Client
    4. Writing a TCP Server That Listens for Client Connections
    5. Loading the Reverse Shell onto the Metasploitable Server
    6. Botnets
    7. Exercises
  17. PART II CRYPTOGRAPHY
  18. 5 CRYPTOGRAPHY AND RANSOMWARE
    1. Encryption
    2. Encrypting and Decrypting a File
    3. Email Encryption
    4. Encrypting a File with RSA
    5. Writing Ransomware
    6. Exercises
  19. 6 TLS AND DIFFIE-HELLMAN
    1. Transport Layer Security
    2. Using Diffie-Hellman to Compute a Shared Key
    3. Elliptic-Curve Diffie-Hellman
    4. Writing TLS Sockets
    5. SSL Stripping and HSTS Bypass
    6. Exercise: Add Encryption to your Ransomware Server
  20. PART III SOCIAL ENGINEERING
  21. 7 PHISHING AND DEEPFAKES
    1. A Sophisticated and Sneaky Social Engineering Attack
    2. Faking Emails
    3. Faking Websites
    4. Creating Deepfake Videos
    5. Exercises
  22. 8 SCANNING TARGETS
    1. Link Analysis
    2. Google Dorking
    3. Scanning the Entire Internet
    4. IPv6 and NAT Limitations
    5. Vulnerability Databases
    6. Vulnerability Scanners
    7. Exercises
  23. PART IV EXPLOITATION
  24. 9 FUZZING FOR ZERO-DAY VULNERABILITIES
    1. Case Study: Exploiting the Heartbleed OpenSSL Vulnerability
    2. Fuzzing
    3. Symbolic Execution
    4. Dynamic Symbolic Execution
    5. Using DSE to Crack a Passcode
    6. Exercises
  25. 10 BUILDING TROJANS
    1. Case Study: Re-Creating Drovorub by Using Metasploit
    2. Hiding an Implant in a Legitimate File
    3. Evading Antivirus by Using Encoders
    4. Creating a Windows Trojan
    5. Creating an Android Trojan
    6. Exercises
  26. 11 BUILDING AND INSTALLING LINUX ROOTKITS
    1. Writing a Linux Kernel Module
    2. Modifying System Calls
    3. Hooking the Shutdown Syscall
    4. Hiding Files
    5. Using Armitage to Exploit a Host and Install a Rootkit
    6. Exercises
  27. 12 STEALING AND CRACKING PASSWORDS
    1. SQL Injection
    2. Stealing Passwords from a Website’s Database
    3. Writing Your Own SQL Injection Tool
    4. Using SQLMap
    5. Hashing Passwords
    6. Building a Salted Hash Cracker
    7. Popular Hash Cracking and Brute-Forcing Tools
    8. Exercises
  28. 13 SERIOUS CROSS-SITE SCRIPTING EXPLOITATION
    1. Cross-Site Scripting
    2. Finding Vulnerabilities with OWASP Zed Attack Proxy
    3. Using Browser Exploitation Framework Payloads
    4. Moving from Browser to Machine
    5. Exercise: Hunting for Bugs in a Bug Bounty Program
  29. PART V CONTROLLING THE NETWORK
  30. 14 PIVOTING AND PRIVILEGE ESCALATION
    1. Pivoting from a Dual-Homed Device
    2. Extracting Password Hashes on Linux
    3. Exercises
  31. 15 MOVING THROUGH THE CORPORATE WINDOWS NETWORK
    1. Creating a Windows Virtual Lab
    2. Extracting Password Hashes with Mimikatz
    3. Passing the Hash with NT LAN Manager
    4. Exploring the Corporate Windows Network
    5. Attacking the DNS Service
    6. Attacking Active Directory and LDAP Services
    7. Attacking Kerberos
    8. Exercise: Kerberoasting
  32. 16 NEXT STEPS
    1. Setting Up a Hardened Hacking Environment
    2. Other Topics
    3. Connect with Others
  33. INDEX

Product information

  • Title: Ethical Hacking
  • Author(s): Daniel G. Graham
  • Release date: September 2021
  • Publisher(s): No Starch Press
  • ISBN: 9781718501874