Kali Linux Penetration Testing Bible

Kali Linux Penetration Testing Bible

by Gus Khawaja
Released June 2021
Publisher(s): Wiley
ISBN: 9781119719083

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Your ultimate guide to pentesting with Kali Linux

Kali is a popular and powerful Linux distribution used by cybersecurity professionals around the world. Penetration testers must master Kali’s varied library of tools to be effective at their work. The Kali Linux Penetration Testing Bible is the hands-on and methodology guide for pentesting with Kali.

You’ll discover everything you need to know about the tools and techniques hackers use to gain access to systems like yours so you can erect reliable defenses for your virtual assets. Whether you’re new to the field or an established pentester, you’ll find what you need in this comprehensive guide.

  • Build a modern dockerized environment
  • Discover the fundamentals of the bash language in Linux
  • Use a variety of effective techniques to find vulnerabilities (OSINT, Network Scan, and more)
  • Analyze your findings and identify false positives and uncover advanced subjects, like buffer overflow, lateral movement, and privilege escalation
  • Apply practical and efficient pentesting workflows
  • Learn about Modern Web Application Security Secure SDLC
  • Automate your penetration testing with Python

 

Table of contents

  1. Cover
  2. Title Page
  3. Introduction
    1. What Does This Book Cover?
    2. Companion Download Files
    3. How to Contact the Publisher
    4. How to Contact the Author
  4. CHAPTER 1: Mastering the Terminal Window
    1. Kali Linux File System
    2. Managing Users and Groups in Kali
    3. Files and Folders Management in Kali Linux
    4. Remote Connections in Kali
    5. Kali Linux System Management
    6. Networking in Kali Linux
    7. Summary
  5. CHAPTER 2: Bash Scripting
    1. Basic Bash Scripting
    2. Printing to the Screen in Bash
    3. Variables
    4. Script Parameters
    5. User Input
    6. Functions
    7. Conditions and Loops
    8. Summary
  6. CHAPTER 3: Network Hosts Scanning
    1. Basics of Networking
    2. Network Scanning
    3. DNS Enumeration
    4. Summary
  7. CHAPTER 4: Internet Information Gathering
    1. Passive Footprinting and Reconnaissance
    2. Summary
  8. CHAPTER 5: Social Engineering Attacks
    1. Spear Phishing Attacks
    2. Payloads and Listeners
    3. Social Engineering with the USB Rubber Ducky
    4. Summary
  9. CHAPTER 6: Advanced Enumeration Phase
    1. Transfer Protocols
    2. E‐mail Protocols
    3. Database Protocols
    4. CI/CD Protocols
    5. Web Protocols 80/443
    6. Graphical Remoting Protocols
    7. File Sharing Protocols
    8. Summary
  10. CHAPTER 7: Exploitation Phase
    1. Vulnerabilities Assessment
    2. Services Exploitation
    3. Summary
  11. CHAPTER 8: Web Application Vulnerabilities
    1. Web Application Vulnerabilities
    2. Summary
  12. CHAPTER 9: Web Penetration Testing and Secure Software Development Lifecycle
    1. Web Enumeration and Exploitation
    2. Secure Software Development Lifecycle
    3. Summary
  13. CHAPTER 10: Linux Privilege Escalation
    1. Introduction to Kernel Exploits and Missing Configurations
    2. Kernel Exploits
    3. SUID Exploitation
    4. Overriding the Passwd Users File
    5. CRON Jobs Privilege Escalation
    6. sudoers
    7. Exploiting Running Services
    8. Automated Scripts
    9. Summary
  14. CHAPTER 11: Windows Privilege Escalation
    1. Windows System Enumeration
    2. File Transfers
    3. Windows System Exploitation
    4. Summary
  15. CHAPTER 12: Pivoting and Lateral Movement
    1. Dumping Windows Hashes
    2. Pivoting with Port Redirection
    3. Summary
  16. CHAPTER 13: Cryptography and Hash Cracking
    1. Basics of Cryptography
    2. Cracking Secrets with Hashcat
    3. Summary
  17. CHAPTER 14: Reporting
    1. Overview of Reports in Penetration Testing
    2. Scoring Severities
    3. Report Presentation
    4. Summary
  18. CHAPTER 15: Assembly Language and Reverse Engineering
    1. CPU Registers
    2. Assembly Instructions
    3. Data Types
    4. Memory Segments
    5. Addressing Modes
    6. Reverse Engineering Example
    7. Summary
  19. CHAPTER 16: Buffer/Stack Overflow
    1. Basics of Stack Overflow
    2. Stack Overflow Exploitation
    3. Summary
  20. CHAPTER 17: Programming with Python
    1. Basics of Python
    2. Running Python Scripts
    3. Debugging Python Scripts
    4. Practicing Python
    5. Python Basic Syntaxes
    6. Variables
    7. More Techniques in Python
    8. Summary
  21. CHAPTER 18: Pentest Automation with Python
    1. Penetration Test Robot
    2. Summary
  22. APPENDIX A: APPENDIX AKali Linux Desktop at a Glance
    1. Downloading and Running a VM of Kali Linux
    2. Kali Xfce Desktop
    3. Summary
  23. APPENDIX B: APPENDIX BBuilding a Lab Environment Using Docker
    1. Docker Technology
    2. Summary
  24. Index
  25. Copyright
  26. About the Author
  27. About the Technical Editor
  28. Acknowledgments
  29. End User License Agreement

Product information

  • Title: Kali Linux Penetration Testing Bible
  • Author(s): Gus Khawaja
  • Release date: June 2021
  • Publisher(s): Wiley
  • ISBN: 9781119719083