| Description |
1 online resource : illustrations |
| Bibliography |
Includes bibliographical references. |
| Contents |
Cover; Title Page; Copyright and Credits; Dedication; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Bypassing Network Access Control; Technical requirements; Bypassing MAC filtering -- considerations for the physical assessor; Configuring a Kali wireless access point to bypass MAC filtering; Design weaknesses -- exploiting weak authentication mechanisms; Capturing captive portal authentication conversations in the clear; Layer-2 attacks against the network; Bypassing validation checks; Confirming the Organizationally Unique Identifier; Passive Operating system Fingerprinter |
|
Spoofing the HTTP User-AgentBreaking out of jail -- masquerading the stack; Following the rules spoils the fun -- suppressing normal TCP replies; Fabricating the handshake with Scapy and Python; Summary; Questions; Further reading; Chapter 2: Sniffing and Spoofing; Technical requirements; Advanced Wireshark -- going beyond simple captures; Passive wireless analysis; Targeting WLANs with the Aircrack-ng suite; WLAN analysis with Wireshark; Active network analysis with Wireshark; Advanced Ettercap -- the man-in-the-middle Swiss Army Knife; Bridged sniffing and the malicious access point |
|
Ettercap filters -- fine-tuning your analysisKilling connections with Ettercap filters; Getting better -- spoofing with BetterCAP; ICMP redirection with BetterCAP; Summary; Questions; Further reading; Chapter 3: Windows Passwords on the Network; Technical requirements; Understanding Windows passwords; A crash course on hash algorithms; Password hashing methods in Windows; If it ends with 1404EE, then it's easy for me -- understanding LM hash flaws; Authenticating over the network-a different game altogether; Capturing Windows passwords on the network |
|
A real-world pen test scenario -- the chatty printerConfiguring our SMB listener; Authentication capture; Hash capture with LLMNR/NetBIOS NS spoofing; Let it rip -- cracking Windows hashes; The two philosophies of password cracking; John the Ripper cracking with a wordlist; John the Ripper cracking with masking; Reviewing your progress with the show flag; Summary; Questions; Further reading; Chapter 4: Advanced Network Attacks; Technical requirements; Binary injection with BetterCAP proxy modules; The Ruby file injection proxy module -- replace_file.rb |
|
Creating the payload and connect-back listener with MetasploitHTTP downgrading attacks with sslstrip; Removing the need for a certificate -- HTTP downgrading; Understanding HSTS bypassing with DNS spoofing; HTTP downgrade attacks with BetterCAP ARP/DNS spoofing; The evil upgrade -- attacking software update mechanisms; Exploring ISR Evilgrade; Configuring the payload and upgrade module; Spoofing ARP/DNS and injecting the payload; IPv6 for hackers; IPv6 addressing basics; Local IPv6 reconnaissance and the Neighbor Discovery Protocol; IPv6 man-in-the-middle -- attacking your neighbors |
|
Living in an IPv4 world -- creating a local 4-to-6 proxy for your tools |
| Summary |
Penetration testing is highly competitive, and it's easy to get stuck in the same routine client after client. This book will provide hands-on experience with penetration testing while guiding you through behind-the-scenes action along the way. |
| Subject |
Microsoft Windows (Computer file)
|
|
Kali Linux.
|
|
Kali Linux |
|
Microsoft Windows (Computer file) |
|
Penetration testing (Computer security)
|
|
Computer security.
|
|
Computers -- Access control.
|
|
Windows PowerShell (Computer program language)
|
|
Computer Security |
|
Tests d'intrusion. |
|
Sécurité informatique. |
|
Ordinateurs -- Accès -- Contrôle. |
|
Windows PowerShell (Langage de programmation) |
|
Computer security |
|
Computers -- Access control |
|
Penetration testing (Computer security) |
|
Windows PowerShell (Computer program language) |
| Other Form: |
Print version: Bramwell, Phil. Hands-On Penetration Testing on Windows : Unleash Kali Linux, PowerShell, and Windows Debugging Tools for Security Testing and Analysis. Birmingham : Packt Publishing Ltd, ©2018 9781788295666 |
| ISBN |
9781788295093 (electronic bk.) |
|
1788295099 (electronic bk.) |
|
1788295668 (Trade Paper) |
|
9781788295666 |
| Standard No. |
9781788295666 |
More Resources