| Description |
1 online resource (1 volume) : illustrations |
| Note |
Previous edition published: 2014. |
| Contents |
Cover -- Copyright -- Credits -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Getting Started -- Introduction -- Configuring a security lab with VMware Player (Windows) -- Getting ready -- How to do it... -- How it works... -- Configuring a security lab with VMware Fusion (macOS) -- Getting ready -- How to do it... -- How it works... -- Installing Ubuntu Server -- Getting ready -- How to do it... -- How it works... -- Installing Metasploitable2 -- Getting ready -- How to do it... -- How it works... -- Installing Windows Server -- Getting ready -- How to do it... -- How it works... -- Increasing the Windows attack surface -- Getting ready -- How to do it... -- How it works... -- Installing Kali Linux -- Getting ready -- How to do it... -- How it works... -- Using text editors (Vim and GNU nano) -- Getting ready -- How to do it... -- How it works... -- Keeping Kali updated -- Getting ready -- How to do it... -- How it works... -- Managing Kali services -- Getting ready -- How to do it... -- How it works... -- Configuring and using SSH -- Getting ready -- How to do it... -- How it works... -- Installing Nessus on Kali Linux -- Getting ready -- How to do it... -- How it works... -- Chapter 2: Reconnaissance -- Introduction -- Using Google to find subdomains -- Getting ready -- How to do it... -- How it works... -- Finding e-mail addresses using theHarvester -- Getting ready -- How to do it... -- How it works... -- Enumerating DNS using the host command -- Getting ready -- How to do it... -- How it works... -- Enumerating DNS using DNSRecon -- Getting ready -- How to do it... -- Standard DNS enumeration -- Reverse lookups -- Zone transfer -- How it works... -- Enumerating DNS using the dnsenum command -- Getting ready -- How to do it... -- Default settings -- Brute-force -- How it works... -- Chapter 3: Discovery -- Introduction. |
|
Knowing the OSI model -- Using Scapy to perform host discovery (layers 2/3/4) -- Getting ready -- How to do it... -- Layer 2 discovery -- ARP -- Layer 3 discovery -- ICMP -- Layer 4 discovery -- TCP and UDP -- How it works... -- Using Nmap to perform host discovery (layers 2/3/4) -- Getting ready -- How to do it... -- Layer 2 discovery -- ARP -- Layer 3 discovery -- ICMP -- Layer 4 discovery -- TCP and UDP -- How it works... -- Using ARPing to perform host discovery (layer 2) -- Getting ready -- How to do it... -- How it works... -- Using netdiscover to perform host discovery (layer 2) -- Getting ready -- How to do it... -- How it works... -- Using Metasploit to perform host discovery (layer 2) -- Getting ready -- How to do it... -- How it works... -- Using hping3 to perform host discovery (layers 3/4) -- Getting ready -- How to do it... -- Layer 3 discovery -- ICMP -- Layer 4 discovery -- TCP and UDP -- How it works... -- Using ICMP to perform host discovery -- Getting ready -- How to do it... -- How it works... -- Using fping to perform host discovery -- Getting ready -- How to do it... -- How it works... -- Chapter 4: Port Scanning -- Introduction -- UDP port scanning -- TCP port scanning -- Port scanning with Scapy (UDP, stealth, connect, and zombie) -- Getting ready -- How to do it... -- UDP port scanning with Scapy -- Stealth scanning with Scapy -- Connect scanning with Scapy -- Zombie scanning with Scapy -- How it works... -- Port scanning with Nmap (UDP, stealth, connect, zombie) -- Getting ready -- How to do it... -- UDP scanning with Nmap -- Stealth scanning with Nmap -- Connect scanning with Nmap -- Zombie scanning with Nmap -- How it works... -- Port scanning with Metasploit (UDP, stealth, and connect) -- Getting ready -- How to do it... -- UDP scanning with Metasploit -- Stealth scanning with Metasploit -- Connect scanning with Metasploit -- How it works.... |
|
Port scanning with hping3 (stealth) -- Getting ready -- How to do it... -- How it works... -- Port scanning with DMitry (connect) -- Getting ready -- How to do it... -- How it works... -- Port scanning with Netcat (connect) -- Getting ready -- How to do it... -- How it works... -- Port scanning with masscan (stealth) -- Getting ready -- How to do it... -- How it works... -- Chapter 5: Fingerprinting -- Introduction -- Banner grabbing with Netcat -- Getting ready -- How to do it... -- How it works... -- Banner grabbing with Python sockets -- Getting ready -- How to do it.... -- How it works... -- Banner grabbing with DMitry -- Getting ready -- How to do it... -- How it works... -- Banner grabbing with Nmap NSE -- Getting ready -- How to do it... -- How it works... -- Banner grabbing with Amap -- Getting ready -- How to do it... -- How it works... -- Service identification with Nmap -- Getting ready -- How to do it... -- How it works... -- Service identification with Amap -- Getting ready -- How to do it... -- How it works... -- Operating system identification with Scapy -- Getting ready -- How to do it... -- How it works... -- Operating system identification with Nmap -- Getting ready -- How to do it... -- How it works... -- Operating system identification with xprobe2 -- Getting ready -- How to do it... -- How it works... -- Passive operating system identification with p0f -- Getting ready -- How to do it... -- How it works... -- SNMP analysis with Onesixtyone -- Getting ready -- How to do it... -- How it works... -- SNMP analysis with SNMPwalk -- Getting ready -- How to do it... -- How it works... -- Firewall identification with Scapy -- Getting ready -- How to do it... -- How it works... -- Firewall identification with Nmap -- Getting ready -- How to do it... -- How it works... -- Firewall identification with Metasploit -- Getting ready -- How to do it... -- How it works... -- Chapter 6: Vulnerability Scanning -- Introduction. |
|
Vulnerability scanning with the Nmap Scripting Engine -- Getting ready -- How to do it... -- How it works... -- Vulnerability scanning with MSF auxiliary modules -- Getting ready -- How to do it... -- How it works... -- Creating scan policies with Nessus -- Getting ready -- How to do it... -- How it works... -- Vulnerability scanning with Nessus -- Getting ready -- How to do it... -- How it works... -- Vulnerability scanning with OpenVAS -- Getting ready -- How to do it... -- How it works... -- Validating vulnerabilities with HTTP interaction -- Getting ready -- How to do it... -- How it works... -- Validating vulnerabilities with ICMP interaction -- Getting ready -- How to do it... -- How it works... -- Chapter 7: Denial of Service -- Introduction -- Fuzz testing to identify buffer overflows -- Getting ready -- How to do it... -- How it works... -- Remote FTP service buffer-overflow DoS -- Getting ready -- How to do it... -- How it works... -- Smurf DoS attack -- Getting ready -- How to do it... -- How it works... -- DNS amplification DoS attacks -- Getting ready -- How to do it... -- How it works... -- SNMP amplification DoS attack -- Getting ready -- How to do it... -- How it works... -- SYN flood DoS attack -- Getting ready -- How to do it... -- How it works... -- Sock stress DoS attack -- Getting ready -- How to do it... -- How it works... -- DoS attacks with Nmap NSE -- Getting ready -- How to do it... -- How it works... -- DoS attacks with Metasploit -- Getting ready -- How to do it... -- How it works... -- DoS attacks with the exploit database -- Getting ready -- How to do it... -- How it works... -- Chapter 8: Working with Burp Suite -- Introduction -- Configuring Burp Suite on Kali Linux -- Getting ready -- How to do it... -- How it works... -- Defining a web application target with Burp Suite -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Spider -- Getting ready -- How to do it.... |
|
How it works... -- Using Burp Suite Proxy -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite engagement tools -- Getting ready -- How to do it... -- How it works... -- Using the Burp Suite web application scanner -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Intruder -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Comparer -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Repeater -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Decoder -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Sequencer -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Extender -- Getting ready -- How to do it... -- How it works... -- Using Burp Suite Clickbandit -- Getting ready -- How to do it... -- How it works... -- Chapter 9: Web Application Scanning -- Introduction -- Web application scanning with Nikto -- Getting ready -- How to do it... -- How it works... -- SSL/TLS scanning with SSLScan -- Getting ready -- How to do it... -- How it works... -- SSL/TLS scanning with SSLyze -- Getting ready -- How to do it... -- How it works... -- GET method SQL injection with sqlmap -- Getting ready -- How to do it... -- How it works... -- POST method SQL injection with sqlmap -- Getting ready -- How to do it... -- How it works... -- Requesting a capture SQL injection with sqlmap -- Getting ready -- How to do it... -- How it works... -- Automating CSRF testing -- Getting ready -- How to do it... -- How it works... -- Validating command-injection vulnerabilities with HTTP traffic -- Getting ready -- How to do it... -- How it works... -- Validating command-injection vulnerabilities with ICMP traffic -- Getting ready -- How to do it... -- How it works... -- Chapter 10: Attacking the Browser with BeEF -- Hooking the browser with BeEF -- Getting ready -- How to do it... -- How it works.... |
| Summary |
Over 100 practical recipes that leverage custom scripts and integrated tools in Kali Linux to help you effectively master network scanning About This Book Learn the fundamentals behind commonly used scanning techniques Deploy powerful scanning tools that are integrated into the Kali Linux testing platform The practical recipes will help you automate menial tasks and build your own script library Who This Book Is For This book is for information security professionals and casual security enthusiasts alike. It provides foundational principles if you're a novice, but will also introduce scripting techniques and in-depth analysis if you're more advanced. Whether you are brand new to Kali Linux or a seasoned veteran, this book will help you both understand and ultimately master many of the most powerful and useful scanning techniques in the industry. It is assumed that you have some basic security testing experience. What You Will Learn Develop a network-testing environment to test scanning tools and techniques Understand the principles of network-scanning tools by building scripts and tools Identify distinct vulnerabilities in web apps and remote services and learn how they are exploited Perform comprehensive scans to identify listening on TCP and UDP sockets Get started with different Kali desktop environments--KDE, MATE, LXDE, and Xfce Use Sparta for information gathering, port scanning, fingerprinting, vulnerability scanning, and more Evaluate DoS threats and learn how common DoS attacks are performed Learn how to use Burp Suite to evaluate web applications In Detail With the ever-increasing amount of data flowing in today's world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools. Starting with the fundamentals of installing and managing Kali Linux, this book will help you map your target with a wide range of network scanning tasks, including discovery, port scanning, fingerprinting, and more. You will learn how to utilize the arsenal of tools available in Kali Linux to conquer any network environment. The book offers expanded coverage of the popular Burp Suite and h... |
| Subject |
Kali Linux.
|
|
Kali Linux |
|
Computers -- Access control.
|
|
Computer security.
|
|
Penetration testing (Computer security)
|
|
Computer networks -- Security measures.
|
|
Computer Security |
|
Ordinateurs -- Accès -- Contrôle. |
|
Sécurité informatique. |
|
Tests d'intrusion. |
|
Réseaux d'ordinateurs -- Sécurité -- Mesures. |
|
Computer networks -- Security measures |
|
Computer security |
|
Computers -- Access control |
|
Penetration testing (Computer security) |
| Added Author |
Hutchens, Justin, author.
|
| ISBN |
9781787285019 |
|
1787285014 |
|
More Resources