Kali Linux intrusion and exploitation cookbook over 70 recipes for system administrator or DevOps to master Kali Linux 2 and perform effective security assessment
Over 70 recipes for system administrators or DevOps to master Kali Linux 2 and perform effective security assessments About This Book Set up a penetration testing lab to conduct a preliminary assessment of attack surfaces and run exploits Improve your testing efficiency with the use of automated vul...
| Otros Autores: | , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Birmingham, [England] :
Packt
2017.
|
| Edición: | 1st edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009630154306719 |
Tabla de Contenidos:
- Cover
- Copyright
- Credits
- About the Authors
- About the Reviewers
- www.PacktPub.com
- Customer Feedback
- Table of Contents
- Preface
- Chapter 1: Getting Started - Setting Up an Environment
- Introduction
- Installing Kali Linux on Cloud - Amazon AWS
- Getting ready
- How to do it...
- How it works...
- There's more...
- Installing Kali Linux on Docker
- Getting ready
- How to do it...
- How it works...
- There's more...
- Installing NetHunter on OnePlus One
- Getting ready
- How to do it...
- How it works...
- There's more...
- Installing Kali Linux on a virtual machine
- Getting ready
- How to do it...
- How it works...
- Customizing Kali Linux for faster package updates
- Getting ready
- How to do it...
- How it works...
- Customizing Kali Linux for faster operations
- Getting ready
- How to do it...
- How it works...
- Configuring remote connectivity services - HTTP, TFTP, and SSH
- Getting ready
- How to do it...
- How it works...
- Configuring Nessus and Metasploit
- Getting ready
- How to do it...
- How it works...
- There's more...
- Configuring third-party tools
- Getting ready
- How to do it...
- How it works...
- Installing Docker on Kali Linux
- Getting ready
- How to do it...
- How it works...
- Chapter 2: Network Information Gathering
- Introduction
- Discovering live servers over the network
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Bypassing IDS/IPS/firewall
- Getting ready
- How to do it...
- How it works...
- There's more...
- Discovering ports over the network
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also
- Using unicornscan for faster port scanning
- Getting ready
- How to do it...
- How it works...
- There's more...
- Service fingerprinting
- Getting ready.
- How to do it...
- How it works...
- There's more...
- Determining the OS using nmap and xprobe2
- Getting ready
- How to do it...
- How it works...
- There's more...
- Service enumeration
- Getting ready
- How to do it...
- How it works...
- There's more...
- Open-source information gathering
- Getting ready
- How to do it...
- How it works...
- There's more...
- Chapter 3: Network Vulnerability Assessment
- Introduction
- Using nmap for manual vulnerability assessment
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also...
- Integrating nmap with Metasploit
- Getting ready
- How to do it...
- How it works...
- There's more...
- Walkthrough of Metasploitable assessment with Metasploit
- Getting ready...
- How to do it...
- How it works...
- There's more...
- See also...
- Vulnerability assessment with OpenVAS framework
- Getting ready
- How to do it...
- How it works...
- There's more...
- PTES
- OWASP
- Web Application Hacker's Methodology
- See also...
- Chapter 4: Network Exploitation
- Introduction
- Gathering information for credential cracking
- Getting ready
- How to do it...
- Cracking FTP login using custom wordlist
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking SSH login using custom wordlist
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking HTTP logins using custom wordlist
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking MySql and PostgreSQL login using custom wordlist
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking Cisco login using custom wordlist
- Getting ready
- How to do it...
- How it works...
- There's more...
- Exploiting vulnerable services (Unix)
- Getting ready
- How to do it.
- How it works...
- There's more...
- Exploiting vulnerable services (Windows)
- Getting ready
- How to do it...
- How it works...
- There's more...
- Exploiting services using exploit-db scripts
- Getting ready
- How to do it...
- How it works...
- There's more...
- Chapter 5: Web Application Information Gathering
- Introduction
- Setting up API keys for recon-ng
- Getting ready
- How to do it...
- How it works...
- Using recon-ng for reconnaissance
- Getting ready
- How to do it...
- Gathering information using theharvester
- Getting ready
- How to do it...
- How it works...
- Using DNS protocol for information gathering
- Getting ready
- How to do it...
- How it works...
- There's more...
- Web application firewall detection
- Getting ready
- How to do it...
- How it works...
- HTTP and DNS load balancer detection
- Getting ready
- How to do it...
- How it works...
- Discovering hidden files/directories using DirBuster
- Getting ready
- How to do it...
- How it works...
- CMS and plugins detection using WhatWeb and p0f
- Getting ready
- How to do it...
- How it works...
- There's more...
- Finding SSL cipher vulnerabilities
- Getting ready
- How to do it...
- How it works...
- Chapter 6: Building a Classification Model with Spark *
- Types of classification models
- Linear models
- Logistic regression
- Multinomial logistic regression
- Visualizing the StumbleUpon dataset
- Extracting features from the Kaggle/StumbleUpon evergreen classification dataset
- StumbleUponExecutor
- Linear support vector machines
- The naïve Bayes model
- Decision trees
- Ensembles of trees
- Random Forests
- Gradient-Boosted trees
- Multilayer perceptron classifier
- Extracting the right features from your data
- Training classification models.
- Training a classification model on the Kaggle/StumbleUpon evergreen classification dataset
- Using classification models
- Generating predictions for the Kaggle/StumbleUpon evergreen classification dataset
- Evaluating the performance of classification models
- Accuracy and prediction error
- Precision and recall
- ROC curve and AUC
- Improving model performance and tuning parameters
- Feature standardization
- Additional features
- Using the correct form of data
- Tuning model parameters
- Linear models
- Iterations
- Step size
- Regularization
- Decision trees
- Tuning tree depth and impurity
- The naïve Bayes model
- Cross-validation
- Summary
- Chapter 7: Web Application Vulnerability Assessment
- Introduction
- Running vulnerable web applications in Docker
- Getting ready
- How to do it...
- How it works...
- Using W3af for vulnerability assessment
- Getting ready
- How to do it...
- How it works...
- Using Nikto for web server assessment
- Getting ready
- How to do it...
- How it works...
- Using Skipfish for vulnerability assessment
- Getting ready
- How it works...
- Using Burp Proxy to intercept HTTP traffic
- Getting ready
- How to do it...
- How it works...
- Using Burp Intruder for customized attack automation
- Getting ready
- How to do it...
- How it works...
- Using Burp Sequencer to test the session randomness
- Getting ready
- How to do it...
- How it works...
- Chapter 8: Web Application Exploitation
- Introduction
- Using Burp for active/passive scanning
- Getting ready
- How to do it...
- How it works...
- Using sqlmap to find SQL Injection on the login page
- Getting ready
- How to do it...
- How it works...
- Exploiting SQL Injection on URL parameters using SQL Injection
- Getting ready
- How to do it...
- How it works...
- Getting ready
- How to do it.
- How it works...
- Using Weevely for file upload vulnerability
- Getting ready
- How to do it...
- How it works...
- Exploiting Shellshock using Burp
- Getting ready
- How to do it...
- How it works...
- Using Metasploit to exploit Heartbleed
- Getting ready
- How to do it...
- How it works...
- Using the FIMAP tool for file inclusion attacks (RFI/LFI)
- Getting ready
- How to do it...
- How it works...
- Chapter 9: System and Password Exploitation
- Introduction
- Using local password-attack tools
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking password hashes
- Getting ready
- How to do it...
- How it works...
- There's more...
- Using Social-Engineering Toolkit
- Getting ready
- How to do it...
- How it works...
- There's more...
- Using BeEF for browser exploitation
- Getting ready
- How to do it...
- How it works...
- There's more...
- Cracking NTLM hashes using rainbow tables
- Getting ready
- How to do it...
- How it works...
- There's more...
- Chapter 10: Privilege Escalation and Exploitation
- Introduction
- Using WMIC to find privilege-escalation vulnerabilities
- Getting ready
- How to do it...
- How it works...
- There's more...
- Sensitive-information gathering
- Getting ready
- How to do it...
- There's more...
- Unquoted service-path exploitation
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also...
- Service permission issues
- Getting ready
- How to do it...
- How it works...
- There's more...
- Misconfigured software installations/insecure file permissions
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also...
- Linux privilege escalation
- Getting ready
- How to do it...
- How it works...
- There's more...
- See also...
- Chapter 11: Wireless Exploitation.
- Introduction.
