Mastering Kali Linux for Advanced Penetration Testing

Book Description

A practical guide to testing your network’s security with Kali Linux – the preferred choice of penetration testers and hackers

Overview

• Conduct realistic and effective security tests on your network
• Demonstrate how key data systems are stealthily exploited, and learn how to identify attacks against your own systems
• Use hands-on techniques to take advantage of Kali Linux, the open source framework of security tools

In Detail

Mastering Kali Linux for Advanced Penetration Testing will teach you the kill chain perspective in assessing network security – from selecting the most effective tools, to rapidly compromising network security, to highlighting the techniques used to avoid detection.

This book will take you, as a tester, through the reconnaissance, exploitation, and post-exploitation activities used by penetration testers and hackers. After learning the hands-on techniques to perform an effective and covert attack, specific routes to the target will be examined, including bypassing physical security. You will also get to grips with concepts such as social engineering, attacking wireless networks, web services, and remote access connections. Finally, you will focus on the most vulnerable part of the network – directly attacking the end user.

This book will provide all the practical knowledge needed to test your network’s security using a proven hacker’s methodology.

What you will learn from this book

• Employ the methods used by real hackers effectively, to ensure the most effective penetration testing of your network
• Select and configure the most effective tools from Kali Linux to test network security
• Employ stealth to avoid detection in the network being tested
• Recognize when stealthy attacks are being used against your network
• Exploit networks and data systems using wired and wireless networks as well as web services
• Identify and download valuable data from target systems
• Maintain access to compromised systems
• Use social engineering to compromise the weakest part of the network -the end users

Approach

This book provides an overview of the kill chain approach to penetration testing, and then focuses on using Kali Linux to provide examples of how this methodology is applied in the real world. After describing the underlying concepts, step-by-step examples are provided that use selected tools to demonstrate the techniques.

Table of Contents

Part 1: The Attacker’s Kill Chain
Chapter 1: Starting with Kali Linux
Chapter 2: Identifying the Target – Passive Reconnaissance
Chapter 3: Active Reconnaissance and Vulnerability Scanning
Chapter 4: Exploit
Chapter 5: Post Exploit – Action on the Objective
Chapter 6: Post Exploit – Persistence

Part 2: The Delivery Phase
Chapter 7: Physical Attacks and Social Engineering
Chapter 8: Exploiting Wireless Communications
Chapter 9: Reconnaissance and Exploitation of Web-based Applications
Chapter 10: Exploiting Remote Access Communications
Chapter 11: Client-side Exploitation

Appendix: Installing Kali Linux

中文：

书名：Mastering Kali Linux for Advanced Penetration Testing

使用渗透测试仪和黑客的首选Kali Linux测试您的网络安全的实用指南

概述

• Conduct realistic and effective security tests on your network
• 演示如何秘密利用关键数据系统，并了解如何识别针对您自己系统的攻击
• 使用实际操作技术来利用开源安全工具框架Kali Linux

详细地说

掌握用于高级渗透测试的Kali Linux将教您从杀伤链的角度评估网络安全，从选择最有效的工具到快速危害网络安全，再到强调用于避免检测的技术。

本书将带您作为一名测试人员，了解渗透测试人员和黑客使用的侦察、攻击和后攻击活动。在学习了执行有效和隐蔽攻击的动手技术后，将检查到达目标的特定路线，包括绕过物理安全。您还将掌握社会工程、攻击无线网络、Web服务和远程访问连接等概念。最后，您将重点介绍网络中最易受攻击的部分&直接攻击终端用户。

本书将提供使用经过验证的黑客方法测试您的网络安全所需的所有实用知识。

你将从这本书中学到什么

• 有效利用真正黑客使用的方法，确保对您的网络进行最有效的渗透测试
• Select and configure the most effective tools from Kali Linux to test network security
• Employ stealth to avoid detection in the network being tested
• Recognize when stealthy attacks are being used against your network
• 使用有线和无线网络以及Web服务开发网络和数据系统
• 识别并从目标系统下载有价值的数据
• 维护对受威胁系统的访问权限
• Use social engineering to compromise the weakest part of the network -the end users

方法

这本书概述了渗透性测试的杀伤链方法，然后重点介绍了如何使用Kali Linux来提供如何在现实世界中应用这种方法的示例。在描述了基本概念之后，提供了使用所选工具来演示技术的分步示例。

目录表

Part 1: The Attacker’s Kill Chain
第1章：从Kali Linux开始
Chapter 2: Identifying the Target – Passive Reconnaissance
第3章：主动侦察和漏洞扫描
第4章：利用
第五章：后利用–对目标采取行动
Chapter 6: Post Exploit – Persistence

Part 2: The Delivery Phase
第7章：身体攻击和社会工程
Chapter 8: Exploiting Wireless Communications
Chapter 9: Reconnaissance and Exploitation of Web-based Applications
第10章：利用远程访问通信
第11章：客户端利用

附录：安装Kali Linux