Book Description
Build, test, and customize your own Capture the Flag challenges across multiple platforms designed to be attacked with Kali Linux
Overview
- Put the skills of the experts to the test with these tough and customisable pentesting projects
- Develop each challenge to suit your specific training, testing, or client engagement needs
- Hone your skills, from wireless attacks to social engineering, without the need to access live systems
In Detail
As attackers develop more effective and complex ways to compromise computerized systems, penetration testing skills and tools are in high demand. A tester must have varied skills to combat these threats or fall behind. This book provides practical and customizable guides to set up a variety of exciting challenge projects that can then be tested with Kali Linux.
Learn how to create, customize, and exploit penetration testing scenarios and assault courses. Start by building flawed fortresses for Windows and Linux servers, allowing your testers to exploit common and not-so-common vulnerabilities to break down the gates and storm the walls. Mimic the human element with practical examples of social engineering projects. Facilitate vulnerable wireless and mobile installations and cryptographic weaknesses, and replicate the Heartbleed vulnerability. Finally, combine your skills and work to create a full red-team assessment environment that mimics the sort of corporate network encountered in the field.
What you will learn from this book
- Set up vulnerable services for both Windows and Linux
- Create dummy accounts for social engineering manipulation
- Set up Heartbleed replication for vulnerable SSL servers
- Develop full-size labs to challenge current and potential testers
- Construct scenarios that can be applied to Capture the Flag style challenges
- Add physical components to your scenarios and fire USB missile launchers at your opponents
- Challenge your own projects with a best-practice exploit guide to each scenario
Approach
Taking a highly practical approach and a playful tone, Kali Linux CTF Blueprints provides step-by-step guides to setting up vulnerabilities, in-depth guidance to exploiting them, and a variety of advice and ideas to build and customize your own challenges.
Who this book is written for
If you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.
Table of Contents
Chapter 1: Microsoft Environments
Chapter 2: Linux Environments
Chapter 3: Wireless and Mobile
Chapter 4: Social Engineering
Chapter 5: Cryptographic Projects
Chapter 6: Red Teaming
中文:
书名:Kali Linux CTF Blueprints
构建、测试和定制您自己的跨多个平台的捕获旗帜挑战,旨在利用Kali Linux进行攻击
Overview
- 通过这些艰难且可定制的五项测试项目,考验专家的技能
- 根据您的特定培训、测试或客户参与需求制定每个挑战
- 无需访问实时系统即可磨练您的技能,从无线攻击到社交工程
详细地说
随着攻击者开发出更有效和更复杂的方法来破坏计算机化的系统,渗透测试技能和工具的需求越来越高。测试员必须拥有各种技能来应对这些威胁,否则就会落后。这本书提供了实用的和可定制的指南来设置各种令人兴奋的挑战项目,然后可以使用Kali Linux进行测试。
了解如何创建、定制和利用渗透测试场景和突击课程。从为Windows和Linux服务器构建有缺陷的堡垒开始,允许您的测试人员利用常见和不太常见的漏洞来破坏大门和冲击墙壁。用社会工程项目的实际例子来模仿人的因素。促进易受攻击的无线和移动安装以及加密漏洞,并复制心脏出血漏洞。最后,将你的技能和工作结合起来,创建一个完整的红团队评估环境,模仿现场遇到的那种公司网络。
你将从这本书中学到什么
- 为Windows和Linux设置易受攻击的服务
- 创建用于社会工程操纵的虚拟帐户
- 为易受攻击的SSL服务器设置心跳出血复制
- 开发全尺寸实验室以挑战现有和潜在的测试人员
- 构建可应用于捕获旗帜样式挑战的场景
- 在您的场景中添加物理组件并向您的对手发射USB导弹发射器
- 为每个场景提供最佳实践利用指南,挑战您自己的项目
Approach
Kali Linux CTF BluePrints采取了高度实用的方法和有趣的基调,提供了设置漏洞的分步指南、利用漏洞的深入指导以及构建和定制您自己的挑战的各种建议和想法。
这本书是为谁写的
如果你是渗透测试团队的领导者或个人,希望在渗透测试突击课程的创建中挑战你自己或你的朋友,这是一本适合你的书。本书假定读者具备基本的渗透技能,并熟悉Kali Linux操作系统。
目录表
第1章:Microsoft环境
第2章:Linux环境
第3章:无线和移动
第4章:社会工程
第5章:加密项目
第6章:红色团队
评论前必须登录!
注册