Kali Linux: Assuring Security By Penetration Testing

Book Description

Master the art of penetration testing with Kali Linux

Overview

• Learn penetration testing techniques with an in-depth coverage of Kali Linux distribution
• Explore the insights and importance of testing your corporate network systems before the hackers strike
• Understand the practical spectrum of security tools by their exemplary usage, configuration, and benefits

In Detail

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement.

Kali Linux – Assuring Security By Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today’s digital age.

Starting with lab preparation and testing procedures that explain the basic installation and configuration set up, this guide then focuses on discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the Kali Linux specific testing process. A number of security assessment tools are discussed, including those necessary to conduct penetration testing in their respective categories, following the formal testing methodology. Each of these tools have been annotated with real-world examples in context of highlighting their practical usage and proven configuration techniques. Extra weaponry treasure is also provided, and key resources that may be crucial to any professional penetration tester are cited in this book.

What you will learn from this book

• Develop the Kali Linux environment in your test lab by installing, configuring, running, and updating its core system components
• Draw a formal Kali Linux testing methodology
• Scope your target with definitive test requirements, limitations, business objectives, and schedule the test plan
• Practically exercise a number of security tools from Kali Linux, logically divided into sub-categories of testing methodology
• Practice the processes of reconnaissance, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, and maintaining access to target for evaluation purposes
• Document, report, and present your verified test results to the relevant authorities in a formal reporting structure
• Assess your target information system’s environment built with various technologies, such as web applications, network administration servers, workstations, Cisco devices, firewalls, load balancers, routers, switches, intrusion detection and prevention devices, and many more
• Examine and research the vulnerability in a greater detail before attempting to exploit it
• Exploit human vulnerability by wrapping yourself with an art of deception to acquire the target

Table of Contents

Part I: Lab Preparation and Testing Procedures
Chapter 1: Beginning with Kali Linux
Chapter 2: Penetration Testing Methodology

Part II: Penetration Testers Armory
Chapter 3: Target Scoping
Chapter 4: Information Gathering
Chapter 5: Target Discovery
Chapter 6: Enumerating Target
Chapter 7: Vulnerability Mapping
Chapter 8: Social Engineering
Chapter 9: Target Exploitation
Chapter 10: Privilege Escalation
Chapter 11: Maintaining Access
Chapter 12: Documentation and Reporting

Part III: Extra Ammunition
Appendix A: Supplementary Tools
Appendix B: Key Resources

中文：

书名：Kali Linux：通过渗透测试确保安全

使用Kali Linux掌握渗透测试的艺术

概述

• 深入了解Kali Linux发行版，学习渗透测试技术
• 了解在黑客袭击之前测试您的公司网络系统的洞察力和重要性
• 通过安全工具的典型用法、配置和优势，了解安全工具的实用范围

详细地说

Kali Linux是一个全面的渗透测试平台，拥有先进的工具来识别、检测和利用目标网络环境中发现的漏洞。使用Kali Linux，您可以通过定义的业务目标和预定的测试计划应用适当的测试方法，从而实现成功的渗透测试项目。

Kali Linux&#8211；通过渗透测试确保安全是一本完全专注、结构化的书，它通过演示一致的、循序渐进的方法展示尖端黑客工具和技术，提供了开发实用渗透测试技能的指导。这本书为你提供了所有必要的实验室准备和测试程序，从商业角度反映了当今数字时代的真实世界攻击场景。

本指南从解释基本安装和配置设置的实验室准备和测试程序开始，然后重点讨论渗透测试的类型(黑盒和白盒)，揭示开放安全测试方法，并提出Kali Linux特定的测试流程。讨论了一些安全评估工具，包括按照正式测试方法在各自类别中进行渗透测试所必需的工具。这些工具中的每一个都用真实世界的示例进行了注释，强调了它们的实际用法和经过验证的配置技术。这本书还提供了额外的武器宝藏，并引用了可能对任何专业渗透测试员至关重要的关键资源。

What you will learn from this book

• 在您的测试实验室中通过安装、配置、运行和更新其核心系统组件来开发Kali Linux环境
• 绘制正式的Kali Linux测试方法学
• 根据明确的测试要求、限制、业务目标确定目标范围，并安排测试计划
• 实际使用Kali Linux中的一些安全工具，逻辑上划分为测试方法学的子类别
• 实践侦察、发现、枚举、漏洞映射、社会工程、利用、权限提升和出于评估目的维护对目标的访问的流程
• 以正式的报告结构记录、报告并将验证后的测试结果提交给相关机构
• 评估使用各种技术构建的目标信息系统环境，例如Web应用程序、网络管理服务器、工作站、思科设备、防火墙、负载均衡器、路由器、交换机、入侵检测和防御设备等
• 在尝试利用该漏洞之前，请更详细地检查和研究该漏洞
• 利用人类的弱点，用一种欺骗的艺术来包装自己，以获得目标

目录表

Part I: Lab Preparation and Testing Procedures
第1章：从Kali Linux开始
第2章：渗透测试方法

第二部分：侵彻测试仪军械
Chapter 3: Target Scoping
Chapter 4: Information Gathering
Chapter 5: Target Discovery
Chapter 6: Enumerating Target
Chapter 7: Vulnerability Mapping
Chapter 8: Social Engineering
Chapter 9: Target Exploitation
Chapter 10: Privilege Escalation
Chapter 11: Maintaining Access
第12章：文件和报告

Part III: Extra Ammunition
Appendix A: Supplementary Tools
附录B：主要资源