Preface
This book reveals the best methodologies and techniques for a penetration testing process with the help of Kali Linux. This is a value add for network system admins, aiding them to understand the entire security testing methodology. This will help protect them from day-to-day attacks by allowing them to find and patch the vulnerability beforehand. As penetration testing in corporate environments usually happens on an annual basis, this will assist the admins to proactively protect their network on a regular basis.
This book covers recipes to get you started with security testing and performing your own security assessment in the corporate network or the server being tested. By the end of this book, you will have developed a greater skill set and knowledge of a complete penetration testing scenario, and you will be able to perform a successful penetration test of any network.
Kali Linux is an advanced OS with advanced tools that will help identify, detect, and exploit vulnerability. It is considered a one-stop OS for successful security testing.
What this book covers
Chapter 1, Getting Started - Setting Up an Environment, teaches you how to install Kali Linux and Kali products on your system, Amazon Cloud, mobile device, and Docker. This chapter helps you get familiarized with the installation of Kali Linux on multiple mediums of convenience, along with the installation of multiple third-party tools.
Chapter 2, Network Information Gathering, covers discovering servers and open ports over the network. You will also learn to probe services and grab banners, and different ways to scan the network, including IDS/IPS/firewall bypass.
Chapter 3, Network Vulnerability Assessment, shows you how to use certain Kali tools for vulnerability assessment. You will learn about vulnerability assessment by testing one of the vulnerable machines as a part of the learning process. You will also learn to use advanced tools to perform assessment.
Chapter 4, Network Exploitation, covers multiple techniques to break into network services such as FTP, HTTP, SSH, SQL. Additionally, you will learn how to exploit vulnerable services on Linux and Windows machines.
Chapter 5, Web Application Information Gathering, shows how to perform web application reconnaissance, gathering via DNS protocol, and detecting WAF firewalls/load balancers. You will also learn how to perform brute forcing to discover hidden files/folders and CMS/plugin detection, along with finding SSL cipher vulnerabilities.
Chapter 6, Web Application Vulnerability Assessment, demonstrates how to install Docker using various web application testing tools to find vulnerabilities on applications, and setting up proxy and various attacks via proxy.
Chapter 7, Web Application Exploitation, teaches you how to perform the exploitation of web-based vulnerabilities. You will learn how to perform RFI/LFI attacks, WebDAV exploiting, exploiting file upload vulnerabilities, SQL injection vulnerabilities, and so on.
Chapter 8, System and Password Exploitation, shows how to crack password hashes on Windows/Linux OS. You will also learn a practical approach to how to use the social engineering toolkit and BEef-xxs for exploitation, and gain access to target systems.
Chapter 9, Privilege Escalation and Exploitation, gives you a practical approach to elevating privileges to system/root level. You will learn various techniques that will help you elevate privileges on Windows machines.
Chapter 10, Wireless Exploitation, teaches you how to set up the wireless network for penetration testing and understanding the basics. You will also learn how to crack WEP, WPA2, and WPS. Along with this, you will also learn denial of service attacks.
Appendix, Pen Testing 101 Basics, this will help the reader understand the different types of testing methods, what is the purpose of doing it and also give an insight of how corporate level testing works like. It also gives an understanding of the entire security testing objective.
What you need for this book
To follow the recipes in this book, you will need the latest instance of Kali Linux; it can be found at https://www.kali.org/downloads/. Detailed installation steps are presented in the readme section of Kali, which can be found at http://docs.kali.org/category/installation. For wireless testing, a wireless device will be required; for testing purposes we have demonstrated using the alfa awus036h card. Chipsets with similar capabilities can be found at https://www.aircrack-ng.org/doku.php?id=compatibility_drivers.
In certain instances, it is necessary to install Docker, from which the reader can pull the vulnerable image and begin testing. Docker can be installed from https://www.docker.com/get-docker. We have also shown how NetHunter can be installed on OnePlus One mobile devices; to do the same, a OnePlus One or a Kali NetHunter supported device will be required. NetHunter supported devices include the following: Nexus 5, Nexus 6, Nexus 7, Nexus 9, Nexus 10, and OnePlus One.
Who this book is for
This book is dedicated to all the system network admins, individuals aspiring to understand security testing methodologies in corporate networks. Even beginners can find suitable content to understand testing Linux, Windows servers, and wireless networks.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it, How it works, There's more, and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
Getting ready
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There's more…
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "In your terminal window, open the /etc/apt/sources.list.d/backports.list
file in your favorite editor."
Any command-line input or output is written as follows:
docker pull kalilinux/kali-linux-docker
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Choose your preferred language and click on Continue."
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail feedback@packtpub.com
, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors .
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at copyright@packtpub.com
with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at questions@packtpub.com
, and we will do our best to address the problem.