更新时间:2021-07-16 11:33:50
coverpage
Mastering Kali Linux for Advanced Penetration Testing
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files eBooks discount offers and more
Preface
The "Kill Chain" approach to penetration testing
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Disclaimer
Part 1. The Attacker's Kill Chain
Chapter 1. Starting with Kali Linux
Kali Linux
Configuring network services and secure communications
Updating Kali Linux
Configuring and customizing Kali Linux
Managing third-party applications
Effective management of penetration tests
Summary
Chapter 2. Identifying the Target – Passive Reconnaissance
Basic principles of reconnaissance
Open Source intelligence
DNS reconnaissance and route mapping
Obtaining user information
Profiling users for password lists
Chapter 3. Active Reconnaissance and Vulnerability Scanning
Stealth scanning strategies
Identifying the network infrastructure
Enumerating hosts
Port operating system and service discovery
Employing comprehensive reconnaissance applications
Vulnerability scanning
Chapter 4. Exploit
Threat modeling
Using online and local vulnerability resources
Exploiting multiple targets with Armitage
Bypassing IDs and antivirus detection
Chapter 5. Post Exploit – Action on the Objective
Bypassing Windows User Account Control
Conducting a rapid reconnaissance of a compromised system
Finding and taking sensitive data – pillaging the target
Creating additional accounts
Using Metasploit for post-exploit activities
Escalating user privileges on a compromised host
Replaying authentication tokens using incognito
Accessing new accounts with horizontal escalation
Covering your tracks
Chapter 6. Post Exploit – Persistence
Compromising the existing system and application files for remote access
Using persistent agents
Maintaining persistence with the Metasploit Framework
Creating a standalone persistent agent with Metasploit
Redirecting ports to bypass network controls
Part 2. The Delivery Phase
Chapter 7. Physical Attacks and Social Engineering
Social Engineering Toolkit
Using the PowerShell alphanumeric shellcode injection attack
Hiding executables and obfuscating the attacker's URL
Escalating an attack using DNS redirection
Physical access and hostile devices
Chapter 8. Exploiting Wireless Communications
Configuring Kali for wireless attacks
Wireless reconnaissance
Bypassing a Hidden Service Set Identifier
Bypassing the MAC address authentication
Compromising a WEP encryption
Attacking WPA and WPA2
Cloning an access point
Denial-of-service attacks
Chapter 9. Reconnaissance and Exploitation of Web-based Applications
Conducting reconnaissance of websites
Vulnerability scanners
Testing security with client-side proxies
Server exploits
Application-specific attacks
Maintaining access with web backdoors
Chapter 10. Exploiting Remote Access Communications
Exploiting operating system communication protocols
Exploiting third-party remote access applications
Attacking Secure Sockets Layer
Attacking an IPSec Virtual Private Network
Chapter 11. Client-side Exploitation
Attacking a system using hostile scripts
The Cross-Site Scripting Framework
The Brower Exploitation Framework – BeEF
