E-Book, Englisch, 426 Seiten
Sinha Beginning Ethical Hacking with Kali Linux
1. ed
ISBN: 978-1-4842-3891-2
Verlag: Apress
Format: PDF
Kopierschutz: 1 - PDF Watermark
Computational Techniques for Resolving Security Issues
E-Book, Englisch, 426 Seiten
ISBN: 978-1-4842-3891-2
Verlag: Apress
Format: PDF
Kopierschutz: 1 - PDF Watermark
Get started in white-hat ethical hacking using Kali Linux. This book starts off by giving you an overview of security trends, where you will learn the OSI security architecture. This will form the foundation for the rest of Beginning Ethical Hacking with Kali Linux. With the theory out of the way, you'll move on to an introduction to VirtualBox, networking, and common Linux commands, followed by the step-by-step procedure to build your own web server and acquire the skill to be anonymous . When you have finished the examples in the first part of your book, you will have all you need to carry out safe and ethical hacking experiments. After an introduction to Kali Linux, you will carry out your first penetration tests with Python and code raw binary packets for use in those tests. You will learn how to find secret directories on a target system, use a TCP client in Python, and scan ports using NMAP. Along the way you will discover effective ways to collect important information, track email, and use important tools such as DMITRY and Maltego, as well as take a look at the five phases of penetration testing. The coverage of vulnerability analysis includes sniffing and spoofing, why ARP poisoning is a threat, how SniffJoke prevents poisoning, how to analyze protocols with Wireshark, and using sniffing packets with Scapy. The next part of the book shows you detecting SQL injection vulnerabilities, using sqlmap, and applying brute force or password attacks. Besides learning these tools, you will see how to use OpenVas, Nikto, Vega, and Burp Suite. The book will explain the information assurance model and the hacking framework Metasploit, taking you through important commands, exploit and payload basics. Moving on to hashes and passwords you will learn password testing and hacking techniques with John the Ripper and Rainbow. You will then dive into classic and modern encryption techniques where you will learn the conventional cryptosystem. In the final chapter you will acquire the skill of exploiting remote Windows and Linux systems and you will learn how to own a target completely.
What You Will LearnMaster common Linux commands and networking techniques
Build your own Kali web server and learn to be anonymous
Carry out penetration testing using Python
Detect sniffing attacks and SQL injection vulnerabilities
Learn tools such as SniffJoke, Wireshark, Scapy, sqlmap, OpenVas, Nikto, and Burp Suite
Use Metasploit with Kali Linux
Exploit remote Windows and Linux systemsWho This Book Is For
Developers new to ethical hacking with a basic understanding of Linux programming.
Sanjib Sinha is an author and tech writer. A certified .NET Windows and web developer, specializing in Python security programming and PHP, he won Microsoft's Community Contributor Award in 2011. As a published author, Sanjib has written Beginning Laravel and Beginning Ethical Hacking with Python for Apress.
Autoren/Hrsg.
Weitere Infos & Material
1;Disclaimer;4
2;Table of Contents;6
3;About the Author;12
4;About the Technical Reviewer;13
5;Acknowledgments;14
6;Introduction;15
7;Chapter 1: Security Trends;17
7.1;Nature and Perspective;19
7.2;Before and After the Digital Transformation;22
7.3;The OSI Security Architecture;22
7.4;Security Attacks, Services, and Mechanisms;26
7.4.1;Timeline of Hacking;30
7.5;How to Use Google Hacking Techniques;31
7.6;Further Reading;33
8;Chapter 2: Setting Up a Penetration Testing and Network Security Lab;34
8.1;Why Virtualization?;35
8.2;Installing VirtualBox;36
8.2.1;Installing Appliances on VirtualBox;38
8.2.2;Installing VirtualBox Guest Addition;44
8.2.3;Installing Metasploitable;46
8.2.4;Installing Windows;48
8.3;Installing Kali in VMware;51
9;Chapter 3: Elementary Linux Commands;56
9.1;Finding the Kali Terminal;57
9.2;Navigating the File System;59
9.3;Working with Text Files;63
9.4;Searching Files;64
9.5;Writing to the Terminal;66
9.6;Working with Directories;67
9.7;Setting File Permissions;68
10;Chapter 4: Know Your Network;75
10.1;Networking Layers;75
10.2;Internetworking Models;79
10.2.1;OSI;79
10.2.2;TCP/IP;82
10.3;Further Reading;83
11;Chapter 5: How to Build a Kali Web Server;84
11.1;Why Do You Need a Web Server?;85
11.2;Introducing Sockets;86
11.3;Beginning the Web Server;86
11.4;Diving into Sockets;89
11.5;Installing PyCharm and the Wing IDE Editor;97
11.6;How to Stay Anonymous;99
11.6.1;Changing Your Proxy Chain;101
11.6.2;Working with DNS Settings;105
11.6.3;Using a VPN;107
11.6.4;Changing Your MAC Address;113
12;Chapter 6: Kali Linux from the Inside Out;118
12.1;More About Kali Linux Tools;119
12.1.1;Information Gathering;120
12.1.2;Vulnerability Analysis;121
12.1.3;Wireless Attacks;122
12.1.4;Web Applications;122
12.1.5;WPS Tools;123
12.1.6;Exploitation Tools;124
12.1.7;Forensic Tools;124
12.1.8;Sniffing and Spoofing;125
12.1.9;Password Attacks;125
12.1.10;Maintaining Access;126
12.1.11;Reverse Engineering;126
12.1.12;Hardware Hacking;127
12.2;Exploring Kali Linux from the Inside;127
12.2.1;Machine Language;127
12.2.2;Registers;128
12.2.3;Why Is Understanding Memory So Important?;129
12.2.4;Editors;130
12.2.5;Hacking Tools;134
12.3;Staying Updated with SSH;137
12.3.1;Getting Started;138
12.3.2;Working with Blacklists and Whitelists;141
12.3.3;Securing SSH;143
12.3.4;Connecting to Kali Linux Over SSH;147
13;Chapter 7: Kali Linux and Python;149
13.1;What Is Penetration Testing?;149
13.2;First Penetration Using Python;151
13.2.1;Whois Searches for More Information;154
13.2.2;Finding Secret Directories;164
13.2.2.1;Why Are Web Robots Used?;164
13.2.2.2;How Does This robots.txt File Work?;165
13.2.2.3;Finding the Restricted Parts of a Web Site;165
13.2.3;Top-Level Domain Scanning;170
13.2.4;Obtaining a Web Site’s IP Address;173
13.3;TCP Client in Python and Services;176
13.4;Capturing Raw Binary Packets;182
13.5;Port Scanning Using Nmap;186
13.5.1;Importing the Nmap Module;187
13.5.2;What Does Nmap Do?;192
13.5.3;Nmap Network Scanner;195
14;Chapter 8: Information Gathering;201
14.1;Python Virtual Environment;202
14.2;Reconnaissance Tools;209
14.2.1;Know the Domain and Hostname;210
14.2.2;E-mail Tracking Made Easy;212
14.2.3;Searching the Internet Archive;214
14.2.4;Passive Information;216
14.2.5;Web Spiders Are Crawling;217
14.2.6;More About Scanning;218
14.2.7;You Can Find Location Too!;225
14.3;DMitry, Maltego, and Other Tools;226
14.4;Summarizing the Five Phases of Penetration;232
15;Chapter 9: SQL Mapping;233
15.1;Sniffing and Spoofing;233
15.1.1;Packing and Unpacking with Python;235
15.1.2;Why Wireless Media Is Vulnerable;239
15.1.3;ARP Poisoning Is a Threat;240
15.1.3.1;SniffJoke Prevents Poisoning;241
15.1.3.2;Analyzing Protocols Using Wireshark;245
15.1.3.3;Sniffing Packets Using Scapy;246
15.2;SQL Injection;253
15.2.1;Detecting SQL Injection Vulnerabilities;254
15.2.2;How to Use sqlmap;255
15.3;Brute-Force or Password Attacks;265
16;Chapter 10: Vulnerability Analysis;271
16.1;Overview of Vulnerability Analysis Tools;271
16.2;How to Use OpenVas;272
16.3;How to Use Nikto;280
16.4;How to Use Vega;282
16.5;How to Use Burp Suite;288
17;Chapter 11: Information Assurance Model;295
17.1;What the AI Model Is All About;296
17.2;How to Tie the Elements Together?;297
17.3;How the AI Model Works;299
17.4;Why Is the AI Model Important?;301
17.5;Further Reading;302
18;Chapter 12: Introducing Metasploit in Kali Linux;303
18.1;Understanding the Metasploit Architecture;304
18.2;Summarizing Modules;307
18.3;Mixins and Plugins in Ruby;314
18.4;Metasploit Console or Interface;316
18.5;Exploits and Payloads in Metasploit;320
18.5.1;How to Use Exploit and Payloads;321
18.5.2;How to Start Exploits;327
19;Chapter 13: Hashes and Passwords;335
19.1;Hashes and Encryption;336
19.2;Password Testing Tools;339
19.3;John the Ripper and Johnny;350
19.4;How to Use RainbowCrack;354
20;Chapter 14: Classic and Modern Encryption;358
20.1;Nature and Perspective;359
20.2;Models of the Cryptography System;363
20.3;Types of Attacks on Encrypted Messages;365
21;Chapter 15: Exploiting Targets;367
21.1;Exploiting Linux with Metasploit;368
21.1.1;Exploiting Samba;369
21.1.2;Exploiting IRC;381
21.2;Exploiting Windows with Armitage;390
22;Index;414
