You are previewing Kali Linux Cookbook.
O'Reilly logo
Kali Linux Cookbook

Book Description

When you know what hackers know, you’re better able to protect your online information. With this book you’ll learn just what Kali Linux is capable of and get the chance to use a host of recipes.

  • Recipes designed to educate you extensively on the penetration testing principles and Kali Linux tools

  • Learning to use Kali Linux tools, such as Metasploit, Wire Shark, and many more through in-depth and structured instructions

  • Teaching you in an easy-to-follow style, full of examples, illustrations, and tips that will suit experts and novices alike

  • In Detail

    In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world’s most popular penetration testing distribution.

    Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks.

    Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!

    Table of Contents

    1. Kali Linux Cookbook
      1. Table of Contents
      2. Kali Linux Cookbook
      3. Credits
      4. About the Authors
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why Subscribe?
          2. Free Access for Packt account holders
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. Up and Running with Kali Linux
        1. Introduction
        2. Installing to a hard disk drive
          1. Getting ready
          2. How to do it...
        3. Installing to a USB drive with persistent memory
          1. Getting ready
          2. How to do it...
        4. Installing in VirtualBox
          1. Getting ready
          2. How to do it...
        5. Installing VMware Tools
          1. Getting ready
          2. How to do it...
          3. How it works...
        6. Fixing the splash screen
          1. How to do it...
        7. Starting network services
          1. Getting ready
          2. How to do it...
        8. Setting up the wireless network
          1. How to do it...
          2. How it works...
      9. 2. Customizing Kali Linux
        1. Introduction
        2. Preparing kernel headers
          1. Getting ready
          2. How to do it...
        3. Installing Broadcom drivers
          1. Getting ready
          2. How to do it...
        4. Installing and configuring ATI video card drivers
          1. Getting ready
          2. How to do it...
        5. Installing and configuring nVidia video card drivers
          1. Getting ready
          2. How to do it...
        6. Applying updates and configuring extra security tools
          1. How to do it...
        7. Setting up ProxyChains
          1. How to do it...
        8. Directory encryption
          1. How to do it...
          2. How it works...
      10. 3. Advanced Testing Lab
        1. Introduction
        2. Getting comfortable with VirtualBox
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Downloading Windows Targets
          1. Getting ready
          2. How to do it...
        4. Downloading Linux Targets
          1. Getting ready
          2. How to do it...
        5. Attacking WordPress and other applications
          1. Getting ready
          2. How to do it...
          3. There's more...
      11. 4. Information Gathering
        1. Introduction
        2. Service enumeration
          1. How to do it...
        3. Determining network range
          1. How to do it...
          2. How it works...
        4. Identifying active machines
          1. How to do it...
        5. Finding open ports
          1. Getting ready
          2. How to do it...
          3. How it works…
          4. There's more...
        6. Operating system fingerprinting
          1. Getting ready
          2. How to do it...
        7. Service fingerprinting
          1. How to do it...
        8. Threat assessment with Maltego
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        9. Mapping the network
          1. How to do it...
          2. How it works...
          3. There's more...
      12. 5. Vulnerability Assessment
        1. Introduction
        2. Installing, configuring, and starting Nessus
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Nessus – finding local vulnerabilities
          1. Getting ready
          2. How to do it...
        4. Nessus – finding network vulnerabilities
          1. Getting ready
          2. How to do it...
        5. Nessus – finding Linux-specific vulnerabilities
          1. Getting ready
          2. How to do it...
        6. Nessus – finding Windows-specific vulnerabilities
          1. Getting ready
          2. How to do it...
        7. Installing, configuring, and starting OpenVAS
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Setting up an SSH script to start OpenVAS
            2. Using the OpenVAS Desktop
        8. OpenVAS – finding local vulnerabilities
          1. How to do it...
          2. How it works...
          3. There's more...
        9. OpenVAS – finding network vulnerabilities
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        10. OpenVAS – finding Linux-specific vulnerabilities
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        11. OpenVAS – finding Windows-specific vulnerabilities
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      13. 6. Exploiting Vulnerabilities
        1. Introduction
        2. Installing and configuring Metasploitable
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Mastering Armitage, the graphical management tool for Metasploit
          1. Getting ready
          2. How to do it...
          3. See also
        4. Mastering the Metasploit Console (MSFCONSOLE)
          1. Getting ready
          2. How to do it...
          3. There's more...
        5. Mastering the Metasploit CLI (MSFCLI)
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. See also
        6. Mastering Meterpreter
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        7. Metasploitable MySQL
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        8. Metasploitable PostgreSQL
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        9. Metasploitable Tomcat
          1. Getting ready
          2. How to do it...
          3. How it works...
        10. Metasploitable PDF
          1. Getting ready
          2. How to do it...
          3. How it works...
        11. Implementing browser_autopwn
          1. Getting ready
          2. How to do it...
          3. How it works...
      14. 7. Escalating Privileges
        1. Introduction
        2. Using impersonation tokens
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Local privilege escalation attack
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Mastering the Social Engineering Toolkit (SET)
          1. How to do it...
          2. How it works...
          3. There's more...
            1. Delivering your payload to the victim
        5. Collecting the victim's data
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        6. Cleaning up the tracks
          1. Getting ready
          2. How to do it...
          3. How it works...
        7. Creating a persistent backdoor
          1. Getting ready
          2. How to do it...
          3. How it works...
        8. Man In The Middle (MITM) attack
          1. Getting ready
          2. How to do it...
          3. How it works...
      15. 8. Password Attacks
        1. Introduction
        2. Online password attacks
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Cracking HTTP passwords
          1. Getting ready
          2. How to do it...
        4. Gaining router access
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Types of modules
        5. Password profiling
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        6. Cracking a Windows password using John the Ripper
          1. Getting ready
          2. How to do it...
        7. Using dictionary attacks
          1. Getting ready
          2. How to do it...
          3. How it works...
        8. Using rainbow tables
          1. How to do it...
          2. How it works...
        9. Using nVidia Compute Unified Device Architecture (CUDA)
          1. Getting ready
          2. How to do it...
        10. Using ATI Stream
          1. Getting ready
          2. How to do it...
        11. Physical access attacks
          1. How to do it...
          2. How it works...
      16. 9. Wireless Attacks
        1. Introduction
        2. Wireless network WEP cracking
          1. Getting ready
          2. How to do it...
          3. How it works...
        3. Wireless network WPA/WPA2 cracking
          1. Getting ready
          2. How to do it...
          3. How it works...
        4. Automating wireless network cracking
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Accessing clients using a fake AP
          1. Getting ready
          2. How to do it...
          3. How it works...
        6. URL traffic manipulation
          1. How to do it...
          2. How it works...
        7. Port redirection
          1. How to do it...
          2. How it works...
        8. Sniffing network traffic
          1. Getting ready
          2. How to do it...
          3. How it works...
      17. Index