Beginning Ethical Hacking with Kali Linux (eBook)
XX, 417 Seiten
Apress (Verlag)
978-1-4842-3891-2 (ISBN)
Get started in white-hat ethical hacking using Kali Linux. This book starts off by giving you an overview of security trends, where you will learn the OSI security architecture. This will form the foundation for the rest of Beginning Ethical Hacking with Kali Linux. With the theory out of the way, you'll move on to an introduction to VirtualBox, networking, and common Linux commands, followed by the step-by-step procedure to build your own web server and acquire the skill to be anonymous . When you have finished the examples in the first part of your book, you will have all you need to carry out safe and ethical hacking experiments.
After an introduction to Kali Linux, you will carry out your first penetration tests with Python and code raw binary packets for use in those tests. You will learn how to find secret directories on a target system, use a TCP client in Python, and scan ports using NMAP. Along the way you will discover effective ways to collect important information, track email, and use important tools such as DMITRY and Maltego, as well as take a look at the five phases of penetration testing.
The coverage of vulnerability analysis includes sniffing and spoofing, why ARP poisoning is a threat, how SniffJoke prevents poisoning, how to analyze protocols with Wireshark, and using sniffing packets with Scapy. The next part of the book shows you detecting SQL injection vulnerabilities, using sqlmap, and applying brute force or password attacks. Besides learning these tools, you will see how to use OpenVas, Nikto, Vega, and Burp Suite.
The book will explain the information assurance model and the hacking framework Metasploit, taking you through important commands, exploit and payload basics. Moving on to hashes and passwords you will learn password testing and hacking techniques with John the Ripper and Rainbow. You will then dive into classic and modern encryption techniques where you will learn the conventional cryptosystem.
In the final chapter you will acquire the skill of exploiting remote Windows and Linux systems and you will learn how to own a target completely.
- Master common Linux commands and networking techniques
- Build your own Kali web server and learn to be anonymous
- Carry out penetration testing using Python
- Detect sniffing attacks and SQL injection vulnerabilities
- Learn tools such as SniffJoke, Wireshark, Scapy, sqlmap, OpenVas, Nikto, and Burp Suite
- Use Metasploit with Kali Linux
- Exploit remote Windows and Linux systems
Sanjib Sinha is an author and tech writer. A certified .NET Windows and web developer, specializing in Python security programming and PHP, he won Microsoft's Community Contributor Award in 2011. As a published author, Sanjib has written Beginning Laravel and Beginning Ethical Hacking with Python for Apress.
Get started in white-hat ethical hacking using Kali Linux. This book starts off by giving you an overview of security trends, where you will learn the OSI security architecture. This will form the foundation for the rest of Beginning Ethical Hacking with Kali Linux. With the theory out of the way, you'll move on to an introduction to VirtualBox, networking, and common Linux commands, followed by the step-by-step procedure to build your own web server and acquire the skill to be anonymous . When you have finished the examples in the first part of your book, you will have all you need to carry out safe and ethical hacking experiments. After an introduction to Kali Linux, you will carry out your first penetration tests with Python and code raw binary packets for use in those tests. You will learn how to find secret directories on a target system, use a TCP client in Python, and scan ports using NMAP. Along the way you will discover effective ways to collect important information, track email, and use important tools such as DMITRY and Maltego, as well as take a look at the five phases of penetration testing. The coverage of vulnerability analysis includes sniffing and spoofing, why ARP poisoning is a threat, how SniffJoke prevents poisoning, how to analyze protocols with Wireshark, and using sniffing packets with Scapy. The next part of the book shows you detecting SQL injection vulnerabilities, using sqlmap, and applying brute force or password attacks. Besides learning these tools, you will see how to use OpenVas, Nikto, Vega, and Burp Suite. The book will explain the information assurance model and the hacking framework Metasploit, taking you through important commands, exploit and payload basics. Moving on to hashes and passwords you will learn password testing and hacking techniques with John the Ripper and Rainbow. You will then dive into classic and modern encryption techniques where you will learn the conventional cryptosystem. In the final chapter you will acquire the skill of exploiting remote Windows and Linux systems and you will learn how to own a target completely.What You Will LearnMaster common Linux commands and networking techniquesBuild your own Kali web server and learn to be anonymousCarry out penetration testing using PythonDetect sniffing attacks and SQL injection vulnerabilitiesLearn tools such as SniffJoke, Wireshark, Scapy, sqlmap, OpenVas, Nikto, and Burp SuiteUse Metasploit with Kali LinuxExploit remote Windows and Linux systemsWho This Book Is ForDevelopers new to ethical hacking with a basic understanding of Linux programming.
Sanjib Sinha is an author and tech writer. A certified .NET Windows and web developer, specializing in Python security programming and PHP, he won Microsoft's Community Contributor Award in 2011. As a published author, Sanjib has written Beginning Laravel and Beginning Ethical Hacking with Python for Apress.
Disclaimer 4
Table of Contents 6
About the Author 12
About the Technical Reviewer 13
Acknowledgments 14
Introduction 15
Chapter 1: Security Trends 17
Nature and Perspective 19
Before and After the Digital Transformation 22
The OSI Security Architecture 22
Security Attacks, Services, and Mechanisms 26
Timeline of Hacking 30
How to Use Google Hacking Techniques 31
Further Reading 33
Chapter 2: Setting Up a Penetration Testing and Network Security Lab 34
Why Virtualization? 35
Installing VirtualBox 36
Installing Appliances on VirtualBox 38
Installing VirtualBox Guest Addition 44
Installing Metasploitable 46
Installing Windows 48
Installing Kali in VMware 51
Chapter 3: Elementary Linux Commands 56
Finding the Kali Terminal 57
Navigating the File System 59
Working with Text Files 63
Searching Files 64
Writing to the Terminal 66
Working with Directories 67
Setting File Permissions 68
Chapter 4: Know Your Network 75
Networking Layers 75
Internetworking Models 79
OSI 79
TCP/IP 82
Further Reading 83
Chapter 5: How to Build a Kali Web Server 84
Why Do You Need a Web Server? 85
Introducing Sockets 86
Beginning the Web Server 86
Diving into Sockets 89
Installing PyCharm and the Wing IDE Editor 97
How to Stay Anonymous 99
Changing Your Proxy Chain 101
Working with DNS Settings 105
Using a VPN 107
Changing Your MAC Address 113
Chapter 6: Kali Linux from the Inside Out 118
More About Kali Linux Tools 119
Information Gathering 120
Vulnerability Analysis 121
Wireless Attacks 122
Web Applications 122
WPS Tools 123
Exploitation Tools 124
Forensic Tools 124
Sniffing and Spoofing 125
Password Attacks 125
Maintaining Access 126
Reverse Engineering 126
Hardware Hacking 127
Exploring Kali Linux from the Inside 127
Machine Language 127
Registers 128
Why Is Understanding Memory So Important? 129
Editors 130
Hacking Tools 134
Staying Updated with SSH 137
Getting Started 138
Working with Blacklists and Whitelists 141
Securing SSH 143
Connecting to Kali Linux Over SSH 147
Chapter 7: Kali Linux and Python 149
What Is Penetration Testing? 149
First Penetration Using Python 151
Whois Searches for More Information 154
Finding Secret Directories 164
Why Are Web Robots Used? 164
How Does This robots.txt File Work? 165
Finding the Restricted Parts of a Web Site 165
Top-Level Domain Scanning 170
Obtaining a Web Site’s IP Address 173
TCP Client in Python and Services 176
Capturing Raw Binary Packets 182
Port Scanning Using Nmap 186
Importing the Nmap Module 187
What Does Nmap Do? 192
Nmap Network Scanner 195
Chapter 8: Information Gathering 201
Python Virtual Environment 202
Reconnaissance Tools 209
Know the Domain and Hostname 210
E-mail Tracking Made Easy 212
Searching the Internet Archive 214
Passive Information 216
Web Spiders Are Crawling 217
More About Scanning 218
You Can Find Location Too! 225
DMitry, Maltego, and Other Tools 226
Summarizing the Five Phases of Penetration 232
Chapter 9: SQL Mapping 233
Sniffing and Spoofing 233
Packing and Unpacking with Python 235
Why Wireless Media Is Vulnerable 239
ARP Poisoning Is a Threat 240
SniffJoke Prevents Poisoning 241
Analyzing Protocols Using Wireshark 245
Sniffing Packets Using Scapy 246
SQL Injection 253
Detecting SQL Injection Vulnerabilities 254
How to Use sqlmap 255
Brute-Force or Password Attacks 265
Chapter 10: Vulnerability Analysis 271
Overview of Vulnerability Analysis Tools 271
How to Use OpenVas 272
How to Use Nikto 280
How to Use Vega 282
How to Use Burp Suite 288
Chapter 11: Information Assurance Model 295
What the AI Model Is All About 296
How to Tie the Elements Together? 297
How the AI Model Works 299
Why Is the AI Model Important? 301
Further Reading 302
Chapter 12: Introducing Metasploit in Kali Linux 303
Understanding the Metasploit Architecture 304
Summarizing Modules 307
Mixins and Plugins in Ruby 314
Metasploit Console or Interface 316
Exploits and Payloads in Metasploit 320
How to Use Exploit and Payloads 321
How to Start Exploits 327
Chapter 13: Hashes and Passwords 335
Hashes and Encryption 336
Password Testing Tools 339
John the Ripper and Johnny 350
How to Use RainbowCrack 354
Chapter 14: Classic and Modern Encryption 358
Nature and Perspective 359
Models of the Cryptography System 363
Types of Attacks on Encrypted Messages 365
Chapter 15: Exploiting Targets 367
Exploiting Linux with Metasploit 368
Exploiting Samba 369
Exploiting IRC 381
Exploiting Windows with Armitage 390
Index 414
| Erscheint lt. Verlag | 29.11.2018 |
|---|---|
| Zusatzinfo | XX, 417 p. 99 illus. |
| Verlagsort | Berkeley |
| Sprache | englisch |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Mathematik / Informatik ► Informatik ► Programmiersprachen / -werkzeuge | |
| Schlagworte | Encryption • ethicalhacking • Hacking • kalilinux • Linux • Metasploit • OpenSource • Penetration Testing |
| ISBN-10 | 1-4842-3891-5 / 1484238915 |
| ISBN-13 | 978-1-4842-3891-2 / 9781484238912 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 8,3 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
