万本电子书0元读

万本电子书0元读

顶部广告

Kali Linux Network Scanning Cookbook - Second Edition电子书

售       价:¥

7人正在读 | 0人评论 9.8

作       者:Michael Hixon,Justin Hutchens

出  版  社:Packt Publishing

出版时间:2017-05-26

字       数:47.3万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
Over 100 practical recipes that leverage custom *s and integrated tools in Kali Linux to help you effectively master network scanning About This Book ? Learn the fundamentals behind commonly used scanning techniques ? Deploy powerful scanning tools that are integrated into the Kali Linux testing platform ? The practical recipes will help you automate menial tasks and build your own * library Who This Book Is For This book is for information security professionals and casual security enthusiasts alike. It provides foundational principles if you’re a novice, but will also introduce *ing techniques and in-depth analysis if you’re more advanced. Whether you are brand new to Kali Linux or a seasoned veteran, this book will help you both understand and ultimately master many of the most powerful and useful scanning techniques in the industry. It is assumed that you have some basic security testing experience. What You Will Learn ? Develop a network-testing environment to test scanning tools and techniques ? Understand the principles of network-scanning tools by building *s and tools ? Identify distinct vulnerabilities in web apps and remote services and learn how they are exploited ? Perform comprehensive scans to identify listening on TCP and UDP sockets ? Get started with different Kali desktop environments--KDE, MATE, LXDE, and Xfce ? Use Sparta for information gathering, port scanning, fingerprinting, vulnerability scanning, and more ? Evaluate DoS threats and learn how common DoS attacks are performed ? Learn how to use Burp Suite to evaluate web applications In Detail With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to * your very own tools. Starting with the fundamentals of installing and managing Kali Linux, this book will help you map your target with a wide range of network scanning tasks, including discovery, port scanning, fingerprinting, and more. You will learn how to utilize the arsenal of tools available in Kali Linux to conquer any network environment. The book offers expanded coverage of the popular Burp Suite and has new and updated *s for automating scanning and target exploitation. You will also be shown how to identify remote services, how to assess security risks, and how various attacks are performed. You will cover the latest features of Kali Linux 2016.2, which includes the enhanced Sparta tool and many other exciting updates. This immersive guide will also encourage the creation of personally *ed tools and the skills required to create them. Style and approach This step-by-step guide is full of recipes that will help you use integrated scanning tools in Kali Linux and develop custom *s to make new and unique tools of your own.
目录展开

Title Page

Copyright

Credits

About the Authors

About the Reviewer

www.PacktPub.com

Customer Feedback

Preface

What this book covers

What you need for this book

Who this book is for

Sections

Getting ready

How to do it…

How it works…

There's more…

See also

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

Getting Started

Introduction

Configuring a security lab with VMware Player (Windows)

Getting ready

How to do it...

How it works...

Configuring a security lab with VMware Fusion (macOS)

Getting ready

How to do it...

How it works...

Installing Ubuntu Server

Getting ready

How to do it...

How it works...

Installing Metasploitable2

Getting ready

How to do it...

How it works...

Installing Windows Server

Getting ready

How to do it...

How it works...

Increasing the Windows attack surface

Getting ready

How to do it...

How it works...

Installing Kali Linux

Getting ready

How to do it...

How it works...

Using text editors (Vim and GNU nano)

Getting ready

How to do it...

How it works...

Keeping Kali updated

Getting ready

How to do it...

How it works...

Managing Kali services

Getting ready

How to do it...

How it works...

Configuring and using SSH

Getting ready

How to do it...

How it works...

Installing Nessus on Kali Linux

Getting ready

How to do it...

How it works...

Reconnaissance

Introduction

Using Google to find subdomains

Getting ready

How to do it...

How it works...

Finding e-mail addresses using theHarvester

Getting ready

How to do it...

How it works...

Enumerating DNS using the host command

Getting ready

How to do it...

How it works...

Enumerating DNS using DNSRecon

Getting ready

How to do it...

Standard DNS enumeration

Reverse lookups

Zone transfer

How it works...

Enumerating DNS using the dnsenum command

Getting ready

How to do it...

Default settings

Brute-force

How it works...

Discovery

Introduction

Knowing the OSI model

Using Scapy to perform host discovery (layers 2/3/4)

Getting ready

How to do it...

Layer 2 discovery - ARP

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using Nmap to perform host discovery (layers 2/3/4)

Getting ready

How to do it...

Layer 2 discovery - ARP

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using ARPing to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using netdiscover to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using Metasploit to perform host discovery (layer 2)

Getting ready

How to do it...

How it works...

Using hping3 to perform host discovery (layers 3/4)

Getting ready

How to do it...

Layer 3 discovery - ICMP

Layer 4 discovery - TCP and UDP

How it works...

Using ICMP to perform host discovery

Getting ready

How to do it...

How it works...

Using fping to perform host discovery

Getting ready

How to do it...

How it works...

Port Scanning

Introduction

UDP port scanning

TCP port scanning

Port scanning with Scapy (UDP, stealth, connect, and zombie)

Getting ready

How to do it...

UDP port scanning with Scapy

Stealth scanning with Scapy

Connect scanning with Scapy

Zombie scanning with Scapy

How it works...

Port scanning with Nmap (UDP, stealth, connect, zombie)

Getting ready

How to do it...

UDP scanning with Nmap

Stealth scanning with Nmap

Connect scanning with Nmap

Zombie scanning with Nmap

How it works...

Port scanning with Metasploit(UDP, stealth, and connect)

Getting ready

How to do it...

UDP scanning with Metasploit

Stealth scanning with Metasploit

Connect scanning with Metasploit

How it works...

Port scanning with hping3 (stealth)

Getting ready

How to do it...

How it works...

Port scanning with DMitry (connect)

Getting ready

How to do it...

How it works...

Port scanning with Netcat (connect)

Getting ready

How to do it...

How it works...

Port scanning with masscan (stealth)

Getting ready

How to do it...

How it works...

Fingerprinting

Introduction

Banner grabbing with Netcat

Getting ready

How to do it...

How it works...

Banner grabbing with Python sockets

Getting ready

How to do it....

How it works...

Banner grabbing with DMitry

Getting ready

How to do it...

How it works...

Banner grabbing with Nmap NSE

Getting ready

How to do it...

How it works...

Banner grabbing with Amap

Getting ready

How to do it...

How it works...

Service identification with Nmap

Getting ready

How to do it...

How it works...

Service identification with Amap

Getting ready

How to do it...

How it works...

Operating system identification with Scapy

Getting ready

How to do it...

How it works...

Operating system identification with Nmap

Getting ready

How to do it...

How it works...

Operating system identification with xprobe2

Getting ready

How to do it...

How it works...

Passive operating system identification with p0f

Getting ready

How to do it...

How it works...

SNMP analysis with Onesixtyone

Getting ready

How to do it...

How it works...

SNMP analysis with SNMPwalk

Getting ready

How to do it...

How it works...

Firewall identification with Scapy

Getting ready

How to do it...

How it works...

Firewall identification with Nmap

Getting ready

How to do it...

How it works...

Firewall identification with Metasploit

Getting ready

How to do it...

How it works...

Vulnerability Scanning

Introduction

Vulnerability scanning with the Nmap Scripting Engine

Getting ready

How to do it...

How it works...

Vulnerability scanning with MSF auxiliary modules

Getting ready

How to do it...

How it works...

Creating scan policies with Nessus

Getting ready

How to do it...

How it works...

Vulnerability scanning with Nessus

Getting ready

How to do it...

How it works...

Vulnerability scanning with OpenVAS

Getting ready

How to do it...

How it works...

Validating vulnerabilities with HTTP interaction

Getting ready

How to do it...

How it works...

Validating vulnerabilities with ICMP interaction

Getting ready

How to do it...

How it works...

Denial of Service

Introduction

Fuzz testing to identify buffer overflows

Getting ready

How to do it...

How it works...

Remote FTP service buffer-overflow DoS

Getting ready

How to do it...

How it works...

Smurf DoS attack

Getting ready

How to do it...

How it works...

DNS amplification DoS attacks

Getting ready

How to do it...

How it works...

SNMP amplification DoS attack

Getting ready

How to do it...

How it works...

SYN flood DoS attack

Getting ready

How to do it...

How it works...

Sock stress DoS attack

Getting ready

How to do it...

How it works...

DoS attacks with Nmap NSE

Getting ready

How to do it...

How it works...

DoS attacks with Metasploit

Getting ready

How to do it...

How it works...

DoS attacks with the exploit database

Getting ready

How to do it...

How it works...

Working with Burp Suite

Introduction

Configuring Burp Suite on Kali Linux

Getting ready

How to do it...

How it works...

Defining a web application target with Burp Suite

Getting ready

How to do it...

How it works...

Using Burp Suite Spider

Getting ready

How to do it...

How it works...

Using Burp Suite Proxy

Getting ready

How to do it...

How it works...

Using Burp Suite engagement tools

Getting ready

How to do it...

How it works...

Using the Burp Suite web application scanner

Getting ready

How to do it...

How it works...

Using Burp Suite Intruder

Getting ready

How to do it...

How it works...

Using Burp Suite Comparer

Getting ready

How to do it...

How it works...

Using Burp Suite Repeater

Getting ready

How to do it...

How it works...

Using Burp Suite Decoder

Getting ready

How to do it...

How it works...

Using Burp Suite Sequencer

Getting ready

How to do it...

How it works...

Using Burp Suite Extender

Getting ready

How to do it...

How it works...

Using Burp Suite Clickbandit

Getting ready

How to do it...

How it works...

Web Application Scanning

Introduction

Web application scanning with Nikto

Getting ready

How to do it...

How it works...

SSL/TLS scanning with SSLScan

Getting ready

How to do it...

How it works...

SSL/TLS scanning with SSLyze

Getting ready

How to do it...

How it works...

GET method SQL injection with sqlmap

Getting ready

How to do it...

How it works...

POST method SQL injection with sqlmap

Getting ready

How to do it...

How it works...

Requesting a capture SQL injection with sqlmap

Getting ready

How to do it...

How it works...

Automating CSRF testing

Getting ready

How to do it...

How it works...

Validating command-injection vulnerabilities with HTTP traffic

Getting ready

How to do it...

How it works...

Validating command-injection vulnerabilities with ICMP traffic

Getting ready

How to do it...

How it works...

Attacking the Browser with BeEF

Hooking the browser withBeEF

Getting ready

How to do it...

How it works...

Collecting information with BeEF

Getting ready

How to do it...

How it works...

Creating a persistent connection with BeEF

Getting ready

How to do it...

How it works...

Integrating BeEF and Metasploit

Getting ready

How to do it...

How it works...

Using the BeEF autorule engine

Getting ready

How to do it...

How it works...

Working with Sparta

Information gathering with Sparta

Getting ready

How to do it...

How it works...

Creating custom commands for Sparta

Getting ready

How to do it...

How it works...

Port scanning with Sparta

Getting ready

How to do it...

How it works...

Fingerprinting with Sparta

Getting ready

How to do it...

How it works...

Vulnerability scanning with Sparta

Getting ready

How to do it...

How it works...

Web application scanning with Sparta

Getting ready

How to do it...

How it works...

Automating Kali Tools

Introduction

Nmap greppable output analysis

Getting ready

How to do it...

How it works...

Port scanning with NMAP NSE execution

Getting ready

How to do it...

How it works...

Automate vulnerability scanning with NSE

Getting ready

How to do it...

How it works...

Automate web application scanning with Nikto

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with reverse shell payload

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with backdoor executable

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with ICMP verification

Getting ready

How to do it...

How it works...

Multithreaded MSF exploitation with admin account creation

Getting ready

How to do it...

How it works...

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部