Kali Linux - An Ethical Hacker's Cookbook电子书

About Packt

Why subscribe?

Packt.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Sections

Getting ready

How to do it…

How it works…

There's more…

See also

Get in touch

Reviews

Disclaimer

Kali - An Introduction

Configuring Kali Linux

Getting ready

How to do it...

How it works...

Configuring the Xfce environment

How to do it...

Configuring the MATE environment

How to do it...

Configuring the LXDE environment

How to do it...

Configuring the E17 environment

How to do it...

Configuring the KDE environment

How to do it...

Prepping with custom tools

Getting ready

How to do it...

Aquatone

Subfinder

There's more...

Zone Walking using DNSRecon

Getting ready

How to do it...

There's more...

Setting up I2P for anonymity

How to do it...

There's more...

Pentesting VPN's ike-scan

Getting ready

How to do it...

Cracking the PSK

There's more...

Setting up proxychains

How to do it...

Using proxychains with Tor

Going on a hunt with Routerhunter

Getting ready

How to do it...

Gathering Intel and Planning Attack Strategies

Getting a list of subdomains

How to do it...

Using Shodan for fun and profit

Getting ready

How to do it...

Shodan Honeyscore

How to do it...

Shodan plugins

How to do it...

Censys

How to do it...

See also

Using Nmap to find open ports

How to do it...

Using scripts

See also

Bypassing firewalls with Nmap

How to do it...

TCP ACK scan (-sA)

TCP Window scan (-sW)

Idle scan

How it works...

Searching for open directories using GoBuster

How to do it...

Hunting for SSL flaws

How to do it...

See also

Automating brute force with BruteSpray

How to do it...

Digging deep with TheHarvester

How to do it...

How it works...

Finding technology behind webapps using WhatWeb

How to do it...

Scanning IPs with masscan

How to do it...

Finding origin servers with CloudBunny

How to do it...

Sniffing around with Kismet

How to do it...

See also

Testing routers with Firewalk

How to do it...

How it works...

Vulnerability Assessment - Poking for Holes

Using the infamous Burp

How to do it...

Exploiting WSDLs with Wsdler

How to do it...

Using Intruder

How to do it...

Using golismero

How to do it...

See also

Exploring Searchsploit

How to do it...

Exploiting routers with routersploit

Getting ready

How to do it...

Using Metasploit

How to do it...

Automating Metasploit

How to do it...

Writing a custom resource script

How to do it...

See also

Setting up a database in Metasploit

How to do it...

Generating payloads with MSFPC

How to do it...

Emulating threats with Cobalt Strike

Getting ready

How to do it...

There's more...

Web App Exploitation - Beyond OWASP Top 10

Exploiting XSS with XSS Validator

Getting ready

How to do it...

Injection attacks with sqlmap

How to do it...

See also

Owning all .svn and .git repositories

How to do it...

Winning race conditions

How to do it...

See also

Exploiting XXEs

How to do it...

See also

Exploiting Jboss with JexBoss

How to do it...

Exploiting PHP Object Injection

How to do it...

See also

Automating vulnerability detection using RapidScan

Getting ready

How to do it...

Backdoors using meterpreter

How to do it...

See also

Backdoors using webshells

How to do it...

Network Exploitation

Introduction

MITM with hamster and ferret

Getting ready

How to do it...

Exploring the msfconsole

How to do it...

Railgun in Metasploit

How to do it...

There's more...

See also

Using the paranoid meterpreter

How to do it...

There's more...

The tale of a bleeding heart

How to do it...

Exploiting Redis

How to do it...

Saying no to SQL – owning MongoDBs

Getting ready

How to do it...

Hacking embedded devices

How to do it...

Exploiting Elasticsearch

How to do it...

See also

Good old Wireshark

Getting ready

How to do it...

See also

This is Sparta

Getting ready

How to do it...

Exploiting Jenkins

How to do it...

See also

Shellver – reverse shell cheatsheet

Getting ready

How to do it...

Generating payloads with MSFvenom Payload Creator (MSFPC)

How to do it...

Wireless Attacks - Getting Past Aircrack-ng

The good old Aircrack

Getting ready

How to do it...

How it works...

Hands-on with Gerix

Getting ready

How to do it...

Dealing with WPAs

How to do it...

Owning employee accounts with Ghost Phisher

How to do it...

Pixie dust attack

Getting ready

How to do it...

See also

Setting up rogue access points with WiFi-Pumpkin

Getting ready

How to do it...

See also

Using Airgeddon for Wi-Fi attacks

How to do it...

See also

Password Attacks - The Fault in Their Stars

Identifying different types of hashes in the wild

How to do it...

See also

Hash-identifier to the rescue

How to do it...

Cracking with Patator

How to do it...

Playing with John the Ripper

How to do it...

See also

Johnny Bravo!

How to do it...

Using ceWL

How to do it...

Generating wordlists with crunch

How to do it...

Using Pipal

How to do it...

Have Shell, Now What?

Spawning a TTY shell

How to do it...

Looking for weaknesses

How to do it...

There's more...

Horizontal escalation

How to do it...

Vertical escalation

How to do it...

Node hopping – pivoting

How to do it...

There's more...

Privilege escalation on Windows

How to do it...

Pulling a plaintext password with Mimikatz

How to do it...

Dumping other saved passwords from the machine

How to do it...

Pivoting

How to do it...

Backdooring for persistance

How to do it...

Age of Empire

Getting ready

How to do it...

See also

Automating Active Directory (AD) exploitation with DeathStar

How to do it...

See also

Exfiltrating data through Dropbox

How to do it...

Data exfiltration using CloakifyFactory

How to do it...

Buffer Overflows

Exploiting stack-based buffer overflows

How to do it...

Exploiting buffer overflows on real software

Getting ready

How to do it...

SEH bypass

How to do it...

See also

Exploiting egg hunters

Getting ready

How to do it...

See also

An overview of ASLR and NX bypass

How to do it...

See also

Elementary, My Dear Watson - Digital Forensics

Using the volatility framework

Getting ready

How to do it...

See also

Using Binwalk

How to do it...

See also

Capturing a forensic image with guymager

How to do it...

Playing with Software-Defined Radios

Radio-frequency scanners

Getting ready

How to do it...

Hands-on with the RTLSDR scanner

How to do it...

Playing around with gqrx

How to do it...

See also

Kalibrating your device for GSM tapping

How to do it...

See also

Decoding ADS-B messages with Dump1090

How to do it...

See also

Kali in Your Pocket - NetHunters and Raspberries

Installing Kali on Raspberry Pi

Getting ready

How to do it...

Installing NetHunter

Getting ready

How to do it...

Superman typing – human interface device (HID) attacks

How to do it...

Can I charge my phone?

How to do it...

Setting up an evil access point

How to do it...

Writing Reports

Using Dradis

How to do it...

Using MagicTree

How to do it...

Using Serpico

Getting ready

How to do it...

Other Books You May Enjoy

Leave a review - let other readers know what you think