Kali Linux Penetration Testing Bible
Autor Gus Khawajaen Limba Engleză Paperback – 2 iun 2021
Remarcăm încă de la primele capitole că Kali Linux Penetration Testing Bible nu este doar un manual de utilizare a uneltelor preinstalate, ci un ghid metodologic riguros. Volumul debutează cu resursele esențiale pentru configurarea infrastructurii de lucru, punând accent pe construirea unui mediu de testare modern, izolat prin Docker, ceea ce asigură o portabilitate și o siguranță sporită în timpul exercițiilor de hacking etic. Apreciem faptul că Gus Khawaja nu presupune o cunoaștere prealabilă a sistemului, alocând spațiu generos pentru stăpânirea terminalului, gestionarea sesiunilor prin Tmux și administrarea permisiunilor în sistemul de fișiere Linux. Structura progresivă a cărții facilitează o tranziție logică de la operarea de bază la strategii complexe de atac și apărare. După consolidarea fundamentelor de Bash și networking, cititorul este ghidat prin etapele critice de recunoaștere (OSINT) și scanare de rețea. Un element distinctiv îl reprezintă secțiunile dedicate analizei rezultatelor și eliminării falselor pozitive, o competență rară în manualele introductive. Dacă Beginning Ethical Hacking with Kali Linux de Sanjib Sinha v-a oferit cadrul teoretic și o introducere în arhitectura de securitate OSI, această carte oferă instrumentele practice și workflow-urile necesare pentru a executa teste de penetrare la nivel profesional. În a doua jumătate a celor peste 500 de pagini, volumul explorează subiecte avansate precum exploatarea vulnerabilităților de tip buffer overflow și tehnicile de mișcare laterală în interiorul unei rețele compromise. Finalul cărții este dedicat automatizării, învățându-ne cum să folosim Python pentru a eficientiza testele repetitive, transformând Kali Linux dintr-o simplă distribuție de nișă într-o platformă de securitate personalizată și scalabilă.
Preț: 206.88 lei
Preț vechi: 258.61 lei
-20%
Puncte Express: 310
Carte disponibilă
Livrare economică 05-19 mai
Livrare express 21-25 aprilie pentru 53.03 lei
Specificații
ISBN-13: 9781119719083
ISBN-10: 1119719089
Pagini: 512
Dimensiuni: 189 x 233 x 28 mm
Greutate: 0.95 kg
Editura: Wiley
Locul publicării:Hoboken, United States
ISBN-10: 1119719089
Pagini: 512
Dimensiuni: 189 x 233 x 28 mm
Greutate: 0.95 kg
Editura: Wiley
Locul publicării:Hoboken, United States
V-ar putea interesa
-
-20%Preț: 347.34 lei434.18 lei -
Clean Code: A Handbook of Agile Software CraftsmanshipRobert Martin-20%Preț: 373.60 lei467.00 lei -
-42%Preț: 71.25 lei122.72 lei -
The Hitchhiker's Guide to the GalaxyDouglas AdamsPreț: 50.96 lei -
Advanced Penetration TestingWil Allsopp-20%Preț: 239.78 lei299.72 lei -
Hands on HackingMatthew Hickey-20%Preț: 226.74 lei283.43 lei -
Linux Command Line and Shell Scripting BibleRichard Blum-20%Preț: 276.36 lei345.44 lei -
Ceh V11 Certified Ethical Hacker Study GuideRic Messier-20%Preț: 246.00 lei307.49 lei -
Python for CybersecurityHoward E Poston-20%Preț: 134.07 lei167.58 lei -
-29%Preț: 258.43 lei366.42 lei -
-20%Preț: 281.90 lei352.37 lei -
Linux Command Line and Shell Scripting BibleRichard Blum-20%Preț: 371.04 lei463.80 lei -
Hacking and SecurityMichael Kofler-20%Preț: 331.19 lei413.99 lei -
Penetration TestingGeorgia Weidman-20%Preț: 251.55 lei314.44 lei -
-37%Preț: 208.82 lei332.89 lei -
Metasploit, 2nd EditionDavid Kennedy-20%Preț: 274.99 lei343.74 lei -
-38%Preț: 175.04 lei282.54 lei -
-37%Preț: 278.51 lei441.84 lei -
Penetration Testing with Kali NetHunterGerald "Tripp" Roybal III-20%Preț: 202.00 lei252.49 lei
De ce să citești această carte
Recomandăm această carte oricărui specialist IT care dorește să treacă de la utilizarea haotică a scripturilor la o metodologie profesionistă de pentesting. Veți câștiga o înțelegere profundă a modului în care atacatorii exploatează sistemele, învățând simultan să construiți apărări solide. Este un ghid practic, ancorat în realitatea fluxurilor de lucru moderne, ideal pentru cei care vizează certificări avansate sau o carieră în securitate cibernetică.
Despre autor
Gus Khawaja este un expert recunoscut în domeniul securității cibernetice, specializat în testarea penetrării și dezvoltarea de soluții de securitate. Cu o experiență vastă în lucrul cu platforme open-source și tehnologii de virtualizare, el s-a remarcat prin capacitatea de a traduce concepte tehnice complexe în fluxuri de lucru aplicabile. Publicarea acestui volum sub egida editurii Wiley confirmă autoritatea sa în domeniu, aducând în fața cititorilor expertiza necesară pentru a naviga ecosistemul Kali Linux într-un mod structurat și eficient.
Notă biografică
Gus Khawaja is an expert in application security and penetration testing. He is a cybersecurity consultant in Montreal, Canada and has a depth of experience working with organizations to protect their assets from cyberattacks. He is a published author and online educator in the field of cybersecurity.
Cuprins
Introduction xx Chapter 1 Mastering the Terminal Window 1 Kali Linux File System 2 Terminal Window Basic Commands 3 Tmux Terminal Window 6 Starting Tmux 6 Tmux Key Bindings 7 Tmux Session Management 7 Navigating Inside Tmux 9 Tmux Commands Reference 9 Managing Users and Groups in Kali 10 Users Commands 10 Groups Commands 14 Managing Passwords in Kali 14 Files and Folders Management in Kali Linux 15 Displaying Files and Folders 15 Permissions 16 Manipulating Files in Kali 19 Searching for Files 20 Files Compression 21 Manipulating Directories in Kali 23 Mounting a Directory 23 Managing Text Files in Kali Linux 24 Vim vs. Nano 26 Searching and Filtering Text 27 Remote Connections in Kali 29 Remote Desktop Protocol 29 Secure Shell 30 SSH with Credentials 30 Passwordless SSH 32 Kali Linux System Management 34 Linux Host Information 36 Linux OS Information 36 Linux Hardware Information 36 Managing Running Services 38 Package Management 39 Process Management 41 Networking in Kali Linux 42 Network Interface 42 IPv4 Private Address Ranges 42 Static IP Addressing 43 DNS 45 Established Connections 46 File Transfers 47 Summary 48 Chapter 2 Bash Scripting 49 Basic Bash Scripting 50 Printing to the Screen in Bash 50 Variables 52 Commands Variable 54 Script Parameters 54 User Input 56 Functions 56 Conditions and Loops 57 Conditions 58 Loops 60 File Iteration 61 Summary 63 Chapter 3 Network Hosts Scanning 65 Basics of Networking 65 Networking Protocols 66 TCP 66 UDP 67 Other Networking Protocols 67 IP Addressing 69 IPv4 69 Subnets and CIDR 69 IPv6 70 Port Numbers 71 Network Scanning 72 Identifying Live Hosts 72 Ping 73 ARP 73 Nmap 73 Port Scanning and Services Enumeration 74 TCP Port SYN Scan 75 UDP 75 Basics of Using Nmap Scans 76 Services Enumeration 77 Operating System Fingerprinting 79 Nmap Scripting Engine 80 NSE Category Scan 82 NSE Arguments 84 DNS Enumeration 84 DNS Brute-Force 85 DNS Zone Transfer 86 DNS Subdomains Tools 87 Fierce 87 Summary 88 Chapter 4 Internet Information Gathering 89 Passive Footprinting and Reconnaissance 90 Internet Search Engines 90 Shodan 91 Google Queries 92 Information Gathering Using Kali Linux 94 Whois Database 95 TheHarvester 97 DMitry 99 Maltego 99 Summary 103 Chapter 5 Social Engineering Attacks 105 Spear Phishing Attacks 105 Sending an E-mail 106 The Social Engineer Toolkit 106 Sending an E-mail Using Python 108 Stealing Credentials 109 Payloads and Listeners 110 Bind Shell vs. Reverse Shell 111 Bind Shell 111 Reverse Shell 112 Reverse Shell Using SET 113 Social Engineering with the USB Rubber Ducky 115 A Practical Reverse Shell Using USB Rubber Ducky and PowerShell 117 Generating a PowerShell Script 118 Starting a Listener 118 Hosting the PowerShell Script 119 Running PowerShell 120 Download and Execute the PS Script 120 Reverse Shell 121 Replicating the Attack Using the USB Rubber Ducky 122 Summary 122 Chapter 6 Advanced Enumeration Phase 125 Transfer Protocols 126 FTP (Port 21) 126 Exploitation Scenarios for an FTP Server 126 Enumeration Workflow 127 Service Scan 127 Advanced Scripting Scan with Nmap 128 More Brute-Forcing Techniques 129 SSH (Port 22) 130 Exploitation Scenarios for an SSH Server 130 Advanced Scripting Scan with Nmap 131 Brute-Forcing SSH with Hydra 132 Advanced Brute-Forcing Techniques 133 Telnet (Port 23) 134 Exploitation Scenarios for Telnet Server 135 Enumeration Workflow 135 Service Scan 135 Advanced Scripting Scan 136 Brute-Forcing with Hydra 136 E-mail Protocols 136 SMTP (Port 25) 137 Nmap Basic Enumeration 137 Nmap Advanced Enumeration 137 Enumerating Users 138 POP3 (Port 110) and IMAP4 (Port 143) 141 Brute-Forcing POP3 E-mail Accounts 141 Database Protocols 142 Microsoft SQL Server (Port 1433) 142 Oracle Database Server (Port 1521) 143 MySQL (Port 3306) 143 CI/CD Protocols 143 Docker (Port 2375) 144 Jenkins (Port 8080/50000) 145 Brute-Forcing a Web Portal Using Hydra 147 Step 1: Enable a Proxy 148 Step 2: Intercept the Form Request 149 Step 3: Extracting Form Data and Brute-Forcing with Hydra 150 Web Protocols 80/443 151 Graphical Remoting Protocols 152 RDP (Port 3389) 152 RDP Brute-Force 152 VNC (Port 5900) 153 File Sharing Protocols 154 SMB (Port 445) 154 Brute-Forcing SMB 156 SNMP (Port UDP 161) 157 SNMP Enumeration 157 Summary 159 Chapter 7 Exploitation Phase 161 Vulnerabilities Assessment 162 Vulnerability Assessment Workflow 162 Vulnerability Scanning with OpenVAS 164 Installing OpenVAS 164 Scanning with OpenVAS 165 Exploits Research 169 SearchSploit 171 Services Exploitation 173 Exploiting FTP Service 173 FTP Login 173 Remote Code Execution 174 Spawning a Shell 177 Exploiting SSH Service 178 SSH Login 178 Telnet Service Exploitation 179 Telnet Login 179 Sniffing for Cleartext Information 180 E-mail Server Exploitation 183 Docker Exploitation 185 Testing the Docker Connection 185 Creating a New Remote Kali Container 186 Getting a Shell into the Kali Container 187 Docker Host Exploitation 188 Exploiting Jenkins 190 Reverse Shells 193 Using Shells with Metasploit 194 Exploiting the SMB Protocol 196 Connecting to SMB Shares 196 SMB Eternal Blue Exploit 197 Summary 198 Chapter 8 Web Application Vulnerabilities 199 Web Application Vulnerabilities 200 Mutillidae Installation 200 Apache Web Server Installation 200 Firewall Setup 201 Installing PHP 201 Database Installation and Setup 201 Mutillidae Installation 202 Cross-Site Scripting 203 Reflected XSS 203 Stored XSS 204 Exploiting XSS Using the Header 205 Bypassing JavaScript Validation 207 SQL Injection 208 Querying the Database 208 Bypassing the Login Page 211 Execute Database Commands Using SQLi 211 SQL Injection Automation with SQLMap 215 Testing for SQL Injection 216 Command Injection 217 File Inclusion 217 Local File Inclusion 218 Remote File Inclusion 219 Cross-Site Request Forgery 220 The Attacker Scenario 221 The Victim Scenario 222 File Upload 223 Simple File Upload 223 Bypassing Validation 225 Encoding 227 OWASP Top 10 228 Summary 229 Chapter 9 Web Penetration Testing and Secure Software Development Lifecycle 231 Web Enumeration and Exploitation 231 Burp Suite Pro 232 Web Pentest Using Burp Suite 232 More Enumeration 245 Nmap 246 Crawling 246 Vulnerability Assessment 247 Manual Web Penetration Testing Checklist 247 Common Checklist 248 Special Pages Checklist 248 Secure Software Development Lifecycle 250 Analysis/Architecture Phase 251 Application Threat Modeling 251 Assets 251 Entry Points 252 Third Parties 252 Trust Levels 252 Data Flow Diagram 252 Development Phase 252 Testing Phase 255 Production Environment (Final Deployment) 255 Summary 255 Chapter 10 Linux Privilege Escalation 257 Introduction to Kernel Exploits and Missing Configurations 258 Kernel Exploits 258 Kernel Exploit: Dirty Cow 258 SUID Exploitation 261 Overriding the Passwd Users File 263 CRON Jobs Privilege Escalation 264 CRON Basics 265 Crontab 265 Anacrontab 266 Enumerating and Exploiting CRON 266 sudoers 268 sudo Privilege Escalation 268 Exploiting the Find Command 268 Editing the sudoers File 269 Exploiting Running Services 270 Automated Scripts 270 Summary 271 Chapter 11 Windows Privilege Escalation 273 Windows System Enumeration 273 System Information 274 Windows Architecture 275 Listing the Disk Drives 276 Installed Patches 276 Who Am I? 276 List Users and Groups 277 Networking Information 279 Showing Weak Permissions 282 Listing Installed Programs 283 Listing Tasks and Processes 283 File Transfers 284 Windows Host Destination 284 Linux Host Destination 285 Windows System Exploitation 286 Windows Kernel Exploits 287 Getting the OS Version 287 Find a Matching Exploit 288 Executing the Payload and Getting a Root Shell 289 The Metasploit PrivEsc Magic 289 Exploiting Windows Applications 293 Running As in Windows 295 PSExec Tool 296 Exploiting Services in Windows 297 Interacting with Windows Services 297 Misconfigured Service Permissions 297 Overriding the Service Executable 299 Unquoted Service Path 299 Weak Registry Permissions 301 Exploiting the Scheduled Tasks 302 Windows PrivEsc Automated Tools 302 PowerUp 302 WinPEAS 303 Summary 304 Chapter 12 Pivoting and Lateral Movement 305 Dumping Windows Hashes 306 Windows NTLM Hashes 306 SAM File and Hash Dump 307 Using the Hash 308 Mimikatz 308 Dumping Active Directory Hashes 310 Reusing Passwords and Hashes 310 Pass the Hash 311 Pivoting with Port Redirection 312 Port Forwarding Concepts 312 SSH Tunneling and Local Port Forwarding 314 Remote Port Forwarding Using SSH 315 Dynamic Port Forwarding 316 Dynamic Port Forwarding Using SSH 316 Summary 317 Chapter 13 Cryptography and Hash Cracking 319 Basics of Cryptography 319 Hashing Basics 320 One-Way Hash Function 320 Hashing Scenarios 321 Hashing Algorithms 321 Message Digest 5 321 Secure Hash Algorithm 323 Hashing Passwords 323 Securing Passwords with Hash 324 Hash-Based Message Authenticated Code 325 Encryption Basics 326 Symmetric Encryption 326 Advanced Encryption Standard 326 Asymmetric Encryption 328 Rivest Shamir Adleman 329 Cracking Secrets with Hashcat 331 Benchmark Testing 332 Cracking Hashes in Action 334 Attack Modes 336 Straight Mode 336 Combinator 337 Mask and Brute-Force Attacks 339 Brute-Force Attack 342 Hybrid Attacks 342 Cracking Workflow 343 Summary 344 Chapter 14 Reporting 345 Overview of Reports in Penetration Testing 345 Scoring Severities 346 Common Vulnerability Scoring System Version 3.1 346 Report Presentation 349 Cover Page 350 History Logs 350 Report Summary 350 Vulnerabilities Section 350 Summary 351 Chapter 15 Assembly Language and Reverse Engineering 353 CPU Registers 353 General CPU Registers 354 Index Registers 355 Pointer Registers 355 Segment Registers 355 Flag Registers 357 Assembly Instructions 358 Little Endian 360 Data Types 360 Memory Segments 361 Addressing Modes 361 Reverse Engineering Example 361 Visual Studio Code for C/C++ 362 Immunity Debugger for Reverse Engineering 363 Summary 368 Chapter 16 Buffer/Stack Overflow 369 Basics of Stack Overflow 369 Stack Overview 370 PUSH Instruction 370 POP Instruction 371 C Program Example 371 Buffer Analysis with Immunity Debugger 372 Stack Overflow 376 Stack Overflow Mechanism 377 Stack Overflow Exploitation 378 Lab Overview 379 Vulnerable Application 379 Phase 1: Testing 379 Testing the Happy Path 379 Testing the Crash 381 Phase 2: Buffer Size 382 Pattern Creation 382 Offset Location 382 Phase 3: Controlling EIP 383 Adding the JMP Instruction 384 Phase 4: Injecting the Payload and Getting a Remote Shell 386 Payload Generation 386 Bad Characters 386 Shellcode Python Script 387 Summary 388 Chapter 17 Programming with Python 389 Basics of Python 389 Running Python Scripts 390 Debugging Python Scripts 391 Installing VS Code on Kali 391 Practicing Python 392 Python Basic Syntaxes 393 Python Shebang 393 Comments in Python 393 Line Indentation and Importing Modules 394 Input and Output 394 Printing CLI Arguments 395 Variables 395 Numbers 395 Arithmetic Operators 397 Strings 397 String Formatting 397 String Functions 398 Lists 399 Reading Values in a List 399 Updating List Items 399 Removing a list item 400 Tuples 400 Dictionary 400 More Techniques in Python 400 Functions 400 Returning Values 401 Optional Arguments 401 Global Variables 402 Changing Global Variables 402 Conditions 403 if/else Statement 403 Comparison Operators 403 Loop Iterations 404 while Loop 404 for Loop 405 Managing Files 406 Exception Handling 407 Text Escape Characters 407 Custom Objects in Python 408 Summary 409 Chapter 18 Pentest Automation with Python 411 Penetration Test Robot 411 Application Workflow 412 Python Packages 414 Application Start 414 Input Validation 415 Code Refactoring 417 Scanning for Live Hosts 418 Ports and Services Scanning 420 Attacking Credentials and Saving the Results 423 Summary 426 Appendix A Kali Linux Desktop at a Glance 427 Downloading and Running a VM of Kali Linux 428 Virtual Machine First Boot 428 Kali Xfce Desktop 429 Kali Xfce Menu 430 Search Bar 430 Favorites Menu Item 430 Usual Applications 432 Other Menu Items 433 Kali Xfce Settings Manager 433 Advanced Network Configuration 435 Appearance 436 Desktop 439 Display 441 File Manager 442 Keyboard 445 MIME Type Editor 447 Mouse and Touchpad 448 Panel 449 Workspaces 450 Window Manager 451 Practical Example of Desktop Customization 454 Edit the Top Panel 454 Adding a New Bottom Panel 454 Changing the Desktop Look 457 Installing Kali Linux from Scratch 458 Summary 466 Appendix B Building a Lab Environment Using Docker 467 Docker Technology 468 Docker Basics 468 Docker Installation 468 Images and Registries 469 Containers 470 Dockerfile 472 Volumes 472 Networking 473 Mutillidae Docker Container 474 Summary 475 Index 477
Descriere scurtă
Your ultimate guide to pentesting with Kali Linux Kali is a popular and powerful Linux distribution used by cybersecurity professionals around the world. Penetration testers must master Kali's varied library of tools to be effective at their work. The Kali Linux Penetration Testing Bible is the hands-on and methodology guide for pentesting with Kali. You'll discover everything you need to know about the tools and techniques hackers use to gain access to systems like yours so you can erect reliable defenses for your virtual assets. Whether you're new to the field or an established pentester, you'll find what you need in this comprehensive guide. * Build a modern dockerized environment * Discover the fundamentals of the bash language in Linux * Use a variety of effective techniques to find vulnerabilities (OSINT, Network Scan, and more) * Analyze your findings and identify false positives and uncover advanced subjects, like buffer overflow, lateral movement, and privilege escalation * Apply practical and efficient pentesting workflows * Learn about Modern Web Application Security Secure SDLC * Automate your penetration testing with Python