Verfügbarkeit: Kali Linux 2 :

Kali Linux 2 :: assuring security by penetration testing /

Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying o...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Johansen, Gerard (VerfasserIn), Heriyanto, Tedi (VerfasserIn), Allen, Lee (Information security specialist) (VerfasserIn), Ali, Shakeel (VerfasserIn)
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Birmingham, UK : Packt Publishing, 2016.
Ausgabe:	Third edition.
Schriftenreihe:	Community experience distilled.
Schlagworte:	Kali Linux. Kali Linux Computer security. Computers > Access control. Sécurité informatique. Ordinateurs > Accès > Contrôle. COMPUTERS / Security / General Computer security Computers > Access control Handbooks and manuals
Online-Zugang:	DE-862 DE-863
Zusammenfassung:	Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town--Kali Linux 2 (aka Sana). Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smootherWho This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn Find out to download and install your own copy of Kali Linux Properly scope and conduct the initial stages of a penetration test Conduct reconnaissance and enumeration of target networks Exploit and gain a foothold on a target system or network Obtain and crack passwords Use the Kali Linux NetHunter install to conduct wireless penetration testing Create proper penetration testing reportsIn Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach.
Beschreibung:	Includes index.
Beschreibung:	1 online resource
ISBN:	9781785886065 1785886061 9781785888427 1785888420

Internformat

MARC


LEADER	00000cam a2200000 i 4500
001	ZDB-4-EBA-ocn969039440
003	OCoLC
005	20241004212047.0
006	m o d
007	tz
008	160922s2016 enk o 001 0 eng d
040			\|a FEM \|b eng \|c FEM \|d OCLCQ \|d COO \|d VT2 \|d N$T \|d AGLDB \|d WYU \|d STF \|d OCLCF \|d BTN \|d AUW \|d INTCL \|d MHW \|d SNK \|d UKAHL \|d CNCEN \|d ERF \|d UKBTH \|d UHL \|d UKMGB \|d MNU \|d LVT \|d OCLCO \|d OCLCQ \|d OCLCO \|d FZL \|d OCLCQ \|d OCLCO \|d OCLCL \|d OCLCQ
015			\|a GBB6B8324 \|2 bnb
016	7		\|a 017986844 \|2 Uk
019			\|a 968017221 \|a 972615704 \|a 974366152 \|a 1066504055 \|a 1076702756 \|a 1105779071 \|a 1112535472 \|a 1112918782 \|a 1113229715 \|a 1118505550 \|a 1125076872 \|a 1351589161 \|a 1380765084
020			\|a 9781785886065 \|q (electronic bk.)
020			\|a 1785886061
020			\|a 9781785888427
020			\|a 1785888420
024	3		\|a 9781785888427
035			\|a (OCoLC)969039440 \|z (OCoLC)968017221 \|z (OCoLC)972615704 \|z (OCoLC)974366152 \|z (OCoLC)1066504055 \|z (OCoLC)1076702756 \|z (OCoLC)1105779071 \|z (OCoLC)1112535472 \|z (OCoLC)1112918782 \|z (OCoLC)1113229715 \|z (OCoLC)1118505550 \|z (OCoLC)1125076872 \|z (OCoLC)1351589161 \|z (OCoLC)1380765084
037			\|a 9094327160646557572 \|b TotalBoox \|f Ebook only \|n www.totalboox.com
050		4	\|a QA76.9.A25
072		7	\|a COM \|x 053000 \|2 bisacsh
082	7		\|a 005.8 \|2 23
049			\|a MAIN
100	1		\|a Johansen, Gerard, \|e author.
245	1	0	\|a Kali Linux 2 : \|b assuring security by penetration testing / \|c Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali.
250			\|a Third edition.
260			\|a Birmingham, UK : \|b Packt Publishing, \|c 2016.
300			\|a 1 online resource
336			\|a text \|b txt \|2 rdacontent
337			\|a computer \|b c \|2 rdamedia
338			\|a online resource \|b cr \|2 rdacarrier
347			\|a text file \|2 rda
490	1		\|a Community experience distilled
500			\|a Includes index.
520			\|a Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town--Kali Linux 2 (aka Sana). Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smootherWho This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn Find out to download and install your own copy of Kali Linux Properly scope and conduct the initial stages of a penetration test Conduct reconnaissance and enumeration of target networks Exploit and gain a foothold on a target system or network Obtain and crack passwords Use the Kali Linux NetHunter install to conduct wireless penetration testing Create proper penetration testing reportsIn Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach.
588	0		\|a Online resource; title from PDF title page (EBSCO, viewed January 8, 2019).
542			\|f Copyright © 2016 Packt Publishing
505	0		\|a Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting.
505	8		\|a The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability.
505	8		\|a Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server.
505	8		\|a Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell.
505	8		\|a Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index.
630	0	0	\|a Kali Linux. \|0 http://id.loc.gov/authorities/names/n2014001932
630	0	7	\|a Kali Linux \|2 fast
650		0	\|a Computer security. \|0 http://id.loc.gov/authorities/subjects/sh90001862
650		0	\|a Computers \|x Access control. \|0 http://id.loc.gov/authorities/subjects/sh85029553
650		6	\|a Sécurité informatique.
650		6	\|a Ordinateurs \|x Accès \|x Contrôle.
650		7	\|a COMPUTERS / Security / General \|2 bisacsh
650		7	\|a Computer security \|2 fast
650		7	\|a Computers \|x Access control \|2 fast
655		7	\|a Handbooks and manuals \|2 fast
700	1		\|a Heriyanto, Tedi, \|e author.
700	1		\|a Allen, Lee \|c (Information security specialist), \|e author. \|1 https://id.oclc.org/worldcat/entity/E39PCjqVyfd9R6JJjMYxthCTVC \|0 http://id.loc.gov/authorities/names/no2021136571
700	1		\|a Ali, Shakeel, \|e author.
758			\|i has work: \|a Kali Linux 2 (Text) \|1 https://id.oclc.org/worldcat/entity/E39PCGgQMTKffQw3yjmhF7D8YP \|4 https://id.oclc.org/worldcat/ontology/hasWork
776	0	8	\|i Print version: \|a Johansen, Gerard. \|t Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition. \|d Birmingham : Packt Publishing, Limited, ©2016
830		0	\|a Community experience distilled. \|0 http://id.loc.gov/authorities/names/no2011030603
966	4	0	\|l DE-862 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1358184 \|3 Volltext
966	4	0	\|l DE-863 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1358184 \|3 Volltext
938			\|a Askews and Holts Library Services \|b ASKH \|n AH31403936
938			\|a EBSCOhost \|b EBSC \|n 1358184
994			\|a 92 \|b GEBAY
912			\|a ZDB-4-EBA
049			\|a DE-862
049			\|a DE-863

Datensatz im Suchindex

DE-BY-FWS_katkey	ZDB-4-EBA-ocn969039440
_version_	1826942139517370368
adam_text
any_adam_object
author	Johansen, Gerard Heriyanto, Tedi Allen, Lee (Information security specialist) Ali, Shakeel
author_GND	http://id.loc.gov/authorities/names/no2021136571
author_facet	Johansen, Gerard Heriyanto, Tedi Allen, Lee (Information security specialist) Ali, Shakeel
author_role	aut aut aut aut
author_sort	Johansen, Gerard
author_variant	g j gj t h th l a la s a sa
building	Verbundindex
bvnumber	localFWS
callnumber-first	Q - Science
callnumber-label	QA76
callnumber-raw	QA76.9.A25
callnumber-search	QA76.9.A25
callnumber-sort	QA 276.9 A25
callnumber-subject	QA - Mathematics
collection	ZDB-4-EBA
contents	Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting. The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability. Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server. Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell. Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index.
ctrlnum	(OCoLC)969039440
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
edition	Third edition.
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>13584cam a2200745 i 4500</leader><controlfield tag="001">ZDB-4-EBA-ocn969039440</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">tz</controlfield><controlfield tag="008">160922s2016 enk o 001 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">FEM</subfield><subfield code="b">eng</subfield><subfield code="c">FEM</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">COO</subfield><subfield code="d">VT2</subfield><subfield code="d">N$T</subfield><subfield code="d">AGLDB</subfield><subfield code="d">WYU</subfield><subfield code="d">STF</subfield><subfield code="d">OCLCF</subfield><subfield code="d">BTN</subfield><subfield code="d">AUW</subfield><subfield code="d">INTCL</subfield><subfield code="d">MHW</subfield><subfield code="d">SNK</subfield><subfield code="d">UKAHL</subfield><subfield code="d">CNCEN</subfield><subfield code="d">ERF</subfield><subfield code="d">UKBTH</subfield><subfield code="d">UHL</subfield><subfield code="d">UKMGB</subfield><subfield code="d">MNU</subfield><subfield code="d">LVT</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">FZL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">OCLCQ</subfield></datafield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBB6B8324</subfield><subfield code="2">bnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">017986844</subfield><subfield code="2">Uk</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">968017221</subfield><subfield code="a">972615704</subfield><subfield code="a">974366152</subfield><subfield code="a">1066504055</subfield><subfield code="a">1076702756</subfield><subfield code="a">1105779071</subfield><subfield code="a">1112535472</subfield><subfield code="a">1112918782</subfield><subfield code="a">1113229715</subfield><subfield code="a">1118505550</subfield><subfield code="a">1125076872</subfield><subfield code="a">1351589161</subfield><subfield code="a">1380765084</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781785886065</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1785886061</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781785888427</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1785888420</subfield></datafield><datafield tag="024" ind1="3" ind2=" "><subfield code="a">9781785888427</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)969039440</subfield><subfield code="z">(OCoLC)968017221</subfield><subfield code="z">(OCoLC)972615704</subfield><subfield code="z">(OCoLC)974366152</subfield><subfield code="z">(OCoLC)1066504055</subfield><subfield code="z">(OCoLC)1076702756</subfield><subfield code="z">(OCoLC)1105779071</subfield><subfield code="z">(OCoLC)1112535472</subfield><subfield code="z">(OCoLC)1112918782</subfield><subfield code="z">(OCoLC)1113229715</subfield><subfield code="z">(OCoLC)1118505550</subfield><subfield code="z">(OCoLC)1125076872</subfield><subfield code="z">(OCoLC)1351589161</subfield><subfield code="z">(OCoLC)1380765084</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">9094327160646557572</subfield><subfield code="b">TotalBoox</subfield><subfield code="f">Ebook only</subfield><subfield code="n">www.totalboox.com</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">053000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Johansen, Gerard,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Kali Linux 2 :</subfield><subfield code="b">assuring security by penetration testing /</subfield><subfield code="c">Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Third edition.</subfield></datafield><datafield tag="260" ind1=" " ind2=" "><subfield code="a">Birmingham, UK :</subfield><subfield code="b">Packt Publishing,</subfield><subfield code="c">2016.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="347" ind1=" " ind2=" "><subfield code="a">text file</subfield><subfield code="2">rda</subfield></datafield><datafield tag="490" ind1="1" ind2=" "><subfield code="a">Community experience distilled</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index.</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town--Kali Linux 2 (aka Sana). Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smootherWho This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn Find out to download and install your own copy of Kali Linux Properly scope and conduct the initial stages of a penetration test Conduct reconnaissance and enumeration of target networks Exploit and gain a foothold on a target system or network Obtain and crack passwords Use the Kali Linux NetHunter install to conduct wireless penetration testing Create proper penetration testing reportsIn Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach.</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from PDF title page (EBSCO, viewed January 8, 2019).</subfield></datafield><datafield tag="542" ind1=" " ind2=" "><subfield code="f">Copyright © 2016 Packt Publishing</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index.</subfield></datafield><datafield tag="630" ind1="0" ind2="0"><subfield code="a">Kali Linux.</subfield><subfield code="0">http://id.loc.gov/authorities/names/n2014001932</subfield></datafield><datafield tag="630" ind1="0" ind2="7"><subfield code="a">Kali Linux</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh90001862</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computers</subfield><subfield code="x">Access control.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85029553</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Sécurité informatique.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Ordinateurs</subfield><subfield code="x">Accès</subfield><subfield code="x">Contrôle.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Security / General</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computers</subfield><subfield code="x">Access control</subfield><subfield code="2">fast</subfield></datafield><datafield tag="655" ind1=" " ind2="7"><subfield code="a">Handbooks and manuals</subfield><subfield code="2">fast</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Heriyanto, Tedi,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Allen, Lee</subfield><subfield code="c">(Information security specialist),</subfield><subfield code="e">author.</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCjqVyfd9R6JJjMYxthCTVC</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2021136571</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Ali, Shakeel,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Kali Linux 2 (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCGgQMTKffQw3yjmhF7D8YP</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Johansen, Gerard.</subfield><subfield code="t">Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition.</subfield><subfield code="d">Birmingham : Packt Publishing, Limited, ©2016</subfield></datafield><datafield tag="830" ind1=" " ind2="0"><subfield code="a">Community experience distilled.</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2011030603</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-862</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1358184</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-863</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1358184</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Askews and Holts Library Services</subfield><subfield code="b">ASKH</subfield><subfield code="n">AH31403936</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">1358184</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-862</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection>
genre	Handbooks and manuals fast
genre_facet	Handbooks and manuals
id	ZDB-4-EBA-ocn969039440
illustrated	Not Illustrated
indexdate	2025-03-18T14:23:15Z
institution	BVB
isbn	9781785886065 1785886061 9781785888427 1785888420
language	English
oclc_num	969039440
open_access_boolean
owner	MAIN DE-862 DE-BY-FWS DE-863 DE-BY-FWS
owner_facet	MAIN DE-862 DE-BY-FWS DE-863 DE-BY-FWS
physical	1 online resource
psigel	ZDB-4-EBA FWS_PDA_EBA ZDB-4-EBA
publishDate	2016
publishDateSearch	2016
publishDateSort	2016
publisher	Packt Publishing,
record_format	marc
series	Community experience distilled.
series2	Community experience distilled
spelling	Johansen, Gerard, author. Kali Linux 2 : assuring security by penetration testing / Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali. Third edition. Birmingham, UK : Packt Publishing, 2016. 1 online resource text txt rdacontent computer c rdamedia online resource cr rdacarrier text file rda Community experience distilled Includes index. Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition!About This Book Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town--Kali Linux 2 (aka Sana). Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smootherWho This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn Find out to download and install your own copy of Kali Linux Properly scope and conduct the initial stages of a penetration test Conduct reconnaissance and enumeration of target networks Exploit and gain a foothold on a target system or network Obtain and crack passwords Use the Kali Linux NetHunter install to conduct wireless penetration testing Create proper penetration testing reportsIn Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach. Online resource; title from PDF title page (EBSCO, viewed January 8, 2019). Copyright © 2016 Packt Publishing Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting. The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability. Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server. Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell. Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index. Kali Linux. http://id.loc.gov/authorities/names/n2014001932 Kali Linux fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Sécurité informatique. Ordinateurs Accès Contrôle. COMPUTERS / Security / General bisacsh Computer security fast Computers Access control fast Handbooks and manuals fast Heriyanto, Tedi, author. Allen, Lee (Information security specialist), author. https://id.oclc.org/worldcat/entity/E39PCjqVyfd9R6JJjMYxthCTVC http://id.loc.gov/authorities/names/no2021136571 Ali, Shakeel, author. has work: Kali Linux 2 (Text) https://id.oclc.org/worldcat/entity/E39PCGgQMTKffQw3yjmhF7D8YP https://id.oclc.org/worldcat/ontology/hasWork Print version: Johansen, Gerard. Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition. Birmingham : Packt Publishing, Limited, ©2016 Community experience distilled. http://id.loc.gov/authorities/names/no2011030603
spellingShingle	Johansen, Gerard Heriyanto, Tedi Allen, Lee (Information security specialist) Ali, Shakeel Kali Linux 2 : assuring security by penetration testing / Community experience distilled. Cover -- Copyright -- Credits -- Disclaimer -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Table of Contents -- Preface -- Chapter 1: Beginning with Kali Linux -- A brief history of Kali Linux -- Kali Linux tool categories -- Downloading Kali Linux -- Using Kali Linux -- Running Kali using Live DVD -- Installing on a hard disk -- Installing Kali on a physical machine -- Installing kali on a virtual machine -- Saving or Moving the Virtual Machine -- Installing Kali on a USB disk -- Configuring the Virtual Machine -- VirtualBox Guest Additions -- Setting up Networking -- Setting up a wired connection -- Setting up a wireless connection -- Updating Kali Linux -- Network services in Kali Linux -- HTTP -- MySQL -- SSH -- Installing a vulnerable server -- Installing additional weapons -- Installing the Nessus vulnerability scanner -- Installing the Cisco password cracker -- Summary -- Chapter 2: Penetration Testing Methodology -- Types of penetration testing -- Black box testing -- White box testing -- Gray box testing -- Deciding on a test -- Vulnerability assessment versus penetration testing -- Security testing methodologies -- Open Source Security Testing Methodology Manual -- Key features and benefits of OSSTMM -- Information Systems Security Assessment Framework -- Key features and benefits of ISSAF -- Open Web Application Security Project -- Key features and benefits of OWASP -- Web Application Security Consortium Threat Classification -- Key features and benefits of WASC-TC -- Penetration Testing Execution Standard -- Key features and benefits of PTES -- General penetration testing framework -- Target scoping -- Information gathering -- Target discovery -- Enumerating target -- Vulnerability mapping -- Social engineering -- Target exploitation -- Privilege escalation -- Maintaining access -- Documentation and reporting. The ethics -- Summary -- Chapter 3: Target Scoping -- Gathering client requirements -- Creating the customer requirements form -- The deliverables assessment form -- Preparing the test plan -- The test plan checklist -- Profiling test boundaries -- Defining business objectives -- Project management and scheduling -- Summary -- Chapter 4 : Information Gathering -- Open Source Intelligence -- Using public resources -- Querying the domain registration information -- Analyzing the DNS records -- Host -- dig -- dnsenum -- fierce -- DMitry -- Maltego -- Getting network routing information -- tcptraceroute -- tctrace -- Utilizing the search engine -- theharvester -- SimplyEmail -- Metagoofil -- Accessing leaked information -- The Onion Router -- Installing the TOR Browser -- Summary -- Chapter 5: Target Discovery -- Starting off with target discovery -- Identifying the target machine -- ping -- arping -- fping -- hping3 -- nping -- alive6 -- detect-new-ip6 -- passive_discovery6 -- nbtscan -- OS fingerprinting -- p0f -- Nmap -- Summary -- Chapter 6: Enumerating Target -- Introducing port scanning -- Understanding the TCP/IP protocol -- Understanding the TCP and UDP message format -- The network scanner -- Nmap -- Nmap target specification -- Nmap TCP scan options -- Nmap UDP scan options -- Nmap port specification -- Nmap output options -- Nmap timing options -- Useful Nmap options -- Service version detection -- Operating system detection -- Disabling host discovery -- Aggressive scan -- Nmap for scanning the IPv6 target -- The Nmap scripting engine -- Nmap options for Firewall/IDS evasion -- Unicornscan -- Zenmap -- Amap -- SMB enumeration -- SNMP enumeration -- onesixtyone -- snmpcheck -- VPN enumeration -- ike-scan -- Summary -- Chapter 7: Vulnerability Mapping -- Types of vulnerabilities -- Local vulnerability -- Remote vulnerability. Vulnerability taxonomy -- Automated vulnerability scanning -- Nessus -- Network vulnerability scanning -- Cisco analysis -- Cisco auditing tool -- Cisco global exploiter -- SMB analysis -- Impacketsamrdump -- SNMP analysis -- SNMP Walk -- Web application analysis -- Nikto2 -- OWASP ZAP -- Burp Suite -- Paros proxy -- W3AF -- WafW00f -- WebScarab -- Fuzz analysis -- BED -- JBroFuzz -- Database assessment tools -- SQLMap -- SQL Ninja -- Summary -- Chapter 8: Social Engineering -- Modeling the human psychology -- Attack process -- Attack methods -- Impersonation -- Reciprocation -- Influential authority -- Scarcity -- Social relationship -- Curiosity -- Social Engineering Toolkit -- Anonymous USB Attack -- Summary -- Chapter 9: Target Exploitation -- Vulnerability research -- Vulnerability and exploit repositories -- Advanced exploitation toolkit -- MSFConsole -- MSFCLI -- Ninja 101 drills -- Scenario 1 -- Scenario 2 -- SMB usernames -- VNC blank authentication scanner -- PostGRESQL login -- Scenario 3 -- Bind shell -- Reverse shell -- Meterpreter -- Scenario 4 -- Generating a binary backdoor -- Automated browser exploitation -- Writing exploit modules -- Summary -- Chapter 10: Privilege Escalation -- Privilege escalation using a local exploit -- Password attack tools -- Offline attack tools -- hash-identifier -- Hashcat -- RainbowCrack -- samdump2 -- John -- Johnny -- Ophcrack -- Crunch -- Online attack tools -- CeWL -- Hydra -- Medusa -- Mimikatz -- Network spoofing tools -- DNSChef -- Setting up a DNS proxy -- Faking a domain -- arpspoof -- Ettercap -- Network sniffers -- dsniff -- tcpdump -- Wireshark -- Summary -- Chapter 11: Maintaining Access -- Using operating system backdoors -- Cymothoa -- Intersect -- The meterpreter backdoor -- Working with tunneling tools -- dns2tcp -- iodine -- Configuring the DNS server -- Running the iodine server. Running the iodine client -- ncat -- proxychains -- ptunnel -- socat -- Getting HTTP header information -- Transferring files -- sslh -- stunnel4 -- Creating web backdoors -- WeBaCoo -- PHP meterpreter -- Summary -- Chapter 12: Wireless Penetration Testing -- Wireless networking -- Overview of 802.11 -- Wired Equivalent Privacy Standard -- Wi-Fi Protected Access -- Wireless network recon -- Antennas -- Iwlist -- Kismet -- WAIDPS -- Wireless testing tools -- Aircrack-ng -- WPA Pre-shared Key cracking -- WEP cracking -- PixieWPS -- Wifite -- Fern Wifi Cracker -- Post cracking -- MAC spoofing -- Persistence -- Sniffing wireless traffic -- Sniffing WLAN traffic -- Passive sniffing -- Summary -- Chapter 13: Kali Nethunter -- Kali Nethunter -- Deployment -- Network deployment -- Wireless deployment -- Host deployment -- Installing Kali Nethunter -- Nethunter icons -- Nethunter tools -- Nmap -- Metasploit -- MAC changer -- Third-party applications -- Wireless attacks -- Wireless scanning -- Nethunter tools -- Third-party apps -- WPA/WPA2 cracking -- WPS cracking -- Evil AP attack -- Mana Evil AP -- HID attacks -- Summary -- Chapter 14: Documentation and Reporting -- Documentation and results verification -- Types of reports -- The executive report -- The management report -- The technical report -- Network penetration testing report (sample contents) -- Preparing your presentation -- Post-testing procedures -- Summary -- Appendix A: Supplementary Tools -- Reconnaissance tool -- Vulnerability scanner -- NeXpose Community Edition -- Installing NeXpose -- Starting the NeXpose community -- Logging in to the NeXpose community -- Using the NeXpose community -- Web application tools -- Vega -- BlindElephant -- Network tool -- Netcat -- Open connection -- Service banner grabbing -- Creating a simple chat server -- File transfer -- Portscanning -- Backdoor shell. Reverse shell -- Summary -- Appendix B: Key Resources -- Vulnerability disclosure and tracking -- Paid incentive programs -- Reverse engineering resources -- Penetration testing learning resources -- Exploit development learning resources -- Penetration testing on a vulnerable environment -- Online web application challenges -- Virtual machines and ISO images -- Network ports -- Index. Kali Linux. http://id.loc.gov/authorities/names/n2014001932 Kali Linux fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Sécurité informatique. Ordinateurs Accès Contrôle. COMPUTERS / Security / General bisacsh Computer security fast Computers Access control fast
subject_GND	http://id.loc.gov/authorities/names/n2014001932 http://id.loc.gov/authorities/subjects/sh90001862 http://id.loc.gov/authorities/subjects/sh85029553
title	Kali Linux 2 : assuring security by penetration testing /
title_auth	Kali Linux 2 : assuring security by penetration testing /
title_exact_search	Kali Linux 2 : assuring security by penetration testing /
title_full	Kali Linux 2 : assuring security by penetration testing / Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali.
title_fullStr	Kali Linux 2 : assuring security by penetration testing / Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali.
title_full_unstemmed	Kali Linux 2 : assuring security by penetration testing / Gerard Johansen, Tedi Heriyanto, Lee Allen, Shakeel Ali.
title_short	Kali Linux 2 :
title_sort	kali linux 2 assuring security by penetration testing
title_sub	assuring security by penetration testing /
topic	Kali Linux. http://id.loc.gov/authorities/names/n2014001932 Kali Linux fast Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computers Access control. http://id.loc.gov/authorities/subjects/sh85029553 Sécurité informatique. Ordinateurs Accès Contrôle. COMPUTERS / Security / General bisacsh Computer security fast Computers Access control fast
topic_facet	Kali Linux. Kali Linux Computer security. Computers Access control. Sécurité informatique. Ordinateurs Accès Contrôle. COMPUTERS / Security / General Computer security Computers Access control Handbooks and manuals
work_keys_str_mv	AT johansengerard kalilinux2assuringsecuritybypenetrationtesting AT heriyantotedi kalilinux2assuringsecuritybypenetrationtesting AT allenlee kalilinux2assuringsecuritybypenetrationtesting AT alishakeel kalilinux2assuringsecuritybypenetrationtesting

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Volltext öffnen

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge