Basic security testing with kali linux

Basic Security Testing with Kali Linux

Download Free PDF View PDF

The game of security cannot be successful without understanding the rules of engagement. The long-term and sophisticated attacks target companies, governments and political activists. These incidents happen for different industries as well. A new class of threat called Advanced Persistent Threat (APT) has emerged and is described as cyber intrusions against military organisations. The term APT has been overloaded and means different things to different people — for example, some people refer to attacks from China, and others consider all attacks as part of the APT. This dissertation proposed framework allows the incident response team to detect APTs more efficiently and improve the knowledge of the incident response team about the phases of the attack by identifying and detecting various indicators of the adversary’s attack. The multistage framework can be described as a multi-layer security and components. The new framework includes layer 1, which has antivirus, NIDS/HIDS, firewall, etc. The logs of the previous component of layer 1 will be used by SIEM in layer 2 to show different alerts and warnings. The components of the framework are logging modules, SIEM, indicators, attack tree, Kill chain, and sandbox. The aim of this project is to determine whether using a complex multistage framework solution will limit or reduce the damage of the cyber attack and, to ask, if will it help the incident response team to detect the APT or not. A case study simulated to represent the benefits and the effectiveness of a new framework to limit or reduce the APT. There are two groups to test and evaluate the framework: Group A will use the simulation of the new framework whilst group B will use the original method in the second simulation. The results of simulation prove that the new framework succeeds to detect the malicious files in the three attempts that allows to mitigate and detect these types of APT by using different security solutions, SIEM, HIDS, NIDS and Sandbox; while traditional methods that used antivirus and antispyware fails to detect or prevent APT. The new framework provides appropriate methods for detecting APT

Download Free PDF View PDF

Источник

Basic Security Testing with Kali Linux

With computer hacking attacks making headline news on a frequent occasion, it is time for companies and individuals to take a more active stance in securing their computer systems.

Kali Linux is an Ethical Hacking platform that allows good guys to use the same tools and techniques that a hacker would use so they can find issues with their security before the bad guys do.

In “Basic Security Testing with Kali Linux”, you will learn basic examples of how hackers find out information about your company, locate weaknesses in your security and how they gain access to your system.

This hands-on, step by step learning book covers topics like:

• Kali Linux Introduction and Overview
• Metasploit & Metasploitable 2 Tutorials
• Information Gathering
• A section on Shodan (the “Hacker’s Google”)
• Exploiting Windows and Linux Systems
• Escalating Privileges in Windows
• Wireless (WiFi) Attacks
• Social Engineering Attacks
• Password Attacks
• Kali on a Raspberry Pi
• Securing your Network

Though no network can be completely “Hacker Proof”, knowing how an attacker works will help put you on the right track of better securing your network.

Table of Contents

Part 1: Installing and Basic Overview
Chapter 2 – Installing Kali with VMWare Player

Part 2 – Metasploit Tutorial
Chapter 3 – Introduction to Metasploit
Chapter 4 – Meterpreter Shell

Part 3 – Information Gathering & Mapping
Chapter 5 – Recon Tools
Chapter 6 – Shodan

Part 4 – Attacking Hosts
Chapter 7 – Metasploitable Tutorial – Part One
Chapter 8 – Metasploitable – Part Two: Scanners
Chapter 9 – Windows AV Bypass with Veil
Chapter 10 – Windows Privilege Escalation by Bypassing UAC
Chapter 11 – Packet Captures and Man-in-the-Middle Attacks
Chapter 12 – Using the Browser Exploitation Framework

Part 5 – Social Engineering
Chapter 13 – Social Engineering
Chapter 14 – The Social Engineering Toolkit
Chapter 15 – Subterfuge

Part 6 – Password Attacks
Chapter 16 – Cracking Simple LM Hashes
Chapter 17 – Pass the Hash
Chapter 18 – Mimikatz Plain Text Passwords
Chapter 19 – Mimikatz and Utilman
Chapter 20 – Keyscan and Lockout Keylogger
Chapter 21 – HashCat
Chapter 22 – Wordlists
Chapter 23 – Cracking Linux Passwords

Part 7 – Router and Wi-Fi Attacks
Chapter 24 – Router Attacks
Chapter 25 – Wireless Network Attacks
Chapter 26 – Fern WIFI Cracker
Chapter 27 – Wi-Fi Testing with WiFite
Chapter 28 – Kismet
Chapter 29 – Easy Creds

Part 8 – Raspberry Pi
Chapter 30 – Installing Kali on a Raspberry Pi
Chapter 31 – WiFi Pentesting on a Raspberry Pi

Part 9 – Defending your Network
Chapter 32 – Network Defense and Conclusion

Источник

Basic Security Testing with Kali Linux

With computer hacking attacks making headline news on a frequent occasion, it is time for companies and individuals to take a more active stance in securing their computer systems. Kali Linux is an Ethical Hacking platform that allows good guys to use the same tools and techniques that a hacker would use so they can find issues with their security before the bad guys do. In Basic Security Testing with Kali Linux, you will learn basic examples of how hackers find out information about your company, locate weaknesses in your security and how they gain access to your system. This hands-on, step by step learning book covers topics like: Kali Linux Introduction and Overview Metasploit Metasploitable 2 Tutorials Information Gathering A section on Shodan (the Hackers Google) Exploiting Windows and Linux Systems Escalating Privileges in Windows Wireless (WiFi) Attacks Social Engineering Attacks Password Attacks Kali on a Raspberry Pi Securing your Network Though no network can be completely Hacker Proof, knowing how an attacker works will help put you on the right track of better securing your network.

Related Books:

Web Penetration Testing with Kali Linux

A practical guide to implementing penetration testing strategies on websites, web applications, and standard web protocols with Kali Linux Overview Learn key reconnaissance concepts needed as a penetration tester Attack and exploit key features, authentication, and sessions on web applications Learn how to protect systems, write reports, and sell web penetration testing services In Detail Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. Readers will learn how to think like real attackers, exploit systems, and expose vulnerabilities. Even though web applications are developed in a very secure environment and have an .

Web Penetration Testing with Kali Linux

Build your defense against web attacks with Kali Linux 2.0 About This Book * Gain a deep understanding of the flaws in web applications and exploit them in a practical manner * Get hands-on web application hacking experience with a range of tools in Kali Linux 2.0 * Develop the practical skills required to master multiple tools in the Kali Linux 2.0 toolkit Who This Book Is For If you are already working as a network penetration tester and want to expand your knowledge of web application hacking, then this book tailored for you. Those who are interested in learning more about the Kali Sana tools that are used to test web applications will find this.

Kali Linux

Assuring Security By Penetration Testing

Master the art of penetration testing with Kali Linux Overview Learn penetration testing techniques with an in-depth coverage of Kali Linux distribution Explore the insights and importance of testing your corporate network systems before the hackers strike Understand the practical spectrum of security tools by their exemplary usage, configuration, and benefits In Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a sche.

Источник

Basic Security Testing with Kali Linux PDF

Preview Basic Security Testing with Kali Linux

Basic Security Testing with Kali Linux Cover design and photo provided by Moriah Dieterle. Copyright © 2013 by Daniel W. Dieterle. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means without the prior written permission of the publisher. All trademarks, registered trademarks and logos are the property of their respective owners. ISBN-13: 978-1494861278 Thanks to my family for their unending support and prayer, you are truly a gift from God! Thanks to my friends in the infosec & cybersecurity community for sharing your knowledge and time with me. And thanks to my friends in our local book writers club (especially you Bill!), without your input, companionship and advice, this would have never happened. Daniel Dieterle “It is said that if you know your enemies and know yourself, you will not be imperiled in a hundred battles” — Sun Tzu “Behold, I send you forth as sheep in the midst of wolves: be ye therefore wise as serpents, and harmless as doves.” — Matthew 10:16 (KJV) About the Author Daniel W. Dieterle has worked in the IT field for over 20 years. During this time he worked for a computer support company where he provided computer and network support for hundreds of companies across Upstate New York and throughout Northern Pennsylvania. He also worked in a Fortune 500 corporate data center, briefly worked at an Ivy League school’s computer support department and served as an executive at an electrical engineering company. For about the last 5 years Daniel has been completely focused on security. He created and authors the “CyberArms Computer Security Blog”, and his articles have been published in international security magazines, and referenced by both technical entities and the media. Daniel has assisted with numerous security training classes and technical training books mainly based on Backtrack and Kali Linux. Daniel W. Dieterle

Источник