Tuesday 26 September 2017

Kali Linux – Assuring Security by by Lee Allen, Tedi Heriyanto, Shakeel Ali

Kali Linux – Assuring Security by Penetration Testing  Lab Preparation and Testing Procedures Kali Linux Assuring Security by Penetration testing Master the art of penetration testing with Kali Linux written by Lee Allen, Tedi Heriyanto, Shakeel Ali

The content within this book is for educational purposes only. It is designed to help users test their own system against information security threats and protect their IT infrastructure from similar attacks. Packt Publishing and the authors of this book take no responsibility for actions resulting from the inappropriate usage of learning materials contained within this book.

Table of Contents:

Chapter 1: 
  • Lab Preparation and Testing Procedures Beginning with Kali Linux
  • A brief history of Kali Linux
  • Kali Linux tool categories
  • Downloading Kali Linux
  • Using Kali Linux
  • Running Kali using Live DVD
  • Installing Kali on a hard disk
  • Installing Kali on a physical machine
  • Installing Kali on a virtual machine
  • Installing Kali on a USB disk
  • Confguring the virtual machine
  • VirtualBox guest additions
  • Setting up networking
  • Setting up a wired connection
  • Setting up a wireless connection
  • Starting the network service
  • Confguring shared folders
  • Saving the guest machine state
  • Exporting a virtual machine
  • Updating Kali Linux
  • Network services in Kali Linux
  • HTTP, MySQL, SSH
  • Installing a vulnerable serverInstalling additional weapons
  • Installing the Nessus vulnerability scanner
  • Installing the Cisco password cracker
Chapter 2: 
  • Penetration Testing Methodology
  • Types of penetration testing
  • Black box testing
  • White box testing
  • Vulnerability assessment versus penetration testing
  • Security testing methodologies
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Key features and benefits
  • Information Systems Security Assessment Framework (ISSAF)
  • Key features and benefits
  • Open Web Application Security Project (OWASP)
  • Key features and benefits
  • Web Application Security Consortium Threat Classification (WASC-TC) 61
  • Key features and benefits
  • Penetration Testing Execution Standard (PTES)
  • Key features and benefits
  • General penetration testing framework
  • Target scoping
  • Information gathering
  • Target discovery
  • Enumerating target
  • Vulnerability mapping
  • Social engineering
  • Target exploitation
  • Privilege escalation
  • Maintaining access
  • Documentation and reporting
Chapter 3:  
  • Penetration Testers Armory
  • Target Scoping
  • Gathering client requirements
  • Creating the customer requirements form
  • The deliverables assessment form
  • Preparing the test plan
  • The test plan checklist Profling test boundaries
  • Defining business objectives
  • Project management and scheduling
Chapter 4:
  • Information Gathering Using public resources
  • Querying the domain registration information
  • Analyzing the DNS records
  • host,dig, dnsenum, dnsdict6, ferce
  • DMitry, Maltego
  • Getting network routing information
  • tcptraceroute, tctrace
  • Utilizing the search engine
  • theharvester, Metagoofl, Summary
Chapter 5:
  • Target Discovery
  • Starting off with target discovery
  • Identifying the target machine
  • ping, arping, fping, hping3, nping, alive6
  • detect-new-ip6
  • passive_discovery6, nbtscan
  • OS fngerprinting, p0f, Nmap
  • SummaryChapter 6: Enumerating Target
  • Introducing port scanning
  • Understanding the TCP/IP protocol
  • Understanding the TCP and UDP message format
  • The network scanner
  • Nmap, Nmap target specifcation, Nmap TCP scan options
  • Nmap UDP scan options, Nmap port specifcation, Nmap output options
  • Nmap timing options, Nmap useful options
  • Nmap for scanning the IPv6 target, The Nmap scripting engine
  • Nmap options for Firewall/IDS evasion, Unicornscan
  • Zenmap, Amap, SMB enumeration, SNMP enumeration
  • onesixtyone, snmpcheck, VPN enumeration,ike-scan
Chapter 7:
  •  Vulnerability Mapping, Types of vulnerabilities, Local vulnerability, Remote vulnerability
  • Vulnerability taxonomy, Open Vulnerability Assessment System (OpenVAS)
  • Tools used by OpenVAS, Cisco analysis, Cisco auditing tool, Cisco global exploiter
  • Fuzz analysis, BED, JBroFuzz,SMB analysis,Impacket SamrdumpSNMP analysis 
  • SNMP Walk, Web application analysis, Database assessment tools
  • DBPwAudit, SQLMap, SQL Ninja, Web application assessment
  • Burp Suite, Nikto2, Paros proxy, W3AF, WafW00f, WebScarab
Chapter 8: 
  • Social Engineering, Modeling the human psychology
  • Attack process, Attack methods
  • Impersonation, Reciprocation
  • In?influential authority, Scarcity
  • Social relationship,Social Engineering Toolkit (SET)
  • Targeted phishing attack
Chapter 9:
  • Target Exploitation, Vulnerability research, Vulnerability and exploit repositories
  • Advanced exploitation toolkit, MSFConsole, MSFCLI, Ninja 101 drills
  • Scenario 1, Scenario 2, Scenario 3, Scenario 4, Writing exploit modules
Chapter 10:
  • Privilege Escalation, Privilege escalation using a local exploit
  • Password attack tools, Ofline attack tools,hash-identifer
  • Hashcat, RainbowCrack, samdump2
  • John, Johnny, Ophcrack, Crunch, Online attack tools
  • CeWL, Hydra, Medusa, Network spoofng tools, DNSChef
  • Setting up a DNS proxy, Faking a domain
  • arpspoof, Ettercap, Network sniffers, dsniff,tcpdump, Wireshark
Chapter 11:
  • Maintaining Access, Using operating system backdoors
  • Cymothoa, Intersect
  • The Meterpreter backdoor,Working with tunneling tools
  • dns2tcp,iodine,Confguring the DNS server
  • Running the iodine server
  • Running the iodine client
  • ncat, proxychains, ptunnel
  • socat, Getting HTTP header informationTransferring fles
  • sslh, stunnel4, Creating web backdoors
  • WeBaCoo,weevely,PHP Meterpreter
Chapter 12:
  • Documentation and Reporting,Documentation and results verifcation
  • Types of reports,The executive report,The management report,The technical report
  • Network penetration testing report (sample contents),Preparing your presentation
  • Post-testing procedures
To download this book just click the below link and download this book for free from mediafire.

34 Comments

Amazing book and ebspac is my favourite blogspot to download good book for free

This is one of the best articles i have ever read about Kali linux. Thanks

This blog really provides excellent posts in both content and availability. By far, Kali Linux is my favourite operating system to experiment with network security for educational purposes. Many thanks.

This comment has been removed by the author.

Thanks for the awesome Kali Linux book, i have been looking for this a for long time

thanks ebspac, for the best article, amazing book.

This comment has been removed by the author.

I tried many methods, but the penetration methods become so tricky sometimes. Let's hope this book will turn out to be a gem.

it knowledgeable book it help for me

it knowledgeable book it help for me

All your articles are fun .
Let's hope this book will turn out to be a gem.

This is so nice i love this article

The book is great and full of information that I am inquiring about. Thanks

this is the most awesome site with most important books and information.this article is really helpful.

This is one of the best articles i have ever read about Kali linux. very nice creation Thanks

This comment has been removed by the author.

another well organized book for kali Linux users. if anyone looks for guide in kali Linux, this is the book.

Well its good organized learning book for users who love linux,if any doubt about linux this is the book wich is resolve

very well written. really great material for someone with little to no experience!

A very useful book inorder for us to be safe for hackers. Nice book ^_^

Great book. This book is the best guide to understand Linux Kali.

Thanks for posting this article...By learning security hacking i could be a great hacker...Thanks A lot

A very useful book in order for us to be safe for hackers. if anyone looks for guide in kali Linux, this is the book.

always want to know about security hacking, thanks for the article.

another well organized book for kali Linux users. if anyone looks for guide in kali Linux, this is the book

Great Book. Got many needful information from this article.

Great book,full of information and well organized.

What a lovely articles is. Fantastic books. Thanks to the writer

I am very excited after looking at your E-books and downloading very needed books.

Express Your Opinions in comments
EmoticonEmoticon