Kali Linux CTF Blueprints by Cameron Buchanan Build, test, and
customize your own Capture the Flag challenges across multiple platforms
designed to be attacked with Kali Linux.
Kali Linux CTF Blueprints is a six chapter book where each chapter details a different kind of Capture the Flag style challenges. Each chapter will deal with a number of basic setups while suggesting a variety of different alternatives to allow reuse of fundamental concepts. The book is designed to allow individuals to create their own challenging environments to push their colleagues, friends, and own skills to the next level of testing prowess.
What this book covers:
Chapter 1, Microsoft Environments, contains instructions to create vulnerable servers and desktops, covers the most prevalent vulnerabilities, and contains suggestions on more complicated scenarios for advanced users of Microsoft environments.
- Microsoft Environments
- Creating a vulnerable machine, Securing a machine, Creating a secure network
- Basic requirements, Setting up a Linux network, Setting up a Windows network
- Hosting vulnerabilities
- Scenario 1 – warming Adobe ColdFusion, Setup, Variations
- Scenario 2 – making a mess with MSSQL, Setup, Variations
- Scenario 3 – trivializing TFTP, Vulnerabilities, Flag placement and design, Testing your ?ags, Making the ?ag too easy, Making your finding too hard, Alternate ideas, Post exploitation and pivoting, Exploitation guides
- Scenario 1 – traverse the directories like it ain't no thing
- Scenario 2 – your database is bad and you should feel bad
- Scenario 3 – TFTP is holier than the Pope
Chapter 2, Linux Environments, similar to the frst chapter, is focused on generating generic vulnerabilities in Linux environments, providing the basic concepts of CTF creation along with suggestions for more advanced setups.
- Linux Environments
- Differences between Linux and Microsoft, Setup
- Scenario 1 – learn Samba and other dance forms, Setup, Configuration,Testing,Variations,Information disclosure, File upload,
- Scenario 2 – turning on a LAMP, Setup, The PHP, Variations, Out-of-date versions, Login bypass, SQL injection, Dangerous PHP, PHPMyAdmin
- Scenario 3 – destructible distros, Setup, Variations
- Scenario 4 – tearing it up with Telnet, Setup, Variations, Default credentials, Buffer over?ows,Flag placement and design, Exploitation guides
- Scenario 1 – smashing Samba
- Scenario 2 – exploiting XAMPP
- Scenario 3 – liking a privilege
- Scenario 4 – tampering with Telnet
- Wireless and Mobile, Wireless environment setup, Software, Hardware
- Scenario 1 – WEP, that's me done for the day, Code setup, Network setup
- Scenario 2 – WPA-2, Setup
- Scenario 3 – pick up the phone, Setup
- Social Engineering
- Scenario 1 – maxss your haxss,Code setup
- Scenario 2 – social engineering: do no evil,Setup, Variations
- Scenario 3 – hunting rabbits,Core principles,Potential avenues,Connecting methods,Creating an OSINT target
- Scenario 4 – I am a Stegosaurus,Visual steganography, Exploitation guides
- Scenario 1 – cookie theft for fun and proft
- Scenario 2 – social engineering tips
- Scenario 3 – exploitation guide
- Scenario 4 – exploitation guide
- Cryptographic Projects, Crypto jargon
- Scenario 1 – encode-ageddon, Generic encoding types, Random encoding types
- Scenario 2 – encode + Python = merry hell, Setup, Substitution cipher variations
- Scenario 3 – RC4, my god, what are you doing?, Setup, Implementations
- Scenario 4 – Hishashin, Setup, Hashing variations
- Scenario 5 – because Heartbleed didn't get enough publicity as it is, Setup,Variations,Exploitation guides
- Scenario 1 – decode-alypse now
- Scenario 2 – trans subs and other things that look awkward in, your history Automatic methods
- Scenario 3 – was that a 1 or a 0 or a 1?
- Scenario 4 – hash outside of Colorado
- Scenario 5 – bleeding hearts
- Red Teaming, Chapter guide, Scoring systems, Setting scenarios, Reporting, Reporting example, Reporting explanation, CTF-style variations, DEFCON game, Physical components, Attack and defense, Jeopardy
- Scenario 1 – ladders, why did it have to be ladders?, Network diagram, Brief, Setting up virtual machines, DMZ, missileman, secret1, secret2,secret3, Attack guide,Variations[ v ],Dummy devices,Combined OSINT trail, The missile base scenario summary
- Scenario 2 – that's no network, it's a space station ,Network diagram, Brief, Setting up a basic network, Attack of the clones, Customizing cloned VMs, Workstation1, Workstation2, Workstation3, Workstation4, Workstation5, Attack guide, Variations, The network base scenario summary
What you need for this book?
The requirements for individual projects are detailed in their setup sections; however, it is assumed that you have the following:
• A copy of Kali Linux
• At least one machine or virtual machine that can be set up as a target
Who this book is for?
Kali Linux CTF Blueprints is aimed at individuals who are aware of the concepts of penetration testing, ideally with some practice with one or more types of tests. It is also suitable for testers with years of experience who want to explore a new field or educate their colleagues. The assumption will be that these projects are being created to be completed by other penetration testers and will contain exploitation guides to each project. If you are setting these challenges for yourself, try and exploit them without reading the exploitation methods first. The suggested methods are just that; there are many ways to climb a tree.
To download this book just click the below link and download this book for free from mediafire.
27 Comments
nice book
This book will surely help us to learn about Penetration Testing by usign Kali linux.
This is one of the best articles i have ever read about Kali linux. Thanks
I love ebspac for writing best articles
verry use full article
verry use full article
I love ebspac for writing best articles
in this book more useful list to us most expansible book
This is one of the best articles i have ever read about Kali linux .
Thanks my brother for the effort .
I love ebspac. This is great
always get my interest thank you ebspac
It's awesome Kali linux
books are very useful. The complete information thus enhances the knowledge of Kali linux
very useful article. thanks for share this article.
Wonderful book I love this book.
this is the most awesome site with most important books and information.this article is really helpful.
This is one of the best articles.The books are very useful. I love this book.
This is one of the best articles. its so nice creation.
the book is very useful.I do love it
this the well text and good understanding artical and easy to use instruction........all good artical
This is the best book I've read so far showing blueprints of Linux Kali. This is a website to bookmark.
it helps me a lot to understand security network. thanks
I love ebspac for writing best articles
This book will surely help us to learn about useful information Penetration Testing by usign Kali linux.
Very nice and informative article. Like this article very much.
This book helped me a lot to understand security network. Thank you
If you have a habit of reading book plz read this article. Really very poitive
Express Your Opinions in comments
EmoticonEmoticon