舉報 
會員
Kali Linux 2018:Windows Penetration Testing
MicrosoftWindowsisoneofthetwomostcommonOSes,andmanagingitssecurityhasspawnedthedisciplineofITsecurity.KaliLinuxisthepremierplatformfortestingandmaintainingWindowssecurity.KaliisbuiltontheDebiandistributionofLinuxandsharesthelegendarystabilityofthatOS.Thisletsyoufocusonusingthenetworkpenetration,passwordcracking,andforensicstools,andnottheOS.ThisbookhasthemostadvancedtoolsandtechniquestoreproducethemethodsusedbysophisticatedhackerstomakeyouanexpertinKaliLinuxpenetrationtesting.YouwillstartbylearningaboutthevariousdesktopenvironmentsthatnowcomewithKali.ThebookcoversnetworksniffersandanalysistoolstouncovertheWindowsprotocolsinuseonthenetwork.Youwillseeseveraltoolsdesignedtoimproveyouraverageinpasswordacquisition,fromhashcracking,onlineattacks,offlineattacks,andrainbowtablestosocialengineering.ItalsodemonstratesseveralusecasesforKaliLinuxtoolslikeSocialEngineeringToolkit,andMetasploit,toexploitWindowsvulnerabilities.Finally,youwilllearnhowtogainfullsystem-levelaccesstoyourcompromisedsystemandthenmaintainthataccess.Bytheendofthisbook,youwillbeabletoquicklypentestyoursystemandnetworkusingeasy-to-followinstructionsandsupportimages.
目錄(182章)
倒序
- coverpage
- Title Page
- Packt Upsell
- Why subscribe?
- Packt.com
- Contributors
- About the authors
- About the reviewer
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the color images
- Conventions used
- Get in touch
- Reviews
- Disclaimer
- Choosing Your Distro
- Desktop environments
- Desktop environment versus Window Manager
- Enlightenment (E17)
- E17 Window Manager issues
- Gnome desktop
- Gnome 3 desktop issues
- KDE desktop
- KDE issues
- LXDE desktop
- LXDE issues
- MATE desktop
- MATE issues
- Xfce desktop
- Xfce issues
- Choosing your look and feel
- Configuring Kali to be your Daily Driver
- User account setup
- Summary
- Sharpening the Saw
- Technical requirements
- Installing Kali Linux to an encrypted USB drive
- Prerequisites for installation
- Booting up
- Configuring the installation
- Setting up the drive
- Booting your new installation of Kali
- Running Kali from the Live DVD
- Installing and configuring applications
- Gedit – the Gnome Text Editor
- Geany – the platform-agnostic code IDE
- Terminator – the Terminal emulator for multi-tasking
- Etherape – the graphical protocol-analysis tool
- Setting up and configuring OpenVAS
- Reporting tests
- KeepNote – stand-alone document organizer
- Dradis – web-based document organizer
- Running services on Kali Linux
- Summary
- Information Gathering and Vulnerability Assessments
- Technical requirements
- Footprinting the network
- Nmap
- Zenmap
- The difference verbosity makes
- Scanning a network range
- An annotated list of Nmap command options
- Using OpenVAS
- Using Maltego
- Using KeepNote
- Summary
- Further reading
- Sniffing and Spoofing
- Technical requirements
- Sniffing and spoofing network traffic
- Sniffing network traffic
- tcpdump
- WinDump (Windows tcpdump)
- Wireshark
- The packet
- Working with Wireshark
- Spoofing network traffic
- Ettercap
- Ettercap on the command line
- Summary
- Further reading
- Password Attacks
- Password attack planning
- Cracking the NTLM code (revisited)
- Password lists
- Cleaning a password list
- My friend Johnny
- John the Ripper (command line)
- xHydra
- Summary
- Further reading
- NetBIOS Name Service and LLMNR - Obsolete but Still Deadly
- Technical requirements
- NetBIOS name service and NTLM
- Sniffing and capturing traffic
- Using Ettercap data
- NetBIOS scanning using NBTscan
- Responder - so many hashes so little time
- Using Responder with Metasploit
- NetBIOS response BadTunnel brute force spoofing
- EvilGrade
- Ettercap setup
- The attack
- Summary
- Further reading
- Gaining Access
- Pwnage
- Technical requirements
- Exploiting Windows systems with Metasploit
- Using advanced Footprinting
- Interpreting the scan and building on the result
- Exploiting a 32-bit system
- Accessing Systems With Xfreerdp
- Summary
- Further reading
- Windows Privilege Escalation and Maintaining Access
- Technical requirements
- Windows privilege escalation
- Escalating your privileges
- MSFvenom
- MS16-032 Secondary Logon Handle Privilege Escalation
- Windows Escalate Service Permissions Local Privilege Escalation
- Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability)
- Maintaining access
- Remote Access Tools
- Metasploit's persistence_exe module
- Windows registry-only persistence
- Summary
- Maintaining Access on Server or Desktop
- Maintaining access or ET Phone Home
- Covering our tracks
- Maintaining access with Ncat
- Setting up a NetCat Client
- Phoning home with Metasploit
- Running a port scanner inside Metasploit
- The Drop Box
- Cracking the Network Access Controller (NAC)
- Creating a spear-phishing attack with the Social Engineering Toolkit
- Using the Spear-Phishing Attack Vectors menu
- Choose a subject or write a new email message
- Using Backdoor Factory to evade antivirus
- Summary
- Further reading
- Reverse Engineering and Stress Testing
- Technical requirements
- Setting up a test environment
- Creating your victim machine(s)
- Testing your testing environment
- Reverse Engineering theory
- One general theory of Reverse Engineering
- Working with Boolean logic
- Reviewing a while loop structure
- Reviewing the for loop structure
- Understanding the decision points
- Practicing Reverse Engineering
- Using debuggers
- Using the Valgrind debugger
- Using the EDB-Debugger
- EDB-Debugger symbol mapper
- Running OllyDbg
- Introduction to disassemblers
- Running JAD
- Creating your own disassembling code with Capstone
- Some miscellaneous Reverse Engineering tools
- Running Radare2
- The additional members of the Radare2 tool suite
- Running rasm2
- Running rahash2
- Running radiff2
- Running rafind2
- Running rax2
- Stress testing Windows
- Dealing with Denial
- Putting the network under Siege
- Configuring your Siege engine
- Summary
- Further reading
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-24 18:23:06
推薦閱讀
- 電腦組裝與系統安裝
- Implementing Cisco UCS Solutions
- 開源安全運維平臺OSSIM疑難解析:入門篇
- Linux網絡內核分析與開發
- jQuery UI Cookbook
- ElasticSearch Cookbook
- Django Project Blueprints
- 新編電腦辦公(Windows 10+ Office 2013版)從入門到精通
- Ubuntu Linux操作系統實用教程
- Agile IT Security Implementation Methodology
- 鴻蒙HarmonyOS應用開發入門
- 電腦辦公(Windows 7 + Office 2013)入門與提高
- Serverless Architectures with Kubernetes
- 計算機系統平臺
- 鴻蒙應用開發實戰
- Modern Python Cookbook
- HarmonyOS應用開發:快速入門與項目實戰
- Linux指令從入門到精通(“十二五”國家重點圖書出版規劃項目)
- Oracle Goldengate 11g Complete Cookbook
- Linux操作系統實用教程
- Linux開源存儲全棧詳解:從Ceph到容器存儲
- Command Line Fundamentals
- Windows 10深度攻略
- 嵌入式操作系統(Linux篇)
- 鴻蒙操作系統應用開發實踐
- 大話企業級Android應用開發實戰
- Hadoop MapReduce Cookbook
- 計算機應用基礎(Windows 7+Office 2010)
- Linux教程
- Concurrent Patterns and Best Practices
