舉報 
會員
Kali Linux:An Ethical Hacker's Cookbook(Second Edition)
Manyorganizationshavebeenaffectedbyrecentcyberevents.Atthecurrentrateofhacking,ithasbecomemoreimportantthanevertopentestyourenvironmentinordertoensureadvanced-levelsecurity.ThisbookispackedwithpracticalrecipesthatwillquicklygetyoustartedwithKaliLinux(version2018.4/2019),inadditiontocoveringthecorefunctionalities.ThebookwillgetyouofftoastrongstartbyintroducingyoutotheinstallationandconfigurationofKaliLinux,whichwillhelpyoutoperformyourtests.YouwillalsolearnhowtoplanattackstrategiesandperformwebapplicationexploitationusingtoolssuchasBurpandJexBoss.Asyouprogress,youwillgettogripswithperformingnetworkexploitationusingMetasploit,Sparta,andWireshark.ThebookwillalsohelpyoudelveintothetechniqueofcarryingoutwirelessandpasswordattacksusingtoolssuchasPatator,JohntheRipper,andairoscript-ng.Laterchapterswilldrawfocustothewiderangeoftoolsthathelpinforensicsinvestigationsandincidentresponsemechanisms.Asyouwrapuptheconcludingchapters,youwilllearntocreateanoptimumqualitypentestreport.Bytheendofthisbook,youwillbeequippedwiththeknowledgeyouneedtoconductadvancedpenetrationtesting,thankstothebook’scrispandtask-orientedrecipes.
最新章節
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- How to do it...
- Getting ready
- Using Serpico
- How to do it...
品牌:中圖公司
上架時間:2021-06-24 12:28:08
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Leave a review - let other readers know what you think 更新時間:2021-06-24 16:00:26
- Other Books You May Enjoy
- How to do it...
- Getting ready
- Using Serpico
- How to do it...
- Using MagicTree
- How to do it...
- Using Dradis
- Writing Reports
- How to do it...
- Setting up an evil access point
- How to do it...
- Can I charge my phone?
- How to do it...
- Superman typing – human interface device (HID) attacks
- How to do it...
- Getting ready
- Installing NetHunter
- How to do it...
- Getting ready
- Installing Kali on Raspberry Pi
- Kali in Your Pocket - NetHunters and Raspberries
- See also
- How to do it...
- Decoding ADS-B messages with Dump1090
- See also
- How to do it...
- Kalibrating your device for GSM tapping
- See also
- How to do it...
- Playing around with gqrx
- How to do it...
- Hands-on with the RTLSDR scanner
- How to do it...
- Getting ready
- Radio-frequency scanners
- Playing with Software-Defined Radios
- How to do it...
- Capturing a forensic image with guymager
- See also
- How to do it...
- Using Binwalk
- See also
- How to do it...
- Getting ready
- Using the volatility framework
- Elementary My Dear Watson - Digital Forensics
- See also
- How to do it...
- An overview of ASLR and NX bypass
- See also
- How to do it...
- Getting ready
- Exploiting egg hunters
- See also
- How to do it...
- SEH bypass
- How to do it...
- Getting ready
- Exploiting buffer overflows on real software
- How to do it...
- Exploiting stack-based buffer overflows
- Buffer Overflows
- How to do it...
- Data exfiltration using CloakifyFactory
- How to do it...
- Exfiltrating data through Dropbox
- See also
- How to do it...
- Automating Active Directory (AD) exploitation with DeathStar
- See also
- How to do it...
- Getting ready
- Age of Empire
- How to do it...
- Backdooring for persistance
- How to do it...
- Pivoting
- How to do it...
- Dumping other saved passwords from the machine
- How to do it...
- Pulling a plaintext password with Mimikatz
- How to do it...
- Privilege escalation on Windows
- There's more...
- How to do it...
- Node hopping – pivoting
- How to do it...
- Vertical escalation
- How to do it...
- Horizontal escalation
- There's more...
- How to do it...
- Looking for weaknesses
- How to do it...
- Spawning a TTY shell
- Have Shell Now What?
- How to do it...
- Using Pipal
- How to do it...
- Generating wordlists with crunch
- How to do it...
- Using ceWL
- How to do it...
- Johnny Bravo!
- See also
- How to do it...
- Playing with John the Ripper
- How to do it...
- Cracking with Patator
- How to do it...
- Hash-identifier to the rescue
- See also
- How to do it...
- Identifying different types of hashes in the wild
- Password Attacks - The Fault in Their Stars
- See also
- How to do it...
- Using Airgeddon for Wi-Fi attacks
- See also
- How to do it...
- Getting ready
- Setting up rogue access points with WiFi-Pumpkin
- See also
- How to do it...
- Getting ready
- Pixie dust attack
- How to do it...
- Owning employee accounts with Ghost Phisher
- How to do it...
- Dealing with WPAs
- How to do it...
- Getting ready
- Hands-on with Gerix
- How it works...
- How to do it...
- Getting ready
- The good old Aircrack
- Wireless Attacks - Getting Past Aircrack-ng
- How to do it...
- Generating payloads with MSFvenom Payload Creator (MSFPC)
- How to do it...
- Getting ready
- Shellver – reverse shell cheatsheet
- See also
- How to do it...
- Exploiting Jenkins
- How to do it...
- Getting ready
- This is Sparta
- See also
- How to do it...
- Getting ready
- Good old Wireshark
- See also
- How to do it...
- Exploiting Elasticsearch
- How to do it...
- Hacking embedded devices
- How to do it...
- Getting ready
- Saying no to SQL – owning MongoDBs
- How to do it...
- Exploiting Redis
- How to do it...
- The tale of a bleeding heart
- There's more...
- How to do it...
- Using the paranoid meterpreter
- See also
- There's more...
- How to do it...
- Railgun in Metasploit
- How to do it...
- Exploring the msfconsole
- How to do it...
- Getting ready
- MITM with hamster and ferret
- Introduction
- Network Exploitation
- How to do it...
- Backdoors using webshells
- See also
- How to do it...
- Backdoors using meterpreter
- How to do it...
- Getting ready
- Automating vulnerability detection using RapidScan
- See also
- How to do it...
- Exploiting PHP Object Injection
- How to do it...
- Exploiting Jboss with JexBoss
- See also
- How to do it...
- Exploiting XXEs
- See also
- How to do it...
- Winning race conditions
- How to do it...
- Owning all .svn and .git repositories
- See also
- How to do it...
- Injection attacks with sqlmap
- How to do it...
- Getting ready
- Exploiting XSS with XSS Validator
- Web App Exploitation - Beyond OWASP Top 10
- There's more...
- How to do it...
- Getting ready
- Emulating threats with Cobalt Strike
- How to do it...
- Generating payloads with MSFPC
- How to do it...
- Setting up a database in Metasploit
- See also
- How to do it...
- Writing a custom resource script
- How to do it...
- Automating Metasploit
- How to do it...
- Using Metasploit
- How to do it...
- Getting ready
- Exploiting routers with routersploit
- How to do it...
- Exploring Searchsploit
- See also
- How to do it...
- Using golismero
- How to do it...
- Using Intruder
- How to do it...
- Exploiting WSDLs with Wsdler
- How to do it...
- Using the infamous Burp
- Vulnerability Assessment - Poking for Holes
- How it works...
- How to do it...
- Testing routers with Firewalk
- See also
- How to do it...
- Sniffing around with Kismet
- How to do it...
- Finding origin servers with CloudBunny
- How to do it...
- Scanning IPs with masscan
- How to do it...
- Finding technology behind webapps using WhatWeb
- How it works...
- How to do it...
- Digging deep with TheHarvester
- How to do it...
- Automating brute force with BruteSpray
- See also
- How to do it...
- Hunting for SSL flaws
- How to do it...
- Searching for open directories using GoBuster
- How it works...
- Idle scan
- TCP Window scan (-sW)
- TCP ACK scan (-sA)
- How to do it...
- Bypassing firewalls with Nmap
- See also
- Using scripts
- How to do it...
- Using Nmap to find open ports
- See also
- How to do it...
- Censys
- How to do it...
- Shodan plugins
- How to do it...
- Shodan Honeyscore
- How to do it...
- Getting ready
- Using Shodan for fun and profit
- How to do it...
- Getting a list of subdomains
- Gathering Intel and Planning Attack Strategies
- How to do it...
- Getting ready
- Going on a hunt with Routerhunter
- Using proxychains with Tor
- How to do it...
- Setting up proxychains
- There's more...
- Cracking the PSK
- How to do it...
- Getting ready
- Pentesting VPN's ike-scan
- There's more...
- How to do it...
- Setting up I2P for anonymity
- There's more...
- How to do it...
- Getting ready
- Zone Walking using DNSRecon
- There's more...
- Subfinder
- Aquatone
- How to do it...
- Getting ready
- Prepping with custom tools
- How to do it...
- Configuring the KDE environment
- How to do it...
- Configuring the E17 environment
- How to do it...
- Configuring the LXDE environment
- How to do it...
- Configuring the MATE environment
- How to do it...
- Configuring the Xfce environment
- How it works...
- How to do it...
- Getting ready
- Configuring Kali Linux
- Kali - An Introduction
- Disclaimer
- Reviews
- Get in touch
- See also
- There's more…
- How it works…
- How to do it…
- Getting ready
- Sections
- Conventions used
- Download the color images
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt is searching for authors like you
- About the reviewers
- About the author
- Contributors
- Packt.com
- Why subscribe?
- About Packt
- Kali Linux - An Ethical Hacker's Cookbook Second Edition
- Copyright and Credits
- Title Page
- coverpage
- coverpage
- Title Page
- Copyright and Credits
- Kali Linux - An Ethical Hacker's Cookbook Second Edition
- About Packt
- Why subscribe?
- Packt.com
- Contributors
- About the author
- About the reviewers
- Packt is searching for authors like you
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Download the color images
- Conventions used
- Sections
- Getting ready
- How to do it…
- How it works…
- There's more…
- See also
- Get in touch
- Reviews
- Disclaimer
- Kali - An Introduction
- Configuring Kali Linux
- Getting ready
- How to do it...
- How it works...
- Configuring the Xfce environment
- How to do it...
- Configuring the MATE environment
- How to do it...
- Configuring the LXDE environment
- How to do it...
- Configuring the E17 environment
- How to do it...
- Configuring the KDE environment
- How to do it...
- Prepping with custom tools
- Getting ready
- How to do it...
- Aquatone
- Subfinder
- There's more...
- Zone Walking using DNSRecon
- Getting ready
- How to do it...
- There's more...
- Setting up I2P for anonymity
- How to do it...
- There's more...
- Pentesting VPN's ike-scan
- Getting ready
- How to do it...
- Cracking the PSK
- There's more...
- Setting up proxychains
- How to do it...
- Using proxychains with Tor
- Going on a hunt with Routerhunter
- Getting ready
- How to do it...
- Gathering Intel and Planning Attack Strategies
- Getting a list of subdomains
- How to do it...
- Using Shodan for fun and profit
- Getting ready
- How to do it...
- Shodan Honeyscore
- How to do it...
- Shodan plugins
- How to do it...
- Censys
- How to do it...
- See also
- Using Nmap to find open ports
- How to do it...
- Using scripts
- See also
- Bypassing firewalls with Nmap
- How to do it...
- TCP ACK scan (-sA)
- TCP Window scan (-sW)
- Idle scan
- How it works...
- Searching for open directories using GoBuster
- How to do it...
- Hunting for SSL flaws
- How to do it...
- See also
- Automating brute force with BruteSpray
- How to do it...
- Digging deep with TheHarvester
- How to do it...
- How it works...
- Finding technology behind webapps using WhatWeb
- How to do it...
- Scanning IPs with masscan
- How to do it...
- Finding origin servers with CloudBunny
- How to do it...
- Sniffing around with Kismet
- How to do it...
- See also
- Testing routers with Firewalk
- How to do it...
- How it works...
- Vulnerability Assessment - Poking for Holes
- Using the infamous Burp
- How to do it...
- Exploiting WSDLs with Wsdler
- How to do it...
- Using Intruder
- How to do it...
- Using golismero
- How to do it...
- See also
- Exploring Searchsploit
- How to do it...
- Exploiting routers with routersploit
- Getting ready
- How to do it...
- Using Metasploit
- How to do it...
- Automating Metasploit
- How to do it...
- Writing a custom resource script
- How to do it...
- See also
- Setting up a database in Metasploit
- How to do it...
- Generating payloads with MSFPC
- How to do it...
- Emulating threats with Cobalt Strike
- Getting ready
- How to do it...
- There's more...
- Web App Exploitation - Beyond OWASP Top 10
- Exploiting XSS with XSS Validator
- Getting ready
- How to do it...
- Injection attacks with sqlmap
- How to do it...
- See also
- Owning all .svn and .git repositories
- How to do it...
- Winning race conditions
- How to do it...
- See also
- Exploiting XXEs
- How to do it...
- See also
- Exploiting Jboss with JexBoss
- How to do it...
- Exploiting PHP Object Injection
- How to do it...
- See also
- Automating vulnerability detection using RapidScan
- Getting ready
- How to do it...
- Backdoors using meterpreter
- How to do it...
- See also
- Backdoors using webshells
- How to do it...
- Network Exploitation
- Introduction
- MITM with hamster and ferret
- Getting ready
- How to do it...
- Exploring the msfconsole
- How to do it...
- Railgun in Metasploit
- How to do it...
- There's more...
- See also
- Using the paranoid meterpreter
- How to do it...
- There's more...
- The tale of a bleeding heart
- How to do it...
- Exploiting Redis
- How to do it...
- Saying no to SQL – owning MongoDBs
- Getting ready
- How to do it...
- Hacking embedded devices
- How to do it...
- Exploiting Elasticsearch
- How to do it...
- See also
- Good old Wireshark
- Getting ready
- How to do it...
- See also
- This is Sparta
- Getting ready
- How to do it...
- Exploiting Jenkins
- How to do it...
- See also
- Shellver – reverse shell cheatsheet
- Getting ready
- How to do it...
- Generating payloads with MSFvenom Payload Creator (MSFPC)
- How to do it...
- Wireless Attacks - Getting Past Aircrack-ng
- The good old Aircrack
- Getting ready
- How to do it...
- How it works...
- Hands-on with Gerix
- Getting ready
- How to do it...
- Dealing with WPAs
- How to do it...
- Owning employee accounts with Ghost Phisher
- How to do it...
- Pixie dust attack
- Getting ready
- How to do it...
- See also
- Setting up rogue access points with WiFi-Pumpkin
- Getting ready
- How to do it...
- See also
- Using Airgeddon for Wi-Fi attacks
- How to do it...
- See also
- Password Attacks - The Fault in Their Stars
- Identifying different types of hashes in the wild
- How to do it...
- See also
- Hash-identifier to the rescue
- How to do it...
- Cracking with Patator
- How to do it...
- Playing with John the Ripper
- How to do it...
- See also
- Johnny Bravo!
- How to do it...
- Using ceWL
- How to do it...
- Generating wordlists with crunch
- How to do it...
- Using Pipal
- How to do it...
- Have Shell Now What?
- Spawning a TTY shell
- How to do it...
- Looking for weaknesses
- How to do it...
- There's more...
- Horizontal escalation
- How to do it...
- Vertical escalation
- How to do it...
- Node hopping – pivoting
- How to do it...
- There's more...
- Privilege escalation on Windows
- How to do it...
- Pulling a plaintext password with Mimikatz
- How to do it...
- Dumping other saved passwords from the machine
- How to do it...
- Pivoting
- How to do it...
- Backdooring for persistance
- How to do it...
- Age of Empire
- Getting ready
- How to do it...
- See also
- Automating Active Directory (AD) exploitation with DeathStar
- How to do it...
- See also
- Exfiltrating data through Dropbox
- How to do it...
- Data exfiltration using CloakifyFactory
- How to do it...
- Buffer Overflows
- Exploiting stack-based buffer overflows
- How to do it...
- Exploiting buffer overflows on real software
- Getting ready
- How to do it...
- SEH bypass
- How to do it...
- See also
- Exploiting egg hunters
- Getting ready
- How to do it...
- See also
- An overview of ASLR and NX bypass
- How to do it...
- See also
- Elementary My Dear Watson - Digital Forensics
- Using the volatility framework
- Getting ready
- How to do it...
- See also
- Using Binwalk
- How to do it...
- See also
- Capturing a forensic image with guymager
- How to do it...
- Playing with Software-Defined Radios
- Radio-frequency scanners
- Getting ready
- How to do it...
- Hands-on with the RTLSDR scanner
- How to do it...
- Playing around with gqrx
- How to do it...
- See also
- Kalibrating your device for GSM tapping
- How to do it...
- See also
- Decoding ADS-B messages with Dump1090
- How to do it...
- See also
- Kali in Your Pocket - NetHunters and Raspberries
- Installing Kali on Raspberry Pi
- Getting ready
- How to do it...
- Installing NetHunter
- Getting ready
- How to do it...
- Superman typing – human interface device (HID) attacks
- How to do it...
- Can I charge my phone?
- How to do it...
- Setting up an evil access point
- How to do it...
- Writing Reports
- Using Dradis
- How to do it...
- Using MagicTree
- How to do it...
- Using Serpico
- Getting ready
- How to do it...
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-06-24 16:00:26
