Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Kali Linux for Advanced Penetration Testing, Second Edition Secure your network with Kali Linux – the ultimate white hat hackers' toolkit

Product type Paperback

Published in Jun 2017

Publisher Packt

ISBN-13 9781787120235

Length 510 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Vijay Kumar Velu

View More author details

Table of Contents (15) Chapters

Preface

1. Goal-Based Penetration Testing FREE CHAPTER

2. Open Source Intelligence and Passive Reconnaissance

3. Active Reconnaissance of External and Internal Networks

4. Vulnerability Assessment

5. Physical Security and Social Engineering

6. Wireless Attacks

7. Reconnaissance and Exploitation of Web-Based Applications

8. Attacking Remote Access

9. Client-Side Exploitation

10. Bypassing Security Controls

11. Exploitation

12. Action on the Objective

13. Privilege Escalation

14. Command and Control

Maintaining access with web shells

Once a web server and its services have been compromised, it is important to ensure that secure access can be maintained. This is usually accomplished with the aid of a web shell–a small program that provides stealth backdoor access and allows the use of system commands to facilitate post-exploitation activities.

Kali comes with several web shells; here we will use a popular PHP web shell called Weevely. For other technologies attackers might use, refer to https://webshell.co/.

Weevely simulates a Telnet session and allows the tester or attacker to take advantage of more than 30 modules for post-exploitation tasks, including the following:

Browsing the target filesystem
File transfer to and from the compromised systems
Performing audits for common server misconfigurations
Brute-forcing SQL accounts through the target system
Spawning reverse...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Vijay Kumar Velu

Vijay Kumar Velu is a passionate information security practitioner, author, speaker, investor, and blogger. He has 16+ years of IT industry experience, is a licensed penetration tester and is specialized in providing technical solutions to diverse cyber problems, ranging from simple security configuration reviews to cyber threat intelligence. Vijay holds multiple security qualifications, including CEH, ECSA, and CHFI. He has authored a few books on penetration testing: Mastering Kali Linux for Advanced Penetration Testing – Second & Third Editions, and Mobile Application Penetration Testing. For the community, Vijay serves as the chair member of NCDRC, India. When not working, he enjoys playing music and doing charity work.

See other products by Vijay Kumar Velu