Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Hands-On Penetration Testing on Windows Unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis

Product type Paperback

Published in Jul 2018

Publisher Packt

ISBN-13 9781788295666

Length 452 pages

Edition 1st Edition

Languages

PowerShell

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Phil Bramwell

View More author details

Table of Contents (19) Chapters

1. Bypassing Network Access Control FREE CHAPTER

2. Sniffing and Spoofing

3. Windows Passwords on the Network

4. Advanced Network Attacks

5. Cryptography and the Penetration Tester

6. Advanced Exploitation with Metasploit

7. Stack and Heap Memory Management

8. Windows Kernel Security

9. Weaponizing Python

10. Windows Shellcoding

11. Bypassing Protections with ROP

12. Fuzzing Techniques

13. Going Beyond the Foothold

14. Taking PowerShell to the Next Level

15. Escalating Privileges

16. Maintaining Access

17. Tips and Tricks

18. Assessment

19. Other Books You May Enjoy

Leave a review - let other readers know what you think

Summary

In this chapter, we took our network attack knowledge to the next level by manipulating binary download streams to inject our own malicious executable. To accomplish this, we introduced Metasploit's ability to generate executable payloads and listen for the connection back from the target. We explored two mechanisms for injecting executables into traffic: BetterCAP proxying with a Ruby module, and ISR Evilgrade to spoof updates for applications; both methods employed ARP and DNS poisoning to redirect traffic. We explored SSL strip attacks and stepped through a practical HSTS bypass technique. Finally, we introduced IPv6 concepts for the security tester, including practical enumeration and recon methods, local segment man-in-the-middle attacks, and relaying from IPv4 tools to IPv6 hosts.

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Phil Bramwell

Phil Bramwell, CISSP has been tinkering with gadgets since he was a kid in the 1980s. After obtaining the Certified Ethical Hacker and Certified Expert Penetration Tester certifications in 2004 and a Bachelors of Applied Science in Computer Security from Davenport University in 2007, Phil was a security engineer and consultant who conducted Common Criteria, FIPS, and PCI-DSS assessments, GDPR consulting for a firm in the UK, and social engineering and penetration testing for banks, governments, and universities throughout the USA. After specializing in antimalware analysis and security operations, Phil is now a penetration tester for a Fortune 100 automobile manufacturer. Phil is based in the Metro Detroit area.

See other products by Phil Bramwell