Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
The Ultimate Kali Linux Book
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book: Harness Nmap, Metasploit, Aircrack-ng, and Empire for cutting-edge pentesting , Third Edition

eBook
€22.99 €32.99
Paperback
€41.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
Table of content icon View table of contents Preview book icon Preview Book

The Ultimate Kali Linux Book

Building a Penetration Testing Lab

As an aspiring ethical hacker and penetration tester, it’s important to ensure that you do not disrupt or cause any sort of harm or damage to another person’s systems or network infrastructure, such as that of your organization, when testing exploits and payloads or practicing your hacking skills. While there are many online tutorials, videos, and training materials you can read and view to gain knowledge, working in the field of penetration testing means continuously enhancing your offensive security skills. Many people can speak about hacking and explain the methodology quite clearly but don’t know how to perform an attack. When learning about penetration testing, it’s very important to understand the theory and how to use your skills to apply them to a simulated real-world cyberattack.

In this chapter, you will learn how to design and build a virtualized penetration testing lab environment on your personal computer...

Technical requirements

To follow along with the exercises in this chapter, please ensure that you have met the following hardware and software requirements:

We’ll be covering the process of setting up Kali Linux, Vagrant, the OWASP Juice Shop, and Metasploitable 2 and 3 in detail in the chapter.

Note

During the installation of Oracle VirtualBox, it’s important...

An overview of the lab setup and technologies used

Building a penetration testing lab enables you to create an environment that’s safe for you to practice and enhance your offensive security skills, scale the environment to add new vulnerable systems and remove older legacy systems that you may no longer need, and even create additional virtual networks to pivot your attacks from one network to another.

The concept of creating your very own virtualized penetration testing lab allows you to maximize the computing resources on your existing computer, without the need to purchase online lab time from various service providers or even buy additional computers and devices. Overall, you’ll be saving a lot of money as opposed to buying physical computers and networking equipment such as routers and switches.

As a cybersecurity lecturer and professional, I have noticed that many people who are starting their journeys in the field of information technology (IT) usually...

Setting up a hypervisor and virtual networks

There are many hypervisors from various vendors in the information technology industry. However, Oracle VM VirtualBox is a free and simple-to-use hypervisor that has all the essential features of commercial (paid) products. In this section, you will learn how to set up Oracle VM VirtualBox and create virtual networks on your computer.

Before getting started, the following are important factors and requirements:

  • Ensure the computer’s processor supports virtualization features, such as VT-x/AMD-V.
  • Ensure the virtualization feature is enabled on your processor via the Basic Input/Output System (BIOS) / Unified Extensible Firmware Interface (UEFI) firmware.

If you’re unsure how to access the BIOS/UEFI on your computer, please check the manual of the device or the vendor’s website for specific instructions.

Let’s get started!

Part 1 – setting up the hypervisor...

Setting up and working with Kali Linux

Kali Linux is one of the most popular Linux distributions within the cybersecurity industry as it contains over 300 pre-installed software packages that are designed for mostly offensive security assessments. Kali Linux is built on the Debian flavor of Linux and, being a free operating system, it has gained a lot of attention over the years by cybersecurity professionals in the industry. It has a lot of features and tools that make a penetration tester’s or security engineer’s job a bit easier when they’re working.

Ethical hackers and penetration testers commonly use Kali Linux to perform passive reconnaissance (covered in Chapters 4 and 5), scanning and enumeration (covered in Chapter 6), exploitation (covered in Chapter 8), and even post-exploitation techniques (covered in Chapters 10 and 11) on targeted systems and networks. While many folks usually think Kali Linux is designed only for offensive security professionals...

Setting up a vulnerable web application

Learning how to simulate real-world cyberattacks using Kali Linux would not be complete without understanding how to discover and exploit vulnerabilities within web applications. The OWASP is an organization that focuses on improving security through software, including web applications. The OWASP is known for its OWASP Top 10 list of most critical security risks within web applications. In Chapters 16 and 17, you will learn how to identify and exploit common vulnerabilities within web applications.

Note

At the time of writing this book, the latest version of the OWASP Top 10 was last updated in 2021. More information can be found at https://owasp.org/www-project-top-ten/. Further information on each of the Top 10 security risks is covered in Chapters 16 and 17.

As an aspiring ethical hacker and penetration tester, it’s important to understand how to identify and perform security testing on each category within...

Deploying Metasploitable 2 as a vulnerable machine

When building a penetration testing lab, it’s important to include vulnerable systems that will act as our targets. These systems contain intentionally vulnerable services and applications, enabling us to practice and build our skills to better understand how to discover and exploit vulnerabilities. A very popular vulnerable machine is known as Metasploitable 2. This vulnerable machine contains a lot of security vulnerabilities that can be exploited and is good for learning about ethical hacking and penetration testing.

To get started setting up Metasploitable 2 within our lab environment, please use the following instructions:

Part 1 – deploying Metasploitable 2

The following steps will guide you to acquiring the Metasploitable 2 virtual machine and deploying it within Oracle VM VirtualBox Manager:

  1. Firstly, on your host computer, go to https://sourceforge.net/projects/metasploitable/files/Metasploitable2...

Building and deploying Metasploitable 3

In this section, you will learn how to build and deploy Metasploitable 3, both the Windows server and Linux server versions. The Windows server version will be using a dual-homed network connection to both the PentestNet network (172.30.1.0/24) and HiddenNet network (10.11.12.0/24). This setup will enable us to perform pivoting and lateral movement between different networks. Finally, the Linux server version will be connected to the HiddenNet network (10.11.12.0/24) only.

The following diagram shows the logical connections between systems and networks:

Figure 2.46: Low-level lab diagram

As shown in the preceding diagram, this topology goes more in depth on how the virtual machines are interconnected within our virtual lab environment. For instance, to access the Metasploitable 3 – Linux version, we will need to first compromise the Metasploitable 3 – Windows version via the PentestNet network, then pivot our attacks...

Summary

Having completed this chapter, you learned about the importance of building your very own penetration testing lab on your computer. You learned how to use hypervisors to virtualize the hardware resources on a system, which can then be shared with multiple operating systems that are running at the same time on the same system. In addition, you have gained the skills of setting up and deploying Kali Linux, multiple vulnerable systems, and web applications within a virtualized environment.

You established a foundational understanding of virtualization technology, gained practical experience in configuring a secure, isolated lab environment, and practiced hands-on skills in utilizing penetration testing tools within that environment.

I trust that the knowledge presented in this chapter has provided you with valuable insights, supporting your path toward becoming an ethical hacker and penetration tester in the dynamic field of cybersecurity. May this newfound understanding...

Further reading

Join our community on Discord

Join our community’s Discord space for discussions with the author and other readers:

https://packt.link/SecNet

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Learn to think like an adversary to strengthen your cyber defences
  • Execute sophisticated real-life penetration tests, uncovering vulnerabilities in enterprise networks that go beyond the surface level
  • Securely manipulate environments using Kali Linux, ensuring you're fully equipped to safeguard your systems against real-world threats

Description

Embark on an exciting journey into the world of Kali Linux – the central hub for advanced penetration testing. Honing your pentesting skills and exploiting vulnerabilities or conducting advanced penetration tests on wired and wireless enterprise networks, Kali Linux empowers cybersecurity professionals. In its latest third edition, this book goes further to guide you on how to setup your labs and explains breaches using enterprise networks. This book is designed for newcomers and those curious about penetration testing, this guide is your fast track to learning pentesting with Kali Linux 2024.x. Think of this book as your stepping stone into real-world situations that guides you through lab setups and core penetration testing concepts. As you progress in the book you’ll explore the toolkit of vulnerability assessment tools in Kali Linux, where gathering information takes the spotlight. You'll learn how to find target systems, uncover device security issues, exploit network weaknesses, control operations, and even test web applications. The journey ends with understanding complex web application testing techniques, along with industry best practices. As you finish this captivating exploration of the Kali Linux book, you'll be ready to tackle advanced enterprise network testing – with newfound skills and confidence.

Who is this book for?

This pentesting book is for students, trainers, cybersecurity professionals, cyber enthusiasts, network security professionals, ethical hackers, penetration testers, and security engineers. If you do not have any prior knowledge and are looking to become an expert in penetration testing using the Kali Linux, then this book is for you.

What you will learn

  • Establish a firm foundation in ethical hacking
  • Install and configure Kali Linux 2024.1
  • Build a penetration testing lab environment and perform vulnerability assessments
  • Understand the various approaches a penetration tester can undertake for an assessment
  • Gathering information from Open Source Intelligence (OSINT) data sources
  • Use Nmap to discover security weakness on a target system on a network
  • Implement advanced wireless pentesting techniques
  • Become well-versed with exploiting vulnerable web applications
Estimated delivery fee Deliver to Latvia

Premium delivery 7 - 10 business days

€25.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Apr 30, 2024
Length: 828 pages
Edition : 3rd
Language : English
ISBN-13 : 9781835085806
Category :
Concepts :
Tools :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
Estimated delivery fee Deliver to Latvia

Premium delivery 7 - 10 business days

€25.95
(Includes tracking information)

Product Details

Publication date : Apr 30, 2024
Length: 828 pages
Edition : 3rd
Language : English
ISBN-13 : 9781835085806
Category :
Concepts :
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 120.97
The Ultimate Kali Linux Book
€41.99
Cybersecurity Architect's Handbook
€44.99
Mastering PowerShell Scripting
€33.99
Total 120.97 Stars icon

Table of Contents

19 Chapters
Introduction to Ethical Hacking Chevron down icon Chevron up icon
Building a Penetration Testing Lab Chevron down icon Chevron up icon
Setting Up for Advanced Penetration Testing Techniques Chevron down icon Chevron up icon
Passive Reconnaissance Chevron down icon Chevron up icon
Exploring Open-Source Intelligence Chevron down icon Chevron up icon
Active Reconnaissance Chevron down icon Chevron up icon
Performing Vulnerability Assessments Chevron down icon Chevron up icon
Understanding Network Penetration Testing Chevron down icon Chevron up icon
Performing Network Penetration Testing Chevron down icon Chevron up icon
Post-Exploitation Techniques Chevron down icon Chevron up icon
Delving into Command and Control Tactics Chevron down icon Chevron up icon
Working with Active Directory Attacks Chevron down icon Chevron up icon
Advanced Active Directory Attacks Chevron down icon Chevron up icon
Advanced Wireless Penetration Testing Chevron down icon Chevron up icon
Social Engineering Attacks Chevron down icon Chevron up icon
Understanding Website Application Security Chevron down icon Chevron up icon
Advanced Website Penetration Testing Chevron down icon Chevron up icon
Best Practices for the Real World Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(27 Ratings)
5 star 92.6%
4 star 3.7%
3 star 0%
2 star 0%
1 star 3.7%
Filter icon Filter
Top Reviews

Filter reviews by




Dwayne Natwick May 03, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This is a comprehensive guide to setting up ethical hacking environments leveraging the Kali Linux build. The Kali Linux build provides a variety of tools that can be used by the “Red Teamers” to identify vulnerabilities within an infrastructure, whether on-premises, cloud, or hybrid. This book guides the reader through setting up lab environments that can be used to test and identify potential threats before they are leveraged by attackers. Whether you are a beginner or an experienced cybersecurity professional, you will benefit from having a copy of this book.
Amazon Verified review Amazon
David Meece "Cybertech Dave" Jul 25, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is written well and very beginner friendly. The way the author explains the technical concepts is perfect for newcomers with less experience. I would highly recommend this book to students or more seasoned cybersecurity professionals in the field.
Amazon Verified review Amazon
blkhedrulz Sep 22, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Just be aware that all examples in the book are based on using a Windows virtual machine to run Kali and set up a virtual testing network. So if you are like me and avoid Windows like the plague be prepared to buy a cheap mini PC running Windows to be able to work through the examples verbatim, or to spend some time figuring out how to adapt what he is doing to another system. Overall and awesome book.
Amazon Verified review Amazon
Raymond Jul 20, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The Ultimate Kali Linux Book - Third Edition: Harness Nmap, Metasploit, Aircrack-ng, and Empire for cutting-edge pentesting 3rd ed. Edition by Glen D Singh is a comprehensive guide to ethical hacking and penetration testing with Kali Linux. I originally purchased the Audible edition to study for thne Comptia Pentest + exam as adjunct material to Comptia study guides. The audio helped to reinforce topics for study. This prompted me to order a kindle copy and I read through for further reinforcement of command and concepts. The book is excellent for those new to advanced in Kali Linux. The author uses real-world scenarios to explain and explore penetration testing concepts. This is done by a step by step of setting up a pentest lab using virtual machines.Exercises focus on reconnaissance, Open-source intelligence gathering, asset and network discovery techniques and how to use/commands for tools in Kali Linux which can target systems, perform vulnerability assessments, perform social engineering attacks, identify security flaws on devices, exploit security weaknesses to gain access, persistence, command and control and data extraction. Compromise of Active Directory and enterprise network exploitation and red teaming is covered on wired and wireless networks as well as explanation of how to exploit vulnerable web applications.Tools covered include Nmap, Metasploit, Aircrack-ng, the Harvester, SET Toolkit and many other Kali Tools and Applications. I highly recommend this for learning, reinforcing for Pentest exams and as a shelf reference guide.The authors' concise, well elaborated and easy to follow explanations make this a comfortable read. After reading this and using it as study , I would happily purchase the authors' future books as he is clearly accomplished as an instructor and author.
Amazon Verified review Amazon
zs Oct 26, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Super!
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela