Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Cart
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Penetration Testing with Kali NetHunter

You're reading from  Hands-On Penetration Testing with Kali NetHunter

Product type Book
Published in Feb 2019
Publisher
ISBN-13 9781788995177
Pages 302 pages
Edition 1st Edition
Languages
Concepts
Authors (2):
Glen D. Singh Glen D. Singh
Profile icon Glen D. Singh
LinkedIn
Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.
Read more
See other products by Glen D. Singh
Sean-Philip Oriyano Sean-Philip Oriyano
Profile icon Sean-Philip Oriyano
LinkedIn
Sean-Philip Oriyano is a long-time security professional. Over the past 25 years, he has divided his time between performing security research, consulting, and delivering training in the fields of both general IT and cyber security. He is also a best-selling author with many years' experience in both digital and print media. Sean has published several books over the past decade and has expanded his reach further by appearing on TV and radio shows. Additionally, Sean is a chief warrant officer (CWO) and unit commander specializing in cyber security training, development, and strategy. As a CWO, he is recognized as an SME in his field and is frequently called upon to provide expertise, training, and mentoring wherever needed.
Read more
See other products by Sean-Philip Oriyano
View More author details
Toc

Table of Contents (19) Chapters close

Title Page
Copyright and Credits
About Packt
Contributors
Preface
1. Introduction to Kali NetHunter 2. Understanding the Phases of the Pentesting Process 3. Intelligence-Gathering Tools 4. Scanning and Enumeration Tools 5. Penetrating the Target 6. Clearing Tracks and Removing Evidence from a Target 7. Packet Sniffing and Traffic Analysis 8. Targeting Wireless Devices and Networks 9. Avoiding Detection 10. Hardening Techniques and Countermeasures 11. Building a Lab 12. Selecting a Kali Device and Hardware 1. Other Books You May Enjoy Index

Index

A

  • access control lists (ACLs) / Hardening networking devices
  • access point (AP) / What is Kali NetHunter?, Aircrack-ng
  • ACK flags / XMAS scans
  • ACK scan / ACK scans
  • active sniffing / Active sniffing
  • active techniques, password-cracking
    • about / Active techniques
    • Ncrack / Working with Ncrack
    • offline attacks / Offline attacks
    • rainbow tables / Rainbow tables
  • activist / Hacktivist
  • Address Resolution Protocol (ARP) / The MITM framework, Man-in-the-Middle
  • Advanced Encryption Standard (AES) / Wi-Fi Protected Access 2
  • advanced persistent threats (APTs) / Penetration testing
  • Advanced RISC Machines (ARM) / Small computers
  • Aircrack-ng / The MANA Wireless Toolkit, Aircrack-ng
  • aircrack-ng
    • about / Aircrack-ng
    • reference / Wireless attacks
  • airmon-ng
    • about / Aircrack-ng
    • wireless networks, observing / Observing wireless networks using airmon-ng
  • airmon-ng tool / Aircrack-ng
  • Android-based devices / What is Kali NetHunter?
  • Android architecture
    • about / The Android architecture
    • application layer / The Application layer
    • application framework layer / The Application Framework Layer
    • Android libraries / Android Libraries
    • Android runtime / Android Runtime
    • kernel / Kernel
  • Android Device Manager / Android Device Manager
  • Android libraries / Android Libraries
    • about / Android Libraries
    • media framework / Android Libraries
    • SQLite / Android Libraries
    • WebKit / Android Libraries
  • Android platform / The Android platform and security model
  • Android runtime / Android Runtime
  • Android security model
    • about / The Android platform and security model, The Android security model
    • Android Device Manager / Android Device Manager
    • SafetyNet / SafetyNet
    • applications, verifying / Verify applications
    • application service / Application services
    • Android updates / Android updates
    • Google Play Store / The Google Play Store
    • Google Play Protect / Google Play Protect
  • Android Studio
    • URL / Installing NetHunter
  • Android updates / Android updates
  • anonymous / Hacktivist
  • application framework layer / The Application Framework Layer
  • application framework layer, components
    • package manager / The Application Framework Layer
    • activity manager / The Application Framework Layer
    • content provider / The Application Framework Layer
    • telephony manager / The Application Framework Layer
    • location manager / The Application Framework Layer
    • resource manager / The Application Framework Layer
    • notification manager / The Application Framework Layer
    • Java API framework / The Application Framework Layer
  • application layer / The Application layer
  • Application Programming Interface (API) / Using Shodan
  • applications
    • executing, remotely / Executing applications
    • executing, on target / Executing applications on the target
  • application service / Application services
  • arpspoof
    • using / Arpspoof
  • attack phase / The attack phase

B

  • backdoor
    • planting, with Netcat / Exercise – planting a backdoor with Netcat
  • backdoors / Executing applications
  • Backtrack / What is Kali NetHunter?
  • Backtrack 5
    • about / What is Kali NetHunter?
    • Metasploit / What is Kali NetHunter?
    • SAINT / What is Kali NetHunter?
    • Maltego / What is Kali NetHunter?
  • Bacon Root Toolkit
    • reference link / Installing NetHunter
  • BadUSB MITM attacks / BadUSB MITM attacks
  • banner grabbing
    • about / Banner grabbing
    • Telnet, used / Exercise using Telnet to banner-grab
    • Nmap, used / Exercise – using nmap to banner-grab
  • Basic Server Set (BSS) / Basic Service Set
  • black box testing / Types of penetration tests
  • black hat hacker / Black hat
  • bluebugging / Bluetooth hacking
  • bluejacking / Bluetooth hacking
  • bluesnarfing / Bluetooth hacking
  • bluesniffing / Bluetooth hacking
  • blue team
    • versus red team / Blue teaming vs red teaming vs purple team
    • versus purple team / Blue teaming vs red teaming vs purple team
    • about / Blue team
  • Bluetooth attacks / Bluetooth hacking
  • Bluetooth hacking / Bluetooth hacking
  • Bridge mode / Step 3 – setting up Metasploitable
  • bring-your-own-device (BYOD) / What is Kali NetHunter?
  • Buck-security
    • reference link / Security scanner for Linux
  • BusyBox application / Installing NetHunter

C

  • Client system security
    • about / Client system security
    • Windows baseline / The Windows baseline
    • Windows registry / The Windows registry
    • user accounts / User accounts
    • patch management / Patch management
    • Windows Firewall / Windows Firewall
    • services, disabling / Disabling services
    • Linux baseline / The Linux baseline
  • command prompt
    • used, for clearing logs in Windows / Using the command prompt to clear logs in Windows
  • computer wiz(ard) / The need for penetration testing
  • concerning passwords / Concerning passwords
  • cybersecurity / Clearing tracks

D

  • database logs / Database logs
  • de-authentication attack / Wireless threats
  • de-authentication attacks / Exercise – de-authentication attacks
  • decoys / Decoys
  • deliverables / Deliverables
  • DHCP server logs / DHCP server logs
  • digital versatile disk (DVD) / Small computers
  • DNS
    • enumerating / Enumerating DNS
  • dnsenum
    • about / Using dnsenum, Exercise – working with dnsenum
    • working with / Exercise – working with dnsenum
  • DNSenum / Enumerating DNS
  • DNSMAP
    • using / Using DNSMAP
  • Dsniff / Dsniff, Dsniff
  • DuckHunter HID / DuckHunter HID
  • Dynamic ARP Inspection (DAI) / MAC spoofing
  • Dynamic Trunking Protocol (DTP) / Hardening networking devices

E

  • Echosec
    • about / Using Echosec
    • using / Using Echosec
    • working with / Exercise – working with Echosec
  • event logs / Event logs
  • evil twin / Wireless threats
  • Exploit-DB
    • URL / Searchsploit
  • Exploit Database by Offensive Security
    • URL / The attack phase
  • EXPN mode / Exercise – working with smtp-user-enum
  • Extended Service Set (ESS) / Extended Service Set
  • external components
    • about / External components
    • wireless adapters / Wireless adapters
    • on-the-go (OTG) cable / OTG cables

F

  • Fierce / Using DNSMAP
  • FIN flags / XMAS scans
  • FIN scan / FIN scans
  • fragmentation / Fragmentation
  • frameworks / Working with Recon-Ng
  • Full Driver Installation Guide / Installing NetHunter
  • Full Open scan / Full Open/TCP connect scans

G

  • Gem PDA
    • about / Gem PDA
    • reference link / Gem PDA
  • Global Positioning System (GPS) / The Application Framework Layer
  • Google Find My Device / Android Device Manager
  • Google Hacking
    • about / Google Hacking
    • search engine / Exercise – what's the Right Search Engine
  • Google Hacking Database (GHDB) / Exercise – what's the Right Search Engine
  • Google Play Protect / Google Play Protect
  • Google Play Store / The Google Play Store
  • graphical user interface (GUI) / Script kiddie
  • grey box testing / Types of penetration tests
  • grey hat hacker / Grey hat

H

  • hacker / The need for penetration testing
  • hacker, types
    • about / Types of hackers
    • white hat hacker / White hat
    • grey hat hacker / Grey hat
    • black hat hacker / Black hat
    • script kiddie / Script kiddie
    • suicide hacker / Suicide hacker
    • hacktivist / Hacktivist
    • state-sponsored hacker / State-sponsored hacker
  • HackRF device / Software defined radio
  • hacktivist / Hacktivist
  • Hak5
    • URL / DuckHunter HID
    • reference / The need for sniffing traffic
  • hard disk drive (HDD) / Small computers
  • hardware-based sniffer / The need for sniffing traffic
  • hashcat
    • passwords, recovering / Exercise – recovering passwords with hashcat
  • hives / The Windows registry
  • host
    • determining / Determining whether a host is up or down
    • working, with ping / Exercise – working with ping
  • Host-only Adapter settings / Step 3 – setting up Metasploitable
  • HTTrack
    • using / Using HTTrack, Exercise – using HTTrack
    • about / Using HTTrack
  • Human Interface Device (HID) attack / HID attacks
  • hypervisor
    • about / Hypervisor
    • type 1 hypervisor / Type 1
    • type 2 hypervisor / Type 2

I

  • idle scans / Idle scans
  • Independent Basic Service Set (IBSS) / Independent Basic Service Set
  • Information Technology and Communication (ICT) / Blue team
  • initialization vectors (IVs) / Wi-Fi Protected Access
  • input/output (I/O) / Hypervisor
  • Institute for Electrical and Electronic Engineers (IEEE) / Wireless standards
  • Institute for Security and Open Methodologies (ISECOM) / Open Source Security Testing Methodology Manual
  • intelligence gathering
    • objectives / Objectives of intelligence gathering
    • white box / Objectives of intelligence gathering
    • grey box / Objectives of intelligence gathering
    • black box / Objectives of intelligence gathering
    • about / Information for the taking
    • types / Types of information available
    • network information / Network information
    • organization data / Organizational data
    • Open Source Intelligence (OSINT) / Organizational data
    • tools / Tools for gathering useful information
    • Shodan, used / Using Shodan
    • Metagoofil, used / Using Metagoofil
    • Parsero, used / Using Parsero
    • wget, used / Using wget
    • HTTrack, used / Using HTTrack
    • Google Hacking / Google Hacking
    • location / Location
    • social networking / Social networking
    • Echosec, used / Using Echosec
  • Internet Information Server (IIS) / Web server logs
  • Internet of Things (IoT) / Using Shodan
  • intrusion-prevention system (IPS) / Fragmentation
  • IP fragmentation ID / Idle scans

K

  • Kali ARM
    • reference link / ODROID U2
  • Kali Linux / What is Kali NetHunter?
  • Kali NetHunter
    • about / What is Kali NetHunter?
    • tools / Tools within Kali NetHunter
    • MAC changer / MAC Changer
    • man-in-the-middle (MITM) framework / The MITM framework
    • Human Interface Device (HID) attack / HID attacks
    • DuckHunter HID / DuckHunter HID
    • BadUSB MITM attacks / BadUSB MITM attacks
    • MANA Wireless Toolkit / The MANA Wireless Toolkit
    • Software Defined Radio (SDR) / Software defined radio
    • Network Mapper (NMap) / Network Mapper
    • Metasploit Payload Generator / The Metasploit Payload Generator
    • searchsploit / Searchsploit
    • installing / Installing NetHunter
    • building, for specific device / Building Kali NetHunter for a specific device (optional)
  • Kali NetHunter, devices
    • reference link / Installing NetHunter
  • Kali NetHunter, official release
    • URL, for downloading / Installing NetHunter
  • Kali NetHunter, ROMs
    • reference link / Installing NetHunter
  • kernel / Kernel
  • keyloggers / Executing applications
  • keystroke-injection / DuckHunter HID
  • king of network scanners / Network Mapper
  • Kismet / Kismet

L

  • Linux
    • logs, clearing in / Clearing logs in Linux
  • Linux baseline
    • about / The Linux baseline
    • security scanner / Security scanner for Linux
    • services, disabling / Disabling services in Linux
  • logs
    • types / Types of logs and their locations
    • locations / Types of logs and their locations
    • DHCP server logs / DHCP server logs
    • syslog messages / Syslog messages
    • packet analysis / Packet analysis
    • web server logs / Web server logs
    • database logs / Database logs
    • event logs / Event logs
    • clearing, on Windows / Clearing logs on Windows
    • clearing, in Linux / Clearing logs in Linux
  • logs, Windows
    • clearing, PowerShell used / Using PowerShell to clear logs in Windows
    • clearing, command prompt used / Using the command prompt to clear logs in Windows
    • clearing, Meterpreter used / Clearing logs in Linux
  • Lynis
    • reference link / Security scanner for Linux

M

  • MAC changer / MAC Changer
  • MAC spoofing / MAC spoofing
  • Man-in-the-Middle (MITM) attack / Man-in-the-Middle
  • man-in-the-middle (MITM) attack / BadUSB MITM attacks, Active sniffing
  • man-in-the-middle (MITM) framework / The MITM framework
  • MANA Wireless Toolkit
    • about / The MANA Wireless Toolkit
    • Basic Service Set Identifier (BSSID) / The MANA Wireless Toolkit
    • Service Set Identifier (SSID) / The MANA Wireless Toolkit
    • channel / The MANA Wireless Toolkit
  • media access control (MAC) / DHCP server logs, Arpspoof, Wi-Fi Protected Access
  • metadata / Using Metagoofil
  • Metagoofil
    • using / Using Metagoofil
    • about / Using Metagoofil
    • used, to collect information / Exercise using Metagoofil to collect information
    • Nikto, used / Using Nikto
    • robots.txt / What is robots.txt?
  • Metasploit
    • URL / The attack phase, Vulnerable systems
  • Metasploitable 2
    • reference link / Step 2 – obtaining vulnerable systems
  • Metasploit Framework (MSF) / The Metasploit Payload Generator
  • Metasploit Payload Generator / The Metasploit Payload Generator, Metasploit Payload Generator
  • Metasploit Payload Generator, payloads
    • reverse or bind / The Metasploit Payload Generator
    • staged or stageless / The Metasploit Payload Generator
  • Meterpreter
    • used, for clearing Windows logs / Clearing logs in Linux
  • methodology / Penetration testing methodologies and frameworks
  • Microsoft Baseline Security Analyzer (MBSA)
    • about / The Windows baseline
    • reference link / The Windows baseline
  • MITM framework / The MITM framework
  • mobile devices
    • hardening / Hardening mobile devices
  • mobile hardware / Mobile hardware
  • msfvenom payload-generator / The Metasploit Payload Generator

N

  • Ncrack
    • about / Working with Ncrack
    • working with / Exercise – working with Ncrack
  • Netcat
    • about / Exercise – planting a backdoor with Netcat
    • backdoor, planting / Exercise – planting a backdoor with Netcat
  • NetHunter
    • enumeration / Enumeration with NetHunter
  • networking devices
    • hardening / Hardening networking devices
  • network interface card (NIC) / MAC Changer, Aircrack-ng
  • Network Mapper (NMap)
    • about / Network Mapper
    • using / Using Nmap
    • Ping Sweep, performing / Exercise – Performing a Ping Sweep with Nmap
  • Nexus 4 smartphones / Installing NetHunter
  • Nexus 5 smartphones / Installing NetHunter
  • Nexus 7 tablets / Installing NetHunter
  • Nexus 10 tablets / Installing NetHunter
  • Nexus Root Toolkit
    • URL / Installing NetHunter
  • Nikto
    • about / Using Nikto
    • using / Using Nikto
    • working with / Exercise – working with Nikto
  • Nslookup / nslookup
  • Null scan / NULL scans

O

  • ODROID U2 / ODROID U2
  • Offensive Security
    • URL / What is Kali NetHunter?, Mobile hardware
  • offline attacks / Offline attacks
  • on-the-go (OTG) cable / HID attacks, OTG cables
  • Open Source Security Testing Methodology Manual (OSSTMM) / Penetration testing methodologies and frameworks, Open Source Security Testing Methodology Manual
  • Open Web Application Security Project (OWASP) / OWASP testing framework
  • operating system (OS) / Hypervisor
  • operators / Exercise – what's the Right Search Engine
  • optional hardware / Additional optional hardware
  • organizational information / Organizational data
  • organization data / Organizational data
  • other common viruses
    • about / Other common viruses
    • Trojans / Other common viruses
    • Spyware / Other common viruses
    • Rootkits / Other common viruses
  • over-the-air (OTA) / Android updates, Hardening mobile devices
  • OWASP Broken Web Applications
    • reference link / Step 2 – obtaining vulnerable systems
  • OWASP testing framework
    • reference link / OWASP testing framework
    • about / OWASP testing framework
    • phases / OWASP testing framework
    • OWASP testing framework / OWASP testing framework
  • OWASP Top 10 / OWASP testing framework
  • OWASP Top 10 – 2017 / OWASP testing framework

P

  • packet-sniffing, techniques
    • about / Types of packet-sniffing techniques
    • active sniffing / Active sniffing
    • passive sniffing / Passive sniffing
  • packet analysis
    • about / Packet analysis
    • tools / Packet analysis techniques
  • packet sniffing
    • need for / The need for sniffing traffic
    • tools / Tools and techniques of packet sniffing
  • Parsero
    • using / Using Parsero
    • about / Using Parsero
    • working with / Exercise – working with Parsero
  • passive sniffing / Passive sniffing
  • passive techniques, password-cracking
    • about / Passive techniques
    • Man-in-the-Middle (MITM) / Man-in-the-Middle
    • SSL strip / Exercise – working with SSL strip
  • password-cracking
    • about / Concerning passwords
    • approach, selecting / Choosing an approach to cracking
    • passive techniques / Choosing an approach to cracking, Passive techniques
    • direct techniques / Choosing an approach to cracking
    • active techniques / Active techniques
  • passwords
    • recovering, with hashcat / Exercise – recovering passwords with hashcat
  • patch management / Patch management
  • Paterva
    • URL / What is Kali NetHunter?
  • Payment Card Industry Data Security Standard (PCI DSS) / PCI penetration testing guide
  • penetration testing
    • need for / The need for penetration testing
    • hacker, types / Types of hackers
    • about / Penetration testing
    • blue team, versus red team / Blue teaming vs red teaming vs purple team
    • red team, versus blue team / Blue teaming vs red teaming vs purple team
    • purple team, versus blue team / Blue teaming vs red teaming vs purple team
    • types / Types of penetration tests
    • phases / Phases of penetration testing
    • reconnaissance phase / Reconnaissance
    • scanning phase / Scanning
    • gaining access / Gaining access
    • maintaining access / Maintaining access
    • clearing tracks / Clearing tracks
  • penetration testing, phases
    • about / Phases of penetration testing
    • pre-attack phase / The pre-attack phase
    • attack phase / The attack phase
    • post-attack phase / The post-attack phase
  • Penetration Testing Execution Standard (PTES)
    • about / Penetration Testing Execution Standard
    • reference link / Penetration Testing Execution Standard
  • penetration testing frameworks
    • about / Penetration testing methodologies and frameworks
    • OWASP testing framework / OWASP testing framework
  • penetration testing lab
    • setting up / Setting up the lab
    • hypervisor, installing / Step 1 – installing the hypervisor
    • vulnerable systems, obtaining / Step 2 – obtaining vulnerable systems
    • Metasploitable, setting up / Step 3 – setting up Metasploitable
    • OWASP broken web applications project, setting up / Step 4 – setting up the OWASP broken web applications project
  • penetration testing methodologies
    • about / Penetration testing methodologies and frameworks
    • PCI penetration testing guide / PCI penetration testing guide
    • Penetration Testing Execution Standard (PTES) / Penetration Testing Execution Standard
    • Open Source Security Testing Methodology Manual (OSSTMM) / Open Source Security Testing Methodology Manual
  • personal digital assistant (PDA) / Gem PDA
  • Personal Identifiable Information (PII) / PCI penetration testing guide
  • port scanning / Port scanning
  • post-attack phase / The post-attack phase
  • PowerShell
    • used, for clearing logs in Windows / Using PowerShell to clear logs in Windows
  • pre-attack phase / The pre-attack phase
  • privileges
    • escalating / Escalating privileges
  • Process Monitor / The Windows registry
  • purple team
    • versus blue team / Blue teaming vs red teaming vs purple team
    • versus red team / Blue teaming vs red teaming vs purple team
    • about / Purple team

R

  • rainbow tables
    • about / Rainbow tables
    • creating / Exercise – creating the rainbow table
  • Rapid7
    • references / Clearing logs in Linux
  • Raspberry Pi / Raspberry Pi 2 and 3
  • Raspberry Pi 2 / Raspberry Pi 2 and 3
  • Raspberry Pi 3 / Raspberry Pi 2 and 3
  • RCPT mode / Exercise – working with smtp-user-enum
  • Recon-Ng
    • working with / Working with Recon-Ng
    • about / Working with Recon-Ng
  • reconnaissance phase / Reconnaissance
  • red team
    • versus blue team / Blue teaming vs red teaming vs purple team
    • versus purple team / Blue teaming vs red teaming vs purple team
    • about / Red team
  • Remote Access Trojans (RATs) / Maintaining access, Other common viruses
  • reverse DNS lookup
    • about / Reverse DNS Lookups
    • NS record, looking up / Looking up an NS record
    • MX record, querying / Querying an MX record
    • SOA record, querying / Querying an SOA record
    • DNS, querying / Querying another DNS
  • robots.txt / What is robots.txt?
  • rogue access point / Wireless threats
  • rooting / Hardening mobile devices
  • RST flags / XMAS scans
  • rtgen
    • working with / Exercise – working with rtgen

S

  • SafetyNet / SafetyNet
  • SAINT Corporation
    • URL / What is Kali NetHunter?
  • scanning
    • about / Scanning, Conducting a scan, Scanning
    • conducting / Conducting a scan
    • results, troubleshooting / Troubleshooting scanning results
    • stealth scan / Stealth scanning
    • stealth scanning / Stealth scanning
    • decoys / Decoys
    • idle scans / Idle scans
  • scanning phase / Scanning
  • search engine
    • Allinurl network cameras / Exercise – what's the Right Search Engine
    • Allintitle virus description / Exercise – what's the Right Search Engine
    • Filetype / Exercise – what's the Right Search Engine
    • Allinurl / Exercise – what's the Right Search Engine
  • searchsploit / Searchsploit
  • security threats
    • about / Security threats and countermeasures
    • countermeasures, implementing / Security threats and countermeasures
    • viruses / Viruses
    • other common viruses / Other common viruses
  • Server Message Block (SMB)
    • about / Working with SMB
    • working with / Working with SMB
    • enum4linux, used / Exercise – using enum4linux
    • acccheck, used / Exercise – using acccheck
    • SMBmap, used / Exercise – using SMBmap
  • services
    • disabling / Disabling services
  • Service Set Identifier (SSID) / Service Set Identifier
  • Shodan
    • using / Using Shodan
    • about / Using Shodan
    • filters, working with / Working with filters
  • small computers / Small computers
  • SMTP
    • about / Enumerating SMTP
    • enumerating / Enumerating SMTP
    • NMAP, used to enumerate / Exercise – using NMAP to enumerate
    • smtp-user-enum, working with / Exercise – working with smtp-user-enum
  • sniffing / Passive techniques
  • Software Defined Radio (SDR) / Software defined radio
  • SSL / Man-in-the-Middle
  • SSL strip
    • about / Man-in-the-Middle
    • working with / Exercise – working with SSL strip
  • Start Of Authority (SOA) / Querying an SOA record
  • state-sponsored hacker / State-sponsored hacker
  • stealth scan / Stealth scans, Stealth scanning
  • stealth scanning / Stealth scanning
  • suicide hacker / Suicide hacker
  • SuperSU / Installing NetHunter
  • SYN flags / XMAS scans
  • Sysinternals
    • reference link / The Windows registry
  • syslog messages / Syslog messages

T

  • TCP connect scan / Full Open/TCP connect scans
  • tcpdump tool / Tcpdump, Tcpdump, Exercise – detecting a de-authentication attack
  • TCP three-way handshake / Stealth scanning
  • Team Win Recovery Project (TWRP) / Installing NetHunter
  • technical data
    • about / Going for technical data
    • WHOIS, used / Using WHOIS
    • Nslookup / nslookup
    • reverse DNS lookup / Reverse DNS Lookups
    • dnsenum, using / Using dnsenum
    • DNSMAP, using / Using DNSMAP
    • traceroute, used / Using traceroute
  • Teensy devices
    • URL / HID attacks
  • Temporal Key Integrity Protocol (TKIP) / Wi-Fi Protected Access
  • Time to Live (TTL) / Fragmentation
  • tools, packet analysis
    • Dsniff / Dsniff
    • TShark / Tshark
    • Urlsnark / Urlsnarf
    • tcpdump tool / Tcpdump
  • tools, packet sniffing
    • Aircrack-ng / Aircrack-ng
    • arpspoof / Arpspoof
    • Dsniff / Dsniff
    • Kismet / Kismet
    • tcpdump tool / Tcpdump
    • TShark / TShark
    • MITM framework / The MITM framework
  • traceroute
    • about / Using traceroute
    • using / Using traceroute
  • tracks
    • cracking / Clearing tracks
    • clearing / Clearing tracks
  • traffic
    • encrypting / Encrypting traffic
  • Transmission Control Protocol (TCP) / Port scanning
  • Transport Layer Security (TLS) / Man-in-the-Middle
  • TShark / TShark, Tshark
  • tuning / Tuning and tweaking
  • tweaking / Tuning and tweaking
  • TWRP Manager app / Installing NetHunter

U

  • UDP scanning / UDP scanning
  • URG flags / XMAS scans
  • Urlsnark / Urlsnarf
  • USB Rubber Ducky
    • reference link / DuckHunter HID
    • about / DuckHunter HID
  • user accounts / User accounts
  • User Datagram Protocol (UDP) / Port scanning

V

  • virtual machine (VM) / Step 3 – setting up Metasploitable
  • Virtual private network (VPN) / Network information
  • viruses / Viruses
  • VirusTotal
    • reference link / Encrypting traffic
  • VRFY (default) mode / Exercise – working with smtp-user-enum
  • vulnerable systems / Vulnerable systems

W

  • web server logs / Web server logs
  • WEP Encryption
    • cracking / Cracking WEP Encryption
  • wget
    • using / Using wget
    • working with / Exercise – working with wget
  • white box testing / Types of penetration tests
  • white hat hacker / White hat
  • WHOIS
    • using / Using WHOIS
    • exercise / Exercise – getting the most from WHOIS
  • Wi-Fi Protected Access (WPA) / Wi-Fi Protected Access
  • Wi-Fi Protected Access 2 / Wi-Fi Protected Access 2
  • Windows
    • logs, clearing on / Clearing logs on Windows
  • Windows Defender / Viruses
  • Windows Firewall / Windows Firewall
  • Windows registry / The Windows registry
  • Wired Equivalent Privacy (WEP) / Wired Equivalent Privacy
  • wireless adapters / Wireless adapters
  • wireless attacks
    • about / Wireless attacks
    • injection support, checking for wireless card / Exercise – checking whether a wireless card supports injection
    • access points, detecting / Exercise – detecting access points and their manufacturers
    • WPS version, discovering of access point / Exercise – discovering the WPS version of an access point
    • de-authentication attacks / Exercise – de-authentication attacks
    • specific client, de-authenticating / Exercise – de-authenticating a specific client
    • de-authentication attack, detecting / Exercise – detecting a de-authentication attack
    • hidden SSIDs, discovering / Exercise – discovering hidden SSIDs
    • WEP, cracking / Exercise – cracking WEP and WPA
    • WPA, cracking / Exercise – cracking WEP and WPA
  • wireless authentication modes / Wireless authentication modes
  • Wireless Encryption Standard
    • about / Wireless encryption standard
    • Wired Equivalent Privacy (WEP) / Wired Equivalent Privacy
    • Wi-Fi Protected Access (WPA) / Wi-Fi Protected Access
    • Wi-Fi Protected Access 2 / Wi-Fi Protected Access 2
  • wireless networks
    • observing, airmon-ng used / Observing wireless networks using airmon-ng
  • wireless network topologies
    • about / Wireless network topologies
    • Independent Basic Service Set (IBSS) / Independent Basic Service Set
    • Basic Server Set (BSS) / Basic Service Set
    • Extended Service Set (ESS) / Extended Service Set
  • wireless security standards, Wi-Fi Alliance
    • reference link / Wi-Fi Protected Access 2
  • wireless standards / Wireless standards
  • wireless threats
    • rogue access point / Wireless threats
    • evil twin / Wireless threats
    • AP and client MAC spoofing / Wireless threats
    • de-authentication attack / Wireless threats
  • worm / Viruses

X

  • XMAS scan / XMAS scans
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 1 of 1
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (2)

Left arrow icon
Profile icon Glen D. Singh
LinkedIn
Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.
Read more
See other products by Glen D. Singh
Profile icon Sean-Philip Oriyano
LinkedIn
Sean-Philip Oriyano is a long-time security professional. Over the past 25 years, he has divided his time between performing security research, consulting, and delivering training in the fields of both general IT and cyber security. He is also a best-selling author with many years' experience in both digital and print media. Sean has published several books over the past decade and has expanded his reach further by appearing on TV and radio shows. Additionally, Sean is a chief warrant officer (CWO) and unit commander specializing in cyber security training, development, and strategy. As a CWO, he is recognized as an SME in his field and is frequently called upon to provide expertise, training, and mentoring wherever needed.
Read more
See other products by Sean-Philip Oriyano
Right arrow icon

Other recommended products

Related to this chapter
Left arrow icon
Kali Linux Wireless Penetration Testing Beginner's Guide
Kali Linux Wireless Penetration Testing Beginner's Guide
Read more
Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.
Read more
Dec 2017 7 hours 0 minutes
Learn Kali Linux 2019
Learn Kali Linux 2019
Read more
The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.
Read more
Nov 2019 18 hours 20 minutes
Kali Linux 2018: Assuring Security by Penetration Testing
Kali Linux 2018: Assuring Security by Penetration Testing
Read more
This book is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques. It offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.
Read more
Oct 2018 17 hours 36 minutes
Kali Linux Wireless Penetration Testing Cookbook
Kali Linux Wireless Penetration Testing Cookbook
Read more
The security of wireless networks is more important than ever before due to widespread usage of WiFi networks. This book has recipes that will enable you to maximize the success of your wireless network testing using advanced ethical hacking features of Kali Linux.
Read more
Dec 2017 7 hours 12 minutes
Advanced Infrastructure Penetration Testing
Advanced Infrastructure Penetration Testing
Read more
This book is a hands-on experience and a comprehensive understanding of advanced penetration testing techniques and vulnerability assessment and management. It takes you far beyond common techniques to compromising complex network devices , modern operating systems and help you secure high security environments.
Read more
Feb 2018 13 hours 12 minutes
Python Penetration Testing Essentials
Python Penetration Testing Essentials
Read more
This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1.
Read more
May 2018 7 hours 40 minutes
Wireshark 2 Quick Start Guide
Wireshark 2 Quick Start Guide
Read more
Wireshark is a powerful tool for network analysis, a combination of Kali Linux and the Metasploit framework. Wireshark is used to analyze the amount of data that flows through a network - it lets you see what's going on in your network. This book takes you from the basics of the Wireshark environment to detecting and resolving network anomalies.
Read more
Jun 2018 5 hours 28 minutes
Kali Linux Network Scanning Cookbook
Kali Linux Network Scanning Cookbook
Read more
With the ever-increasing amount of data flowing in today’s world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.
Read more
May 2017 21 hours 8 minutes
Learn Penetration Testing
Learn Penetration Testing
Read more
A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.
Read more
May 2019 14 hours 8 minutes
Applied Network Security
Applied Network Security
Read more
Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.
Read more
Apr 2017 11 hours 40 minutes
Kali Linux - An Ethical Hacker's Cookbook
Kali Linux - An Ethical Hacker's Cookbook
Read more
With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2018.4/2019) as per your requirements and help you move on to core functionalities.
Read more
Mar 2019 15 hours 44 minutes
Kali Linux - An Ethical Hacker's Cookbook
Kali Linux - An Ethical Hacker's Cookbook
Read more
With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book will be packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) as per your requirements and move on to core functionalities.
Read more
Oct 2017 12 hours 32 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Attacking and Exploiting Modern Web Applications
Attacking and Exploiting Modern Web Applications
Read more
Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.
Read more
Aug 2023 11 hours 16 minutes
Automotive Cybersecurity Engineering Handbook
Automotive Cybersecurity Engineering Handbook
Read more
This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.
Read more
Oct 2023 13 hours 4 minutes
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
Read more
This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.
Read more
Aug 2023 16 hours 32 minutes
Cloud Penetration Testing for Red Teamers
Cloud Penetration Testing for Red Teamers
Read more
The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.
Read more
Nov 2023 9 hours 56 minutes
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
Read more
ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.
Read more
Sep 2023 10 hours 32 minutes
Burp Suite Cookbook
Burp Suite Cookbook
Read more
Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.
Read more
Oct 2023 15 hours 0 minutes
Building and Automating Penetration Testing Labs in the Cloud
Building and Automating Penetration Testing Labs in the Cloud
Read more
This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.
Read more
Oct 2023 18 hours 44 minutes
Ethical Hacking Workshop
Ethical Hacking Workshop
Read more
As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.
Read more
Oct 2023 7 hours 20 minutes
Windows Forensics Analyst Field Guide
Windows Forensics Analyst Field Guide
Read more
This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.
Read more
Oct 2023 10 hours 36 minutes
Implementing DevSecOps Practices
Implementing DevSecOps Practices
Read more
This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.
Read more
Dec 2023 8 hours 36 minutes
Right arrow icon