Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
The Ultimate Kali Linux Book

You're reading from   The Ultimate Kali Linux Book Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng, and Empire

Arrow left icon
Product type Paperback
Published in Feb 2022
Publisher Packt
ISBN-13 9781801818933
Length 742 pages
Edition 2nd Edition
Arrow right icon
Author (1):
Arrow left icon
Glen D. Singh Glen D. Singh
Author Profile Icon Glen D. Singh
Glen D. Singh
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Preface 1. Section 1: Getting Started with Penetration Testing
2. Chapter 1: Introduction to Ethical Hacking FREE CHAPTER 3. Chapter 2: Building a Penetration Testing Lab 4. Chapter 3: Setting Up for Advanced Hacking Techniques 5. Section 2: Reconnaissance and Network Penetration Testing
6. Chapter 4: Reconnaissance and Footprinting 7. Chapter 5: Exploring Active Information Gathering 8. Chapter 6: Performing Vulnerability Assessments 9. Chapter 7: Understanding Network Penetration Testing 10. Chapter 8: Performing Network Penetration Testing 11. Section 3: Red Teaming Techniques
12. Chapter 9: Advanced Network Penetration Testing — Post Exploitation 13. Chapter 10: Working with Active Directory Attacks 14. Chapter 11: Advanced Active Directory Attacks 15. Chapter 12: Delving into Command and Control Tactics 16. Chapter 13: Advanced Wireless Penetration Testing 17. Section 4: Social Engineering and Web Application Attacks
18. Chapter 14: Performing Client-Side Attacks – Social Engineering 19. Chapter 15: Understanding Website Application Security 20. Chapter 16: Advanced Website Penetration Testing 21. Chapter 17: Best Practices for the Real World 22. Other Books You May Enjoy

Understanding MITM and packet sniffing attacks

When connected on a network, whether it's wired or wireless, there are a lot of packets being sent back and forth between hosts. Some of these packets may contain sensitive and confidential information, such as usernames, passwords, password hashes, and documents, which are valuable to a penetration tester. While there are many secure network protocols that provide data encryption, there are many unsecure network protocols that transmit data in plaintext.

While networking technologies have evolved over time, this is not the case for many network protocols with the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. There are many applications and services that operate on a client-server model that sends sensitive data in plaintext, allowing a penetration tester to both intercept and capture such data. Capturing user credentials and password hashes will allow you to easily gain access to clients and servers...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image