What this book covers

Chapter 1, Sharpening the Saw, teaches you the several ways of setting up Kali to perform different tasks. This chapter introduces you to the setup that works best, the documentation tools that we use to make sure that the results of the tests are prepared and presented right, and the details of Linux services you need to use these tools. Most books about Kali set the chapters in the order of the submenus in the Kali Security desktop. We have put all the setup at the beginning to reduce confusion for the first-time Kali users and because some things, such as the documentation tools, must be understood before you start using the other tools. The reason why the title of this chapter is "Sharpening the Saw" is that the skilled craftsman spends a bit more time preparing the tools so the job goes faster.

Chapter 2, Information Gathering and ulnerability Assessment, explains how understanding the network can make a hacker's life a lot easier. You need to be able to find your way around your target network and determine known vulnerabilities to be able to exploit a Windows system remotely. As time goes by, you will discover that you have memorized many of the most effective Windows exploits, but vulnerability assessment is a moving target. You will need to keep bringing on new exploits as time goes by.

Chapter 3, Exploitation Tools (Pwnage), demonstrates how once you have done your due diligence investigating the network and uncovering several vulnerabilities, it's time to prove that the vulnerabilities you have found are real and exploitable. You will learn to use tools to exploit several common Windows vulnerabilities and guidelines to create and implement new exploits for upcoming Windows vulnerabilities.

Chapter 4, Web Application Exploitation, tells you that at least 25% of the web servers on the Internet are Windows based, and a much larger group of intranet servers are Windows machines. Web access exploits may be some of the easiest to perform, and here you will find the tools you need to compromise web services (a subset of exploitation tools).

Chapter 5, Sniffing and Spoofing, explains how network sniffing helps you understand which users are using services you can exploit and IP spoofing can be used to poison a system's DNS cache so that all their traffic is sent to a man in the middle (your designated host, for instance) as well as being an integral part of most e-mail phishing schemes. Sniffing and spoofing are often used against the Windows endpoints in the network, and you need to understand the techniques that the bad guys are going to be using.

Chapter 6, Password Attacks, warns you that your Windows security is only as strong as the weakest link in the chain. Passwords are often that weak link. Password attacks can be used in concert with other approaches to break into and own a Windows network.

Chapter 7, Windows Privilege Escalation, asks the question of what happens if you have some access at a lower level but want to have administrative privileges on your compromised Windows server. There are a few cool ways to get administrative privileges on a Windows server or workstation when you have some lower-level access. This is a great advantage when you want to install backdoors and malware services on a target Windows machine.

Chapter 8, Maintaining Access, explores the possibility of how once you have cracked a machine or a network, you may want to maintain access to it. This chapter covers some devious ways of maintaining access and control of a Windows machine after you have gained access through the techniques you learned in the previous chapters.

Chapter 9, Reverse Engineering and Stress Testing, is about voiding your warranty for fun and profit. There are many respectable reasons to reverse engineer a Windows component, service, or program, and Kali has tools to help you do that. This chapter also covers stress testing your Windows server or application. This is a great idea if you want to discover how much DDoS will turn your server belly-up. This chapter is the beginning of how to develop an anti-fragile, self-healing Windows network.

Chapter 10, Forensics, explains how forensic research is required to help you understand how one of your Windows devices was compromised. This chapter introduces you to Kali Linux forensic tools. Forensic research could be employed to deal with a damaged hardware component or to find or recover corrupted applications or data files.