Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
The Ultimate Kali Linux Book
The Ultimate Kali Linux Book

The Ultimate Kali Linux Book: Harness Nmap, Metasploit, Aircrack-ng, and Empire for cutting-edge pentesting , Third Edition

eBook
$9.99 $43.99
Paperback
$54.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

The Ultimate Kali Linux Book

Building a Penetration Testing Lab

As an aspiring ethical hacker and penetration tester, it’s important to ensure that you do not disrupt or cause any sort of harm or damage to another person’s systems or network infrastructure, such as that of your organization, when testing exploits and payloads or practicing your hacking skills. While there are many online tutorials, videos, and training materials you can read and view to gain knowledge, working in the field of penetration testing means continuously enhancing your offensive security skills. Many people can speak about hacking and explain the methodology quite clearly but don’t know how to perform an attack. When learning about penetration testing, it’s very important to understand the theory and how to use your skills to apply them to a simulated real-world cyberattack.

In this chapter, you will learn how to design and build a virtualized penetration testing lab environment on your personal computer...

Technical requirements

To follow along with the exercises in this chapter, please ensure that you have met the following hardware and software requirements:

We’ll be covering the process of setting up Kali Linux, Vagrant, the OWASP Juice Shop, and Metasploitable 2 and 3 in detail in the chapter.

Note

During the installation of Oracle VirtualBox, it’s important...

An overview of the lab setup and technologies used

Building a penetration testing lab enables you to create an environment that’s safe for you to practice and enhance your offensive security skills, scale the environment to add new vulnerable systems and remove older legacy systems that you may no longer need, and even create additional virtual networks to pivot your attacks from one network to another.

The concept of creating your very own virtualized penetration testing lab allows you to maximize the computing resources on your existing computer, without the need to purchase online lab time from various service providers or even buy additional computers and devices. Overall, you’ll be saving a lot of money as opposed to buying physical computers and networking equipment such as routers and switches.

As a cybersecurity lecturer and professional, I have noticed that many people who are starting their journeys in the field of information technology (IT) usually...

Setting up a hypervisor and virtual networks

There are many hypervisors from various vendors in the information technology industry. However, Oracle VM VirtualBox is a free and simple-to-use hypervisor that has all the essential features of commercial (paid) products. In this section, you will learn how to set up Oracle VM VirtualBox and create virtual networks on your computer.

Before getting started, the following are important factors and requirements:

  • Ensure the computer’s processor supports virtualization features, such as VT-x/AMD-V.
  • Ensure the virtualization feature is enabled on your processor via the Basic Input/Output System (BIOS) / Unified Extensible Firmware Interface (UEFI) firmware.

If you’re unsure how to access the BIOS/UEFI on your computer, please check the manual of the device or the vendor’s website for specific instructions.

Let’s get started!

Part 1 – setting up the hypervisor...

Setting up and working with Kali Linux

Kali Linux is one of the most popular Linux distributions within the cybersecurity industry as it contains over 300 pre-installed software packages that are designed for mostly offensive security assessments. Kali Linux is built on the Debian flavor of Linux and, being a free operating system, it has gained a lot of attention over the years by cybersecurity professionals in the industry. It has a lot of features and tools that make a penetration tester’s or security engineer’s job a bit easier when they’re working.

Ethical hackers and penetration testers commonly use Kali Linux to perform passive reconnaissance (covered in Chapters 4 and 5), scanning and enumeration (covered in Chapter 6), exploitation (covered in Chapter 8), and even post-exploitation techniques (covered in Chapters 10 and 11) on targeted systems and networks. While many folks usually think Kali Linux is designed only for offensive security professionals...

Setting up a vulnerable web application

Learning how to simulate real-world cyberattacks using Kali Linux would not be complete without understanding how to discover and exploit vulnerabilities within web applications. The OWASP is an organization that focuses on improving security through software, including web applications. The OWASP is known for its OWASP Top 10 list of most critical security risks within web applications. In Chapters 16 and 17, you will learn how to identify and exploit common vulnerabilities within web applications.

Note

At the time of writing this book, the latest version of the OWASP Top 10 was last updated in 2021. More information can be found at https://owasp.org/www-project-top-ten/. Further information on each of the Top 10 security risks is covered in Chapters 16 and 17.

As an aspiring ethical hacker and penetration tester, it’s important to understand how to identify and perform security testing on each category within...

Deploying Metasploitable 2 as a vulnerable machine

When building a penetration testing lab, it’s important to include vulnerable systems that will act as our targets. These systems contain intentionally vulnerable services and applications, enabling us to practice and build our skills to better understand how to discover and exploit vulnerabilities. A very popular vulnerable machine is known as Metasploitable 2. This vulnerable machine contains a lot of security vulnerabilities that can be exploited and is good for learning about ethical hacking and penetration testing.

To get started setting up Metasploitable 2 within our lab environment, please use the following instructions:

Part 1 – deploying Metasploitable 2

The following steps will guide you to acquiring the Metasploitable 2 virtual machine and deploying it within Oracle VM VirtualBox Manager:

  1. Firstly, on your host computer, go to https://sourceforge.net/projects/metasploitable/files/Metasploitable2...

Building and deploying Metasploitable 3

In this section, you will learn how to build and deploy Metasploitable 3, both the Windows server and Linux server versions. The Windows server version will be using a dual-homed network connection to both the PentestNet network (172.30.1.0/24) and HiddenNet network (10.11.12.0/24). This setup will enable us to perform pivoting and lateral movement between different networks. Finally, the Linux server version will be connected to the HiddenNet network (10.11.12.0/24) only.

The following diagram shows the logical connections between systems and networks:

Figure 2.46: Low-level lab diagram

As shown in the preceding diagram, this topology goes more in depth on how the virtual machines are interconnected within our virtual lab environment. For instance, to access the Metasploitable 3 – Linux version, we will need to first compromise the Metasploitable 3 – Windows version via the PentestNet network, then pivot our attacks...

Summary

Having completed this chapter, you learned about the importance of building your very own penetration testing lab on your computer. You learned how to use hypervisors to virtualize the hardware resources on a system, which can then be shared with multiple operating systems that are running at the same time on the same system. In addition, you have gained the skills of setting up and deploying Kali Linux, multiple vulnerable systems, and web applications within a virtualized environment.

You established a foundational understanding of virtualization technology, gained practical experience in configuring a secure, isolated lab environment, and practiced hands-on skills in utilizing penetration testing tools within that environment.

I trust that the knowledge presented in this chapter has provided you with valuable insights, supporting your path toward becoming an ethical hacker and penetration tester in the dynamic field of cybersecurity. May this newfound understanding...

Further reading

Join our community on Discord

Join our community’s Discord space for discussions with the author and other readers:

https://packt.link/SecNet

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Learn to think like an adversary to strengthen your cyber defences
  • Execute sophisticated real-life penetration tests, uncovering vulnerabilities in enterprise networks that go beyond the surface level
  • Securely manipulate environments using Kali Linux, ensuring you're fully equipped to safeguard your systems against real-world threats

Description

Embark on an exciting journey into the world of Kali Linux – the central hub for advanced penetration testing. Honing your pentesting skills and exploiting vulnerabilities or conducting advanced penetration tests on wired and wireless enterprise networks, Kali Linux empowers cybersecurity professionals. In its latest third edition, this book goes further to guide you on how to setup your labs and explains breaches using enterprise networks. This book is designed for newcomers and those curious about penetration testing, this guide is your fast track to learning pentesting with Kali Linux 2024.x. Think of this book as your stepping stone into real-world situations that guides you through lab setups and core penetration testing concepts. As you progress in the book you’ll explore the toolkit of vulnerability assessment tools in Kali Linux, where gathering information takes the spotlight. You'll learn how to find target systems, uncover device security issues, exploit network weaknesses, control operations, and even test web applications. The journey ends with understanding complex web application testing techniques, along with industry best practices. As you finish this captivating exploration of the Kali Linux book, you'll be ready to tackle advanced enterprise network testing – with newfound skills and confidence.

Who is this book for?

This pentesting book is for students, trainers, cybersecurity professionals, cyber enthusiasts, network security professionals, ethical hackers, penetration testers, and security engineers. If you do not have any prior knowledge and are looking to become an expert in penetration testing using the Kali Linux, then this book is for you.

What you will learn

  • Establish a firm foundation in ethical hacking
  • Install and configure Kali Linux 2024.1
  • Build a penetration testing lab environment and perform vulnerability assessments
  • Understand the various approaches a penetration tester can undertake for an assessment
  • Gathering information from Open Source Intelligence (OSINT) data sources
  • Use Nmap to discover security weakness on a target system on a network
  • Implement advanced wireless pentesting techniques
  • Become well-versed with exploiting vulnerable web applications

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Apr 30, 2024
Length: 828 pages
Edition : 3rd
Language : English
ISBN-13 : 9781835083680
Category :
Concepts :
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Apr 30, 2024
Length: 828 pages
Edition : 3rd
Language : English
ISBN-13 : 9781835083680
Category :
Concepts :
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 159.97
The Ultimate Kali Linux Book
$54.99
Cybersecurity Architect's Handbook
$59.99
Mastering PowerShell Scripting
$44.99
Total $ 159.97 Stars icon
Banner background image

Table of Contents

19 Chapters
Introduction to Ethical Hacking Chevron down icon Chevron up icon
Building a Penetration Testing Lab Chevron down icon Chevron up icon
Setting Up for Advanced Penetration Testing Techniques Chevron down icon Chevron up icon
Passive Reconnaissance Chevron down icon Chevron up icon
Exploring Open-Source Intelligence Chevron down icon Chevron up icon
Active Reconnaissance Chevron down icon Chevron up icon
Performing Vulnerability Assessments Chevron down icon Chevron up icon
Understanding Network Penetration Testing Chevron down icon Chevron up icon
Performing Network Penetration Testing Chevron down icon Chevron up icon
Post-Exploitation Techniques Chevron down icon Chevron up icon
Delving into Command and Control Tactics Chevron down icon Chevron up icon
Working with Active Directory Attacks Chevron down icon Chevron up icon
Advanced Active Directory Attacks Chevron down icon Chevron up icon
Advanced Wireless Penetration Testing Chevron down icon Chevron up icon
Social Engineering Attacks Chevron down icon Chevron up icon
Understanding Website Application Security Chevron down icon Chevron up icon
Advanced Website Penetration Testing Chevron down icon Chevron up icon
Best Practices for the Real World Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.8
(27 Ratings)
5 star 92.6%
4 star 3.7%
3 star 0%
2 star 0%
1 star 3.7%
Filter icon Filter
Top Reviews

Filter reviews by




Dwayne Natwick May 03, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This is a comprehensive guide to setting up ethical hacking environments leveraging the Kali Linux build. The Kali Linux build provides a variety of tools that can be used by the “Red Teamers” to identify vulnerabilities within an infrastructure, whether on-premises, cloud, or hybrid. This book guides the reader through setting up lab environments that can be used to test and identify potential threats before they are leveraged by attackers. Whether you are a beginner or an experienced cybersecurity professional, you will benefit from having a copy of this book.
Amazon Verified review Amazon
David Meece "Cybertech Dave" Jul 25, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book is written well and very beginner friendly. The way the author explains the technical concepts is perfect for newcomers with less experience. I would highly recommend this book to students or more seasoned cybersecurity professionals in the field.
Amazon Verified review Amazon
blkhedrulz Sep 22, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Just be aware that all examples in the book are based on using a Windows virtual machine to run Kali and set up a virtual testing network. So if you are like me and avoid Windows like the plague be prepared to buy a cheap mini PC running Windows to be able to work through the examples verbatim, or to spend some time figuring out how to adapt what he is doing to another system. Overall and awesome book.
Amazon Verified review Amazon
Raymond Jul 20, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The Ultimate Kali Linux Book - Third Edition: Harness Nmap, Metasploit, Aircrack-ng, and Empire for cutting-edge pentesting 3rd ed. Edition by Glen D Singh is a comprehensive guide to ethical hacking and penetration testing with Kali Linux. I originally purchased the Audible edition to study for thne Comptia Pentest + exam as adjunct material to Comptia study guides. The audio helped to reinforce topics for study. This prompted me to order a kindle copy and I read through for further reinforcement of command and concepts. The book is excellent for those new to advanced in Kali Linux. The author uses real-world scenarios to explain and explore penetration testing concepts. This is done by a step by step of setting up a pentest lab using virtual machines.Exercises focus on reconnaissance, Open-source intelligence gathering, asset and network discovery techniques and how to use/commands for tools in Kali Linux which can target systems, perform vulnerability assessments, perform social engineering attacks, identify security flaws on devices, exploit security weaknesses to gain access, persistence, command and control and data extraction. Compromise of Active Directory and enterprise network exploitation and red teaming is covered on wired and wireless networks as well as explanation of how to exploit vulnerable web applications.Tools covered include Nmap, Metasploit, Aircrack-ng, the Harvester, SET Toolkit and many other Kali Tools and Applications. I highly recommend this for learning, reinforcing for Pentest exams and as a shelf reference guide.The authors' concise, well elaborated and easy to follow explanations make this a comfortable read. After reading this and using it as study , I would happily purchase the authors' future books as he is clearly accomplished as an instructor and author.
Amazon Verified review Amazon
zs Oct 26, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Super!
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.