Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
The Ultimate Kali Linux Book

You're reading from   The Ultimate Kali Linux Book Harness Nmap, Metasploit, Aircrack-ng, and Empire for cutting-edge pentesting

Arrow left icon
Product type Paperback
Published in Apr 2024
Publisher Packt
ISBN-13 9781835085806
Length 828 pages
Edition 3rd Edition
Arrow right icon
Author (1):
Arrow left icon
Glen D. Singh Glen D. Singh
Author Profile Icon Glen D. Singh
Glen D. Singh
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Introduction to Ethical Hacking 2. Building a Penetration Testing Lab FREE CHAPTER 3. Setting Up for Advanced Penetration Testing Techniques 4. Passive Reconnaissance 5. Exploring Open-Source Intelligence 6. Active Reconnaissance 7. Performing Vulnerability Assessments 8. Understanding Network Penetration Testing 9. Performing Network Penetration Testing 10. Post-Exploitation Techniques 11. Delving into Command and Control Tactics 12. Working with Active Directory Attacks 13. Advanced Active Directory Attacks 14. Advanced Wireless Penetration Testing 15. Social Engineering Attacks 16. Understanding Website Application Security 17. Advanced Website Penetration Testing 18. Best Practices for the Real World 19. Index
Appendix

Preface

When breaking into the cybersecurity industry, specifically in the ethical hacking and penetration testing fields, you will often hear about the famous Linux distribution known as Kali Linux. Kali Linux is a penetration testing Linux distribution that is built to support the needs of cybersecurity professionals during each phase of a penetration test. As a cybersecurity author, lecturer, and industry professional, I’ve heard from many people within the cybersecurity and information technology industries, and even from students, about the importance of finding a book that guides the reader to thoroughly understand how to perform penetration testing from beginner to advanced level using a step-by-step approach with Kali Linux. This was the motivation and inspiration behind creating the ultimate book that will be easy to understand for everyone and help all readers to become proficient and develop new skills while using the latest tools and techniques.

Over the years, I’ve researched and created a lot of cybersecurity-related content, and one of the most important things about being both a red and blue teamer (offensive and defensive) is always staying up to date on how to discover the latest security vulnerabilities and understanding the Tactics, Techniques, and Procedures (TTPs) that are commonly used by cybercriminals. As a result, ethical hackers and penetration testers need to be equipped with the latest knowledge, skills, and tools to efficiently discover and exploit hidden security vulnerabilities on their targets’ systems and networks, with the intent of helping organizations reduce their attack surface and improve their cyber defenses. During the writing of this book, I’ve used a student-centric and learner-friendly approach, helping you to easily understand the most complex topics, terminologies, and why there is a need to test for security flaws on a system and network.

This book begins by introducing you to the mindset of a threat actor such as a hacker and comparing a hacker’s mindset to that of penetration testers. It’s important to understand how a threat actor thinks and what is most valuable to them. While penetration testers may have a similar mindset to a hacker, their objective is to discover and help resolve the security vulnerabilities before a real cyber attack occurs on an organization. Furthermore, you will learn how to create a lab environment using virtualization technologies to reduce the cost of buying equipment. The lab environment will emulate a network with vulnerable systems and web application servers. Additionally, a fully patched Windows Active Directory lab has been created to demonstrate the security vulnerabilities found within a Windows domain, where you will learn how to compromise Active Directory services.

You will soon learn how to perform real-world intelligence gathering on organizations using popular tools and strategies for reconnaissance and information gathering. Learning ethical hacking and penetration testing would not be complete without learning how to perform vulnerability assessments using industry-standard tools. Furthermore, you will spend some time learning how to perform exploitation on common security vulnerabilities. Following the exploitation phase, you will be exposed to post-exploitation techniques and learn how to set up Command and Control (C2) operations to maintain access on a compromised network to expand your foothold as a penetration tester and exfiltrate data from a compromised host.

You will learn how to perform Active Directory enumeration and exploitation, as many organizations have a Windows environment running Active Directory.

You will learn how to abuse the trust of Active Directory and take over a Windows domain by creating a golden ticket, a silver ticket, and a skeleton key. Furthermore, wireless attacks are included to help aspiring penetration testers gain the skills needed to test for security vulnerabilities on wireless networks, such as exploiting the WPA3 wireless security standard. Finally, the last section includes techniques for discovering and exploiting web applications and performing social engineering techniques and procedures.

In this edition, the procedures for building virtual lab environments have been improved and made easier to understand and follow as a beginner. A new and dedicated chapter on Open Source Intelligence (OSINT) focuses on collecting and analyzing publicly available information on targeted systems, networks, and organizations to develop a profile of intelligence that can be exploited during penetration testing. The theory and practical labs were improved throughout the entire book, and new labs on web application and social engineering were included.

By completing this book, you will be taken through an amazing journey from beginner to expert in terms of learning, understanding, and developing your skills in ethical hacking and penetration testing as an aspiring cybersecurity professional within the industry.

lock icon The rest of the chapter is locked
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime