You're reading from The Ultimate Kali Linux Book Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng, and Empire

Product type Paperback

Published in Feb 2022

Publisher Packt

ISBN-13 9781801818933

Length 742 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Glen D. Singh

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Getting Started with Penetration Testing FREE CHAPTER

2. Chapter 1: Introduction to Ethical Hacking

3. Chapter 2: Building a Penetration Testing Lab

4. Chapter 3: Setting Up for Advanced Hacking Techniques

5. Section 2: Reconnaissance and Network Penetration Testing

6. Chapter 4: Reconnaissance and Footprinting

7. Chapter 5: Exploring Active Information Gathering

8. Chapter 6: Performing Vulnerability Assessments

9. Chapter 7: Understanding Network Penetration Testing

10. Chapter 8: Performing Network Penetration Testing

11. Section 3: Red Teaming Techniques

12. Chapter 9: Advanced Network Penetration Testing — Post Exploitation

13. Chapter 10: Working with Active Directory Attacks

14. Chapter 11: Advanced Active Directory Attacks

15. Chapter 12: Delving into Command and Control Tactics

16. Chapter 13: Advanced Wireless Penetration Testing

17. Section 4: Social Engineering and Web Application Attacks

18. Chapter 14: Performing Client-Side Attacks – Social Engineering

19. Chapter 15: Understanding Website Application Security

20. Chapter 16: Advanced Website Penetration Testing

21. Chapter 17: Best Practices for the Real World

22. Other Books You May Enjoy

Preface

When breaking into the field of ethical hacking and penetration testing in the cybersecurity industry, you will often hear about the famous Linux distribution known as Kali Linux. Kali Linux is a penetration testing Linux distribution that is built to support the needs of cybersecurity professionals during each phase of a penetration test. As an information security author, cybersecurity trainer, and lecturer, I've heard from many persons within the industry and even from students about the importance of finding a book that guides the reader to thoroughly understand how to perform penetration testing using a step-by-step approach with Kali Linux. This was the motivation and inspiration behind creating the ultimate book that will be easy to understand for everyone and help all readers to become proficient experts using the latest tools and techniques upon completion.

Over the years, I've researched and created a lot of cybersecurity-related content, and one of the most important things about being an ethical hacker and a penetration tester is always staying up to date on knowing how to discover the latest security vulnerabilities. As a result, ethical hackers and penetration testers need to be equipped with the latest knowledge, skills, and tools to efficiently discover and exploit hidden security vulnerabilities on their targets' systems and networks. During the writing process of this book, I've used a student-centric and learner-friendly approach, helping you to easily understand the most complex topics, terminologies, and why there is a need to test for security flaws on a system and network.

This book begins by introducing you to understanding the mindset of a threat actor such as a hacker and comparing a hacker's mindset to that of penetration testers. It's important to understand how a threat actor thinks and what is most valuable to them. While penetration testers may have a similar mindset, their objective is to discover and help resolve the security vulnerabilities before a real cyber attack occurs on an organization. Furthermore, you will learn how to create a lab environment using virtualization technologies to reduce the cost of buying equipment. The lab environment will emulate a network with vulnerable systems and web application servers. Additionally, a fully patched Windows Active Directory lab is created to demonstrate the security vulnerabilities found within a Windows domain.

You will soon learn how to perform real-world intelligence gathering on organizations using popular tools and strategies for reconnaissance and information gathering. Learning ethical hacking and penetration testing would not be complete without learning how to perform a vulnerability assessment using industry-standard tools. Furthermore, you will spend some time learning how to perform exploitation on common security vulnerabilities. Following the exploitation phase, you will be exposed to post-exploitation techniques and learn how to set up Command and Control (C2) operations to maintain access on a compromised network.

New topics such as Active Directory enumeration and exploitation are included in this edition as many organizations have a Windows environment running Active Directory. You will learn how to abuse the trust of Active Directory and take over the Windows domain. New wireless attacks are included to help aspiring penetration testers gain the skills to test for security vulnerabilities on wireless networks, such as exploiting the WPA3 wireless security standard. Finally, the last section includes techniques for discovering and exploiting web applications and performing social engineering techniques and attacks.

By completing this book, you will be taken through an amazing journey from beginner to expert in terms of learning, understanding, and developing your skills in ethical hacking and penetration testing as an aspiring cybersecurity professional within the industry.