You're reading from The Ultimate Kali Linux Book Perform advanced penetration testing using Nmap, Metasploit, Aircrack-ng, and Empire

Product type Paperback

Published in Feb 2022

Publisher Packt

ISBN-13 9781801818933

Length 742 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Glen D. Singh

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Getting Started with Penetration Testing FREE CHAPTER

2. Chapter 1: Introduction to Ethical Hacking

3. Chapter 2: Building a Penetration Testing Lab

4. Chapter 3: Setting Up for Advanced Hacking Techniques

5. Section 2: Reconnaissance and Network Penetration Testing

6. Chapter 4: Reconnaissance and Footprinting

7. Chapter 5: Exploring Active Information Gathering

8. Chapter 6: Performing Vulnerability Assessments

9. Chapter 7: Understanding Network Penetration Testing

10. Chapter 8: Performing Network Penetration Testing

11. Section 3: Red Teaming Techniques

12. Chapter 9: Advanced Network Penetration Testing — Post Exploitation

13. Chapter 10: Working with Active Directory Attacks

14. Chapter 11: Advanced Active Directory Attacks

15. Chapter 12: Delving into Command and Control Tactics

16. Chapter 13: Advanced Wireless Penetration Testing

17. Section 4: Social Engineering and Web Application Attacks

18. Chapter 14: Performing Client-Side Attacks – Social Engineering

19. Chapter 15: Understanding Website Application Security

20. Chapter 16: Advanced Website Penetration Testing

21. Chapter 17: Best Practices for the Real World

22. Other Books You May Enjoy

Using web application scanners

As a penetration tester, you will also be required to perform web application security testing based on the scope of your penetration testing engagements. In this section, you will learn how to use various types of web application scanners to identify and fingerprint web applications on a target server.

Before proceeding, make sure you use the following guidelines to ensure you get the same results:

During the next few sections, the target systems will be Metasploitable 2 and OWASP BWA virtual machines.
Ensure Kali Linux has end-to-end connectivity with the Metasploitable 2 and OWASP BWA systems.

Let's get started!

WhatWeb

WhatWeb is a tool that is used to help penetration testers easily identify the available technologies and fingerprint web servers and web applications on a target system. WhatWeb is also pre-installed within Kali Linux and should be part of your arsenal of tools to help you on your journey.

To profile...