Gus Khawaja - Kali Linux Penetration Testing Bible

1 Cover

2 Title Page

3 Introduction Introduction Kali is a popular Linux distribution used by security professionals and is becoming an important tool for daily use and for certifications. Penetration testers need to master Kali's hundreds of tools for pentesting, digital forensics, and reverse engineering. Kali Linux Penetration Testing Bible is a hands‐on guide for getting the most from Kali Linux for pentesting. This book is for working cybersecurity professionals in offensive, hands‐on roles, including red teamers, white‐hat hackers, and ethical hackers. Defensive specialists will also find this book valuable, as they need to be familiar with the tools used by attackers. This comprehensive pentesting book covers every aspect of the art and science of penetration testing. It covers topics like building a modern Dockerized environment, the basics of bash language in Linux, finding vulnerabilities in different ways, identifying false positives, and practical penetration testing workflows. You'll also learn to automate penetration testing with Python and dive into advanced subjects like buffer overflow, privilege escalation, and beyond. By reading this book, you will: Gain a thorough understanding of the hundreds of penetration testing tools available in Kali Linux. Master the entire range of techniques for ethical hacking so you can be more effective in your job and gain coveted certifications. Learn how penetration testing works in practice and fill the gaps in your knowledge to become a pentesting expert. Discover the tools and techniques that hackers use so you can boost your network's defenses. What Does This Book Cover? What Does This Book Cover? This book goes deep into the subject of penetration testing. For established penetration testers, this book fills all the practical gaps, so you have one complete resource that will help you as your career progresses. For newcomers to the field, Kali Linux Penetration Testing Bible is your best guide to how ethical hacking really works. Companion Download Files Companion Download Files As you work through the examples in this book, you may choose either to type in all the code manually or to use the source code files that accompany the book. All the source code used in this book is available for download from www.wiley.com/go/kalilinuxpenbible . How to Contact the Publisher How to Contact the Publisher If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur. To submit your possible errata, please email it to our Customer Service Team at wileysupport@wiley.com with the subject line “Possible Book Errata Submission.” How to Contact the Author How to Contact the Author We appreciate your input and questions about this book! Email the author at gus.khawaja@guskhawaja.me , or message him on Twitter at @GusKhawaja .

4 CHAPTER 1: Mastering the Terminal Window CHAPTER 1 Mastering the Terminal Window Kali Linux can be summarized in two simple words: terminal window. If you master your terminal window skills, then you will be one of those elite ethical hackers. In this chapter, you will learn all the essentials of the terminal window so you can start using Kali Linux like a boss. If you already know how to manage the terminal window, please use this chapter as a reference, or maybe go over it quickly in case there is something new that you haven't learned before. The main goal of this chapter is not only to show you the commands of Kali Linux but to help you deeply understand it through practical examples. Kali Linux is a Debian‐based operating system developed by Offensive Security, so if you're used to Ubuntu, for example, the commands in the terminal window will look the same since Debian and Kali share an equal distribution. Here's what this chapter covers: Kali Linux file system Terminal window basics Managing users and groups Manipulating files and folders Handling remote connections Kali Linux system management Dealing with networking in Kali Linux Kali Linux File System Managing Users and Groups in Kali Files and Folders Management in Kali Linux Remote Connections in Kali Kali Linux System Management Networking in Kali Linux Summary

5 CHAPTER 2: Bash Scripting Basic Bash Scripting Printing to the Screen in Bash Variables Script Parameters User Input Functions Conditions and Loops Summary

6 CHAPTER 3: Network Hosts Scanning Basics of Networking Network Scanning DNS Enumeration Summary

7 CHAPTER 4: Internet Information Gathering Passive Footprinting and Reconnaissance Summary

8 CHAPTER 5: Social Engineering Attacks Spear Phishing Attacks Payloads and Listeners Social Engineering with the USB Rubber Ducky Summary

9 CHAPTER 6: Advanced Enumeration Phase Transfer Protocols E‐mail Protocols Database Protocols CI/CD Protocols Web Protocols 80/443 Graphical Remoting Protocols File Sharing Protocols Summary

10 CHAPTER 7: Exploitation Phase Vulnerabilities Assessment Services Exploitation Summary

11 CHAPTER 8: Web Application Vulnerabilities Web Application Vulnerabilities Summary

12 CHAPTER 9: Web Penetration Testing and Secure Software Development Lifecycle Web Enumeration and Exploitation Secure Software Development Lifecycle Summary

13 CHAPTER 10: Linux Privilege Escalation Introduction to Kernel Exploits and Missing Configurations Kernel Exploits SUID Exploitation Overriding the Passwd Users File CRON Jobs Privilege Escalation sudoers Exploiting Running Services Automated Scripts Summary

14 CHAPTER 11: Windows Privilege Escalation Windows System Enumeration File Transfers Windows System Exploitation Summary

15 CHAPTER 12: Pivoting and Lateral Movement Dumping Windows Hashes Pivoting with Port Redirection Summary

16 CHAPTER 13: Cryptography and Hash Cracking Basics of Cryptography Cracking Secrets with Hashcat Summary

17 CHAPTER 14: Reporting Overview of Reports in Penetration Testing Scoring Severities Report Presentation Summary

18 CHAPTER 15: Assembly Language and Reverse Engineering CPU Registers Assembly Instructions Data Types Memory Segments Addressing Modes Reverse Engineering Example Summary

19 CHAPTER 16: Buffer/Stack Overflow Basics of Stack Overflow Stack Overflow Exploitation Summary

20 CHAPTER 17: Programming with Python Basics of Python Running Python Scripts Debugging Python Scripts Practicing Python Python Basic Syntaxes Variables More Techniques in Python Summary

21 CHAPTER 18: Pentest Automation with Python Penetration Test Robot Summary

22 APPENDIX A: APPENDIX AKali Linux Desktop at a Glance Downloading and Running a VM of Kali Linux Kali Xfce Desktop Summary

23 APPENDIX B: APPENDIX BBuilding a Lab Environment Using Docker Docker Technology Summary

24 Index

25 Copyright

26 About the Author

27 About the Technical Editor

28 Acknowledgments

29 End User License Agreement

1 Chapter 1 Table 1.1 Tmux Keyboard Shortcuts

2 Chapter 2 Table 2.1 Numerical Conditions Table 2.2 String Conditions Table 2.3 File/Directory Conditions

3 Chapter 3 Table 3.1 OSI Layers Table 3.2 Subnets and CIDR Table 3.3 Common Port NumbersTable 3.4 Nmap Version Intensity

4 Chapter 4Table 4.1 The Most Common Query Criteria Used on the Shodan SiteTable 4.2 Google Dorks Common Queries

5 Chapter 14Table 14.1 CVSS Score Rating

6 Chapter 15Table 15.1 Flag RegistersTable 15.2 Assembly InstructionsTable 15.3 Assembly Jump InstructionsTable 15.4 Assembly InstructionsTable 15.5 Data TypesTable 15.6 Addressing Modes