Intermediate Security Testing with Kali Linux 2

Cover layout by Daniel Dieterle

Cover Photo Design by Moriah Dieterle

e-books shop
e-books shop
Purchase Now !
Just with Paypal

Book Details
 2.00 USD
 433 p
 File Size
 21,561 KB
 File Type
 PDF format
 2015 by Daniel W. Dieterle   

About the Author
Daniel W. Dieterle has worked in the IT field for over 20 years. During this time he
worked for a computer support company where he provided system and network support
for hundreds of companies across Upstate New York and throughout Northern Pennsylvania.

He also worked in a Fortune 500 corporate data center, briefly worked at an Ivy League
school’s computer support department and served as an executive at an electrical
engineering company.

For about the last 6 years Daniel has been completely focused on security as a computer
security researcher and author. His articles have been published in international security
magazines, and referenced by both technical entities and the media.

Daniel has assisted with numerous security training classes and technical training books
mainly based on Backtrack and Kali Linux.
Twitter: @cyberarms

What is Kali Linux?
Kali 2 is the latest and greatest version of the ever popular Backtrack/ Kali Linux
penetration testing distribution. Kali has been re-vamped from the ground up to be the best
and most feature rich Ethical Hacking/ Pentesting distribution available. Kali 2 also runs
on more hardware devices greatly increasing your options for computer security
penetration testing or “pentesting” systems.

If you are coming to Kali from a Backtrack background, after a short familiarization
period you should find that everything is very similar and your comfort level should grow
very quickly. If you are new to Kali 2, once you get used to it, you will find an easy to use
security testing platform that includes hundreds of useful and powerful tools to test and
help secure your network systems.

Table of Contents
Chapter 1
What is Kali Linux?
Why Use Kali Linux?
Ethical Hacking Issues
Scope of this Book
Chapter 2
Kali 2 Overview
Applications Menu
Command Line Tools
Apache Webserver
Chapter 3
Installing Virtual Machines
Install VMware Player & Kali
Setting the Kali IP address
Installing VMware Tools for Linux
Installing Metasploitable 2
Windows 7 Virtual Machine
Chapter 4
Installing Mutillidae
Mutillidae Database Configuration Changes
Php.ini Configuration Change
Windows 7 Mutillidae Install
XAMPP install
Security and Hints Level
Chapter 5
New Meterpreter Commands
New Features
HANDS-ON New Features Section
Bypass UAC Module
Mimikatz Extensions
Chapter 6
Using Msfvenom
A Simple Reverse Shell
Remote Metasploit Shell
Windows Shell with PowerShell
Linux Python Meterpreter Shell
Website Attack with PHP Shell
Changing the Shellcode Filetype
Generating Shells in Meterpreter
Chapter 7
Resource Files
Making a Resource File
Starting Resource Scripts from the Command Line
Global Variables
Pre-installed Resource Files & Ruby Integration
Chapter 8
Web Delivery
Python Web Delivery vs. Linux
Works on Mac too!
PHP Web Delivery Just as Easy
PHP Shell - A Closer Look
Anti-Virus Bypass
Chapter 9
Bypassing Anti-Virus with Shellter
Using Shellter
Post Exploitation
Chapter 10
Post Modules & Railgun
Post Modules
Viewing & Using Post File
Viewing the Recovered Loot
IRB Railgun
Chapter 11
Metasploit & PowerShell for Post Exploitation
PowerShell Basics
Making Windows Talk to You
Playing YouTube Videos
Turning it into an Executable File
Windows Gather User Credentials (phishing)
Chapter 12
PowerShell Payloads, PowerSploit and Nishang
New PowerShell Payloads
PowerShell Payload Modules Introduction
Using PowerSploit Scripts
Nishang - PowerShell for Penetration Testing
PowerShell Payload as a Direct Exploit
Chapter 13
Maintaining Access
Meterpreter “Persistence” Script
S4u_persistence - Scheduled Persistence
Vss_Persistence - Volume Shadow Copy Persistence
Netcat Backdoor
Enabling Remote Desktop
Maintaining Access on a Webserver
Chapter 14
Basic Scans
Scanning Specific Ports
Using Nmap with Scripts
OpenSSL-Heartbleed - Scanning and Exploiting
IDS Evasion and Advanced Scans
Chapter 15
Quick Scan & Attack
MitM Proxy Attack
Fuzzing with ZAP
Chapter 16
Commercial Web App Scanners
Basic Scan
WebApp Pentesting
Chapter 17
Command Injection
Remote Shell from Command Injection
Chapter 18
Local File Inclusion (LFI)
Remote File Inclusion (RFI)
Remote File Inclusion to Shell
Chapter 19
Basic Scanning
Exploiting via Remote Shell
Exploit via Pentest Monkey’s Reverse Shell
Mass Scanning
Scanning with Google Dorks
Chapter 20
File Upload
Remote Shell from File Upload
Chapter 21
Burp Suite
The Interface
Basic SQL Injection
More Advanced Injection
Remote Shell from SQL Injection
Burp Encoder/ Decoder
Automating Attacks with Burp Intruder and Compare
Burp Comparer
XSS (Cross Site Scripting Attacks) with Burp
Persistent XSS with Burp
Chapter 22
Overview of SQL Switches
Blind Boolean Injection
Testing Mutillidae with Sqlmap
Running SQLmap
Sqlmap Output Directory
Chapter 23
Cross-Site Scripting Framework (XSSF)
Using XSSF
Attacking Targets with XSSF
Tunneling with XSSF
Stored XSS and XSSF for the Win
Chapter 24
Web Shells
Kali Included Webshells
Chapter 25
Web App Tools
Uniscan, Uniscan-gui
The PenTesters Framework
Attacking Smart Devices
Chapter 26
Installing Android SDK & Creating a Virtual Phone
Installing the Android SDK
Using the Management Console
Installing different android versions
Using your own Smart Phone in Kali
Enabling USB Debug Mode
Troubleshooting Connectivity
Communicating with the Device
Connecting to an Emulated Android Device with ADB
Installing an App using ADB
Chapter 27
Rooting and ADB Usage
What is Rooting?
Viewing Protected Databases
The Browser Database - Surfing History and Passwords
System Directory
Chapter 28
Security Testing Android Devices
Getting a Remote Shell on Android using Metasploit
Creating a booby trapped APK file
Webcam Commands
Android Meterpreter Commands
Android Webview Exploit Tutorial
Chapter 29
Man in the Middle & Wi-Fi Attacks against Android
Man-in-the-Middle with ARPspoof
TCP Dump and Wireshark
Rouge Wi-Fi Router Attacks with Mana
Chapter 30
Forensics Introduction
Forensic Tools
Analyzing Memory using Volatility
Obtaining a Memory Dump
Analyzing a Memory Image with Volatility
Analyzing Registry Keys
Viewing Network Connections with Netscan (and Connscan)
Recovering Data from Process Memory
Recovering Password Hashes
Volatility Plugins
Basic Malware Analysis with Malfind
Chapter 31
Pulling Word Document from Remote System
Recovering Data from Word
Pulling Data from Outlook
Recovering Facebook Conversations
Pulling passwords using Procdump & Mimikatz
Pulling Memory Dumps with PowerShell
Chapter 32
Digital Forensics Framework
Creating a Hard Drive Image
Analyzing a Test Image
Chapter 33
Forensics Commands
iPhone Backup Analyzer
Internet of Things
Chapter 34
The Internet of Things
Basic Security Test
Mass Exploiting the IoT Device
Chapter 35
Network Defense and Conclusion

e-books shop

Why Use Kali Linux?
Kali includes over 400 security testing tools. A lot of the redundant tools from Backtrack
have been removed and the tool interface streamlined. You can now get to the most used
tools quickly as they appear in a top ten security tool menu. You can also find these same
tools and a plethora of others all neatly categorized in the menu system.
Kali allows you to use similar tools and techniques that a hacker would use to test the
security of your network so you can find and correct these issues before a real hacker finds
them. Hackers usually perform a combination of steps when attacking a network. These
steps are summarized below:
Recon – Checking out the target using multiple sources – like intelligence gathering.
Scanning – Mapping out and investigating your network.
Exploitation – Attacking holes found during the scanning process.
Elevation of Privileges – Elevating a lower access account to Root, or System Level.
Maintaining Access – Using techniques like backdoors to keep access to your network.
Covering their Tracks – Erasing logs, and manipulating files to hide the intrusion.
An Ethical Hacker or Penetration Tester (good guys hired to find the holes before an
attacker does) mimics many of these techniques, using parameters and guidelines set up
with corporate management, to find security issues. They then report their findings to
management and assist in correcting the issues.

We will not be covering every step in the process, but will show you many of the
techniques that are used, and how to defend against them.
I would think the biggest drive to use Kali over commercial security solutions is the price.
Security testing tools can be extremely costly, Kali is free! Secondly, Kali includes open
source versions of numerous commercial security products, so you could conceivably
replace costly programs by simply using Kali. All though Kali does includes several free
versions of popular software programs that can be upgraded to the full featured paid
versions and used directly through Kali. And if you enjoy Kali, the Professional version
offers even more features and ease of use.

There really are no major tool usage differences between Backtrack, Kali and the new Kali
2. But it has been completely retooled from the ground up, making software updates and
additions much easier. In Kali, you update everything using the Kali update command
which makes system integrity much better. Simply update Kali and it will pull down the
latest versions of the included tools for you. Just a note of caution, updating tools
individually could break Kali, so running the Kali update is always the best way to get the
latest packages for the OS.

Though Kali can’t possibly contain all the possible security tools that every individual
would prefer, it contains enough that Kali could be used from beginning to end. Don’t
forget that Kali is not just a security tool, but a full-fledged Linux Operating System. So if
your favorite tool runs under Linux, but is not included, most likely you can install and run it in Kali.
Loading... Protection Status