DOCSLIB.ORG

Penetration Testing with Kali Linux Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux v1.0.1 PWK Copyright © 2014 Offensive Security Ltd. All rights reserved. Page 1 of 361 Penetration Testing with Kali Linux All rights reserved to Offensive Security, 2014 © No part of this publication, in whole or in part, may be reproduced, copied, transferred or any other right reserved to its copyright owner, including photocopying and all other copying, any transfer or transmission using any network or other means of communication, any broadcast for distant learning, in any form or by any means such as any information storage, transmission or retrieval system, without prior written permission from the author. PWK Copyright © 2014 Offensive Security Ltd. All rights reserved. Page 2 of 361 Penetration Testing with Kali Linux 0. - Penetration Testing: What You Should Know .............................................................. 13 0.1 - About Kali Linux .............................................................................................................................. 13 0.2 - About Penetration Testing .............................................................................................................. 13 0.3 - Legal ................................................................................................................................................... 15 0.4 - The megacorpone.com Domain ...................................................................................................... 15 0.5 - Offensive Security Labs ................................................................................................................... 15 0.5.1 - VPN Labs Overview .................................................................................................................... 15 0.5.2 - Lab Control Panel ........................................................................................................................ 17 0.5.3 - Reporting ..................................................................................................................................... 18 1. - Getting Comfortable with Kali Linux ............................................................................. 22 1.1 - Finding Your Way Around Kali ..................................................................................................... 22 1.1.1 - Booting Up Kali Linux ................................................................................................................ 22 1.1.2 - The Kali Menu ............................................................................................................................. 23 1.1.3 - Find, Locate, and Which .............................................................................................................. 23 1.1.4 - Exercises ....................................................................................................................................... 24 1.2 - Managing Kali Linux Services ........................................................................................................ 25 1.2.1 - Default root Password ................................................................................................................. 25 1.2.2 - SSH Service ................................................................................................................................. 26 1.2.3 - HTTP Service ............................................................................................................................... 26 1.2.4 - Exercises ....................................................................................................................................... 28 1.3 - The Bash Environment ..................................................................................................................... 29 1.4 - Intro to Bash Scripting ..................................................................................................................... 29 1.4.1 - Practical Bash Usage – Example 1 ............................................................................................... 29 1.4.2 - Practical Bash Usage – Example 2 ............................................................................................... 33 1.4.3 - Exercises ....................................................................................................................................... 35 PWK Copyright © 2014 Offensive Security Ltd. All rights reserved. Page 3 of 361 Penetration Testing with Kali Linux 2. - The Essential Tools ............................................................................................................. 36 2.1 - Netcat ................................................................................................................................................. 36 2.1.1 - Connecting to a TCP/UDP Port .................................................................................................. 36 2.1.2 - Listening on a TCP/UDP Port .................................................................................................... 38 2.1.3 - Transferring Files with Netcat .................................................................................................... 40 2.1.4 - Remote Administration with Netcat ............................................................................................ 42 2.1.5 - Exercises ....................................................................................................................................... 48 2.2 - Ncat ..................................................................................................................................................... 48 2.2.1 - Exercises ....................................................................................................................................... 50 2.3 - WiresharK ........................................................................................................................................... 51 2.3.1 - Wireshark Basics .......................................................................................................................... 51 2.3.2 - Making Sense of Network Dumps ............................................................................................... 53 2.3.3 - Capture and Display Filters ........................................................................................................ 54 2.3.4 - Following TCP Streams ............................................................................................................... 55 2.3.5 - Exercises ....................................................................................................................................... 56 2.4 - Tcpdump ............................................................................................................................................ 57 2.4.1 - Filtering Traffic ............................................................................................................................ 57 2.4.2 - Advanced Header Filtering .......................................................................................................... 59 2.4.3 - Exercises ....................................................................................................................................... 61 3. - Passive Information Gathering ........................................................................................ 62 A Note From the Author .......................................................................................................................... 62 3.1 - Open Web Information Gathering ................................................................................................. 64 3.1.1 - Google ........................................................................................................................................... 64 3.1.2 - Google Hacking ............................................................................................................................ 69 3.1.3 - Exercises ....................................................................................................................................... 72 3.2 - Email Harvesting .............................................................................................................................. 73 PWK Copyright © 2014 Offensive Security Ltd. All rights reserved. Page 4 of 361 Penetration Testing with Kali Linux 3.2.1 - Exercise ........................................................................................................................................ 73 3.3 - Additional Resources ....................................................................................................................... 74 3.3.1 - Netcraft ........................................................................................................................................ 74 3.3.2 - Whois Enumeration ..................................................................................................................... 76 3.3.3 - Exercise ........................................................................................................................................ 78 3.4 - Recon-ng ............................................................................................................................................ 79 4. - Active Information Gathering .........................................................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    361 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us