更新时间:2021-07-02 21:05:14
coverpage
Title Page
Credits
About the Author
About the Reviewer
www.PacktPub.com
Why subscribe?
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
Goal-Based Penetration Testing
Conceptual overview of security testing
Classical failures of vulnerability scanning penetration testing and red team exercises
The testing methodology
Introduction to Kali Linux – history and purpose
Installing and updating Kali
Using Kali from a portable device
Installing Kali into a virtual machine
VMware Workstation Player
VirtualBox
Installing to a Docker appliance
Installing Kali to the cloud – creating an AWS instance
Organizing Kali
Configuring and customizing Kali
Resetting the root password
Adding a non-root user
Speeding up Kali operations
Sharing folders with the host operating system
Using Bash scripts to customize Kali
Building a verification lab
Setting up a virtual network with Active Directory
Installing defined targets
Metasploitable3
Mutillidae
Managing collaborative penetration testing using Faraday
Summary
Open Source Intelligence and Passive Reconnaissance
Basic principles of reconnaissance
OSINT
Offensive OSINT
Maltego
CaseFile
Google caches
Scraping
Gathering usernames and email addresses
Obtaining user information
Shodan and censys.io
Google Hacking Database
Using dork script to query Google
DataDump sites
Using scripts to automatically gather OSINT data
Defensive OSINT
Dark Web
Security breaches
Threat intelligence
Profiling users for password lists
Creating custom word lists for cracking passwords
Using CeWL to map a website
Extracting words from Twitter using Twofi
Active Reconnaissance of External and Internal Networks
Stealth scanning strategies
Adjusting the source IP stack and tool identification settings
Modifying packet parameters
Using proxies with anonymity networks
DNS reconnaissance and route mapping
The whois command
Employing comprehensive reconnaissance applications
The recon-ng framework
IPv4
IPv6
Using IPv6 - specific tools
Mapping the route to the target
Identifying the external network infrastructure
Mapping beyond the firewall
IDS/IPS identification
Enumerating hosts
Live host discovery
Port operating system and service discovery
Port scanning
Writing your own port scanner using netcat
Fingerprinting the operating system
Determining active services
Large-scale scanning
DHCP information
Identification and enumeration of internal network hosts
Native MS Windows commands
ARP broadcasting
Ping sweep
Using scripts to combine Masscan and nmap scans
