Getting Started with Networking, Scripting, and Security in Kali
by OccupyTheWeb
Publisher: William Pollock
Production Editors: Serena Yang and Meg Sneeringer
Cover Illustration: Josh Ellingson
Interior Design: Octopod Studios
Developmental Editor: Liz Chadwick
Technical Reviewer: Cliff Janzen
Copyeditor: Barton D. Reed
Compositors: Serena Yang and Meg Sneeringer
Proofreader: Paula L. Fleming
Indexer: JoAnne Burek
Purchase Now !
Just with Paypal
Just with Paypal
Book Details
Price
|
5.00 USD |
|---|---|
Pages
| 254 p |
File Size
|
14,586 KB |
File Type
|
PDF format |
ISBN-10 ISBN-13
| 1593278551 9781593278557 |
Copyright
| 2019 by OccupyTheWeb |
OccupyTheWeb is an infosec consultant, forensic investigator, and trainer with more
than 20 years in the industry. He maintains the HackersArise
training site (https://www.hackersarise.com/) and trains US military personnel, Department of
Defense contractors, and federal employees in information security and hacking.
INTRODUCTION
Hacking is the most important skill set of the 21st century! I don’t make that statement
lightly. Events in recent years seem to reaffirm this statement with every morning’s
headline. Nations are spying on each other to gain secrets, cyber criminals are stealing
billions of dollars, digital worms demanding ransoms are being released, adversaries
are influencing each other’s elections, and combatants are taking down each other’s
utilities. These are all the work of hackers, and their influence over our increasingly
digital world is just beginning to be felt.
I decided to write this book after working with tens of thousands of aspiring hackers
through NullByte,
https://www.hackersarise.com/, and nearly every branch of the
US military and intelligence agencies (NSA, DIA, CIA, and FBI). These experiences
have taught me that many aspiring hackers have had little or no experience with Linux,
and this lack of experience is the primary barrier to their starting the journey to
becoming professional hackers. Almost all the best hacker tools are written in Linux, so
some basic Linux skills are a prerequisite to becoming a professional hacker. I have
written this book to help aspiring hackers get over this barrier.
Hacking is an elite profession within the IT field. As such, it requires an extensive and
detailed understanding of IT concepts and technologies. At the most fundamental level,
Linux is a requirement. I strongly suggest you invest time and energy into using and
understanding it if you want to make hacking and information security your career.
This book is not intended for the experienced hacker or the experienced Linux admin.
History
Topics
Tutorials
Offers & Deals
Highlights
Settings
Support
Sign Out
Instead, it is intended for those who want to get started along the exciting path of
hacking, cybersecurity, and pentesting. It is also intended not as a complete treatise on
Linux or hacking but rather a starting point into these worlds. It begins with the
essentials of Linux and extends into some basic scripting in both bash and Python.
Wherever appropriate, I have tried to use examples from the world of hacking to teach Linux principles.
In this introduction, we’ll look at the growth of ethical hacking for information security,
and I’ll take you through the process of installing a virtual machine so you can install
Kali Linux on your system without disturbing the operating system you are already running.
WHAT’S IN THIS BOOK
In the first set of chapters you’ll get comfortable with the fundamentals of Linux;
Chapter 1 will get you used to the file system and the terminal, and give you some
basic commands. Chapter 2 shows you how to manipulate text to find, examine, and
alter software and files. In Chapter 3 you’ll manage networks. You’ll scan for networks, find information on connections, and disguise yourself by masking your network and DNS information.
Chapter 4 teaches you to add, remove, and update software, and how to keep your
system streamlined. In Chapter 5, you’ll manipulate file and directory permissions to
control who can access what. You’ll also learn some privilege escalation techniques.
Chapter 6 teaches you how to manage services, including starting and stopping
processes and allocating resources to give you greater control. In Chapter 7 you’ll
manage environment variables for optimal performance, convenience, and even stealth.
You’ll find and filter variables, change your PATH variable, and create new environment variables.
Chapter 8 introduces you to bash scripting, a staple for any serious hacker. You’ll
learn the basics of bash and build a script to scan for target ports that you might later infiltrate.
Chapters 9 and 10 give you some essential file system management skills, showing
you how to compress and archive files to keep your system clean, copy entire storage
devices, and get information on files and connected disks.
The latter chapters dig deeper into hacking topics. In Chapter 11 you’ll use and
manipulate the logging system to get information on a target’s activity and cover your
own tracks. Chapter 12 shows you how to use and abuse three core Linux services:
Apache web server, OpenSSH, and MySQL. You’ll create a web server, build a remote
video spy, and learn about databases and their vulnerabilities. Chapter 13 will show
you how to stay secure and anonymous with proxy servers, the Tor network, VPNs, and
encrypted email. Chapter 14 deals with wireless networks. You’ll learn basic networking commands, then crack WiFi access points and detect and connect to Bluetooth signals.
Chapter 15 dives deeper into Linux itself with a high level view of how the kernel
works and how its drivers can be abused to deliver malicious software. In Chapter 16
you’ll learn essential scheduling skills in order to automate your hacking scripts.
Chapter 17 will teach you core Python concepts, and you’ll script two hacking tools: a
scanner to spy on TCP/IP connections, and a simple password cracker.
Bookscreen
WHAT IS ETHICAL HACKING?
With the growth of the information security field in recent years has come dramatic
growth in the field of ethical hacking, also known as white hat (good guy) hacking.
Ethical hacking is the practice of attempting to infiltrate and exploit a system in order
to find out its weaknesses and better secure it. I segment the field of ethical hacking
into two primary components: penetration testing for a legitimate information security
firm and working for your nation’s military or intelligence agencies. Both are rapidly
growing areas, and demand is strong.
Penetration Testing
As organizations become increasingly security conscious and the cost of security
breaches rises exponentially, many large organizations are beginning to contract out
security services. One of these key security services is penetration testing. A
penetration test is essentially a legal, commissioned hack to demonstrate the
vulnerability of a firm’s network and systems.
Generally, organizations conduct a vulnerability assessment first to find potential
vulnerabilities in their network, operating systems, and services. I emphasize potential,
as this vulnerability scan includes a significant number of false positives (things
identified as vulnerabilities that really are not). It is the role of the penetration tester to
attempt to hack, or penetrate, these vulnerabilities. Only then can the organization
know whether the vulnerability is real and decide to invest time and money to close the vulnerability.
Military and Espionage
Nearly every nation on earth now engages in cyber espionage and cyber warfare. One
only needs to scan the headlines to see that cyber activities are the chosen method for
spying on and attacking military and industrial systems.
Hacking plays a crucial part in these military and intelligencegathering
activities, and
that will only be more true as time goes by. Imagine a war of the future where hackers
can gain access to their adversary’s war plans and knock out their electric grid, oil
refineries, and water systems. These activities are taking place every day now. The
hacker thus becomes a key component of their nation’s defense.
WHY HACKERS USE LINUX
So why do hackers use Linux over other operating systems? Mostly because Linux
offers a far higher level of control via a few different methods.
Linux Is Open Source
Unlike Windows, Linux is open source, meaning that the source code of the operating
system is available to you. As such, you can change and manipulate it as you please. If
you are trying to make a system operate in ways it was not intended to, being able to
manipulate the source code is essential.
Linux Is Transparent
To hack effectively, you must know and understand your operating system and, to a
large extent, the operating system you are attacking. Linux is totally transparent,
meaning we can see and manipulate all its working parts.
Not so with Windows. Microsoft tries hard to make it as difficult as possible to know
the inner workings of its operating systems, so you never really know what’s going on
“under the hood,” whereas in Linux, you have a spotlight shining directly on each and
every component of the operating system. This makes working with Linux more effective.
Linux Offers Granular Control
Linux is granular. That means that you have an almost infinite amount of control over
the system. In Windows, you can control only what Microsoft allows you to control. In
Linux, everything can be controlled by the terminal, at the most miniscule level or the
most macro level. In addition, Linux makes scripting in any of the scripting languages
simple and effective.
Most Hacking Tools Are Written for Linux
Well over 90 percent of all hacking tools are written for Linux. There are exceptions, of
course, such as Cain and Abel and Wikto, but those exceptions prove the rule. Even
when hacking tools such as Metasploit or nmap are ported for Windows, not all the
capabilities transfer from Linux.
The Future Belongs to Linux/Unix
This might seem like a radical statement, but I firmly believe that the future of
information technology belongs to Linux and Unix systems. Microsoft had its day in the
1980s and 1990s, but its growth is slowing and stagnating.
Since the internet began, Linux/Unix has been the operating system of choice for web
servers due to its stability, reliability, and robustness. Even today, Linux/Unix is used in twothirds
of web servers and dominates the market. Embedded systems in routers,
switches, and other devices almost always use a Linux kernel, and the world of
virtualization is dominated by Linux, with both VMware and Citrix built on the Linux kernel.
Over 80 percent of mobile devices run Unix or Linux (iOS is Unix, and Android is
Linux), so if you believe that the future of computing lies in mobile devices such as
tablets and phones (it would be hard to argue otherwise), then the future is Unix/Linux.
Microsoft Windows has just 7 percent of the mobile devices market. Is that the wagon
you want to be hitched to?