Computational Techniques for Resolving Security Issues
Sanjib Sinha
Purchase Now !
Just with Paypal
Just with Paypal
Book Details
Price
|
4.00 USD |
|---|---|
Pages
| 426 p |
File Size
|
8,196 KB |
File Type
|
PDF format |
ISBN-13 (electronic) ISBN-13 (pbk)
| 978-1-4842-3891-2 978-1-4842-3890-5 |
Copyright
| 2018 by Sanjib Sinha |
Sanjib Sinha is a certified .NET Windows and
web developer, specializing in Python, security
programming, and PHP; he won Microsoft’s
Community Contributor Award in 2011.
Sanjib Sinha has also written Beginning Ethical
Hacking with Python and Beginning Laravel for Apress.
Vaibhav Chavan holds a certification in ethical hacking and has worked
as a security analyst in the IT world as well as in the banking, insurance,
and e-commerce industries. He now works as a security analyst in Mumbai
and has more than five years of experience in the IT industry. He has
hands-on experience in Kali Linux and other tools such as the Metasploit
Framework, Burp Suite, Nessus, and more.
Introduction
You can get started in white-hat ethical hacking using Kali Linux, and this
book starts you on that road by giving you an overview of security trends,
where you will learn about the OSI security architecture. This will form the
foundation for the rest of Beginning Ethical Hacking with Kali Linux.
With the theory out of the way, you’ll move on to an introduction to
VirtualBox, networking terminologies, and common Linux commands,
followed by the step-by-step procedures to build your own web server and
acquire the skill to be anonymous. When you have finished the examples
in the first part of your book, you will have all you need to carry out safe
and ethical hacking experiments.
After an introduction to Kali Linux, you will carry out your first
penetration tests with Python and code raw binary packets for use in those
tests. You will learn how to find secret directories of a target system, how to
use a TCP client in Python and services, and how to do port scanning using
Nmap. Along the way, you will learn how to collect important information;
how to track e-mail; and how to use important tools such as DMitry,
Maltego, and others. You’ll also take a look at the five phases of penetration testing.
After that, this book will cover SQL mapping and vulnerability analysis
where you will learn about sniffing and spoofing, why ARP poisoning is a
threat, how SniffJoke prevents poisoning, how to analyze protocols with
Wireshark, and how to use sniffing packets with Scapy. Then, you will learn
how to detect SQL injection vulnerabilities, how to use Sqlmap, and how to
do brute-force or password attacks. In addition, you will learn how to use
important hacking tools such as OpenVas, Nikto, Vega, and Burp Suite.
The book will also explain the information assurance model and
the hacking framework Metasploit, taking you through important
commands, exploits, and payload basics. Moving on to hashes and
passwords, you will learn password testing and hacking techniques with
John the Ripper and Rainbow. You will then dive into classic and modern
encryption techniques where you will learn to work with the conventional
cryptosystem.
In the final chapter, you will use all the skills of hacking to exploit a
remote Windows and Linux system, and you will learn how to “own” a
remote target entirely.
Table of Contents
About the Author ...............................................................................xiii
About the Technical Reviewer ............................................................xv
Acknowledgments ............................................................................xvii
Introduction .......................................................................................xix
Chapter 1: Security Trends
Nature and Perspective .........................................................................................3
Before and After the Digital Transformation ..........................................................6
The OSI Security Architecture ...............................................................................6
Security Attacks, Services, and Mechanisms .....................................................10
Timeline of Hacking .......................................................................................14
How to Use Google Hacking Techniques .............................................................15
Further Reading ..................................................................................................17
Chapter 2: Setting Up a Penetration Testing and Network
Security Lab
Why Virtualization? .............................................................................................20
Installing VirtualBox ............................................................................................21
Installing Appliances on VirtualBox ...............................................................23
Installing VirtualBox Guest Addition ...............................................................29
Installing Metasploitable ...............................................................................31
Installing Windows ........................................................................................33
Installing Kali in VMware .....................................................................................36
Chapter 3: Elementary Linux Commands
Finding the Kali Terminal ....................................................................................42
Navigating the File System .................................................................................44
Working with Text Files .......................................................................................48
Searching Files ...................................................................................................49
Writing to the Terminal ........................................................................................51
Working with Directories .....................................................................................52
Setting File Permissions .....................................................................................53
Chapter 4: Know Your Network
Networking Layers ..............................................................................................61
Internetworking Models ......................................................................................65
OSI .................................................................................................................65
TCP/IP ............................................................................................................68
Further Reading ..................................................................................................69
Chapter 5: How to Build a Kali Web Server
Why Do You Need a Web Server? ........................................................................72
Introducing Sockets ............................................................................................73
Beginning the Web Server ..................................................................................73
Diving into Sockets .............................................................................................76
Installing PyCharm and the Wing IDE Editor .......................................................84
How to Stay Anonymous .....................................................................................86
Changing Your Proxy Chain ............................................................................88
Working with DNS Settings ...........................................................................92
Using a VPN ...................................................................................................94
Changing Your MAC Address .......................................................................100
Chapter 6: Kali Linux from the Inside Out
More About Kali Linux Tools ..............................................................................106
Information Gathering ..................................................................................107
Vulnerability Analysis ...................................................................................108
Wireless Attacks ..........................................................................................109
Web Applications .........................................................................................109
WPS Tools ....................................................................................................110
Exploitation Tools .........................................................................................111
Forensic Tools ..............................................................................................111
Sniffing and Spoofing ..................................................................................112
Password Attacks ........................................................................................112
Maintaining Access .....................................................................................113
Reverse Engineering ...................................................................................113
Hardware Hacking .......................................................................................114
Exploring Kali Linux from the Inside .................................................................114
Machine Language ......................................................................................114
Registers .....................................................................................................115
Why Is Understanding Memory So Important? ............................................116
Editors .........................................................................................................117
Hacking Tools ..............................................................................................121
Staying Updated with SSH ................................................................................124
Getting Started ............................................................................................125
Working with Blacklists and Whitelists .......................................................128
Securing SSH ...............................................................................................130
Connecting to Kali Linux Over SSH ..............................................................134
Chapter 7: Kali Linux and Python
What Is Penetration Testing? ...........................................................................137
First Penetration Using Python ..........................................................................139
Whois Searches for More Information .........................................................142
Finding Secret Directories ...........................................................................152
Top-Level Domain Scanning ........................................................................158
Obtaining a Web Site’s IP Address ...............................................................161
TCP Client in Python and Services ....................................................................164
Capturing Raw Binary Packets ..........................................................................170
Port Scanning Using Nmap ...............................................................................174
Importing the Nmap Module ........................................................................175
What Does Nmap Do? ..................................................................................180
Nmap Network Scanner ..............................................................................183
Chapter 8: Information Gathering
Python Virtual Environment ...............................................................................190
Reconnaissance Tools .......................................................................................197
Know the Domain and Hostname ................................................................198
E-mail Tracking Made Easy .........................................................................200
Searching the Internet Archive ....................................................................202
Passive Information .....................................................................................204
Web Spiders Are Crawling ...........................................................................205
More About Scanning ..................................................................................206
You Can Find Location Too! ..........................................................................213
DMitry, Maltego, and Other Tools .......................................................................214
Summarizing the Five Phases of Penetration ...................................................220
Chapter 9: SQL Mapping
Sniffing and Spoofing ........................................................................................221
Packing and Unpacking with Python ...........................................................223
Why Wireless Media Is Vulnerable ...............................................................227
ARP Poisoning Is a Threat ............................................................................228
SQL Injection .....................................................................................................241
Detecting SQL Injection Vulnerabilities ........................................................242
How to Use sqlmap ......................................................................................243
Brute-Force or Password Attacks .....................................................................253
Chapter 10: Vulnerability Analysis
Overview of Vulnerability Analysis Tools ...........................................................259
How to Use OpenVas .........................................................................................260
How to Use Nikto ..............................................................................................268
How to Use Vega ...............................................................................................270
How to Use Burp Suite ......................................................................................276
Chapter 11: Information Assurance Model
What the AI Model Is All About ..........................................................................284
How to Tie the Elements Together? ...................................................................285
How the AI Model Works ...................................................................................287
Why Is the AI Model Important? ........................................................................289
Further Reading ................................................................................................290
Chapter 12: Introducing Metasploit in Kali Linux
Understanding the Metasploit Architecture ......................................................292
Summarizing Modules ......................................................................................295
Mixins and Plugins in Ruby ...............................................................................302
Metasploit Console or Interface ........................................................................304
Exploits and Payloads in Metasploit .................................................................308
How to Use Exploit and Payloads ................................................................309
How to Start Exploits ...................................................................................315
Chapter 13: Hashes and Passwords
Hashes and Encryption .....................................................................................324
Password Testing Tools .....................................................................................327
John the Ripper and Johnny .............................................................................338
How to Use RainbowCrack ................................................................................342
Chapter 14: Classic and Modern Encryption
Nature and Perspective .....................................................................................348
Models of the Cryptography System .................................................................352
Types of Attacks on Encrypted Messages .........................................................354
Chapter 15: Exploiting Targets
Exploiting Linux with Metasploit .......................................................................358
Exploiting Samba .........................................................................................359
Exploiting IRC ..............................................................................................371
Exploiting Windows with Armitage ....................................................................380
Index .................................................................................................405
Bookscreen
Who This Book Is For
This book is primarily for information security professionals. However,
security enthusiasts and absolute beginners will also find this book
helpful. For absolute beginners, knowledge of high school algebra,
the number system, and the Python programming language is a plus.
However, this book provides an explanation of the foundational rules so
you can understand the relationship between them and ethical hacking,
information security, and the hacking-related tools of Kali Linux.
For more advanced professionals, the book also includes in-depth analysis.
Whether you are new to ethical hacking or a seasoned veteran, this
book will help you understand and master many of the powerful and
useful hacking-related tools of Kali Linux and the techniques that are
widely used in the industry today.
To start with, you need a virtual box or virtual machine, so proceed to Chapter 1.