Inhaltsangabe
Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its fourth edition
Key Features
- Rely on the most updated version of Kali to formulate your pentesting strategies
- Test your corporate network against threats
- Explore new cutting-edge wireless penetration tools and features
Book Description
Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply the appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in successful penetration testing project engagement.
This fourth edition of Kali Linux 2018: Assuring Security by Penetration Testing starts with the installation of Kali Linux. You will be able to create a full test environment to safely practice scanning, vulnerability assessment, and exploitation. You'll explore the essentials of penetration testing by collecting relevant data on the target network with the use of several footprinting and discovery tools. As you make your way through the chapters, you'll focus on specific hosts and services via scanning and run vulnerability scans to discover various risks and threats within the target, which can then be exploited. In the concluding chapters, you'll apply techniques to exploit target systems in order to gain access and find a way to maintain that access. You'll also discover techniques and tools for assessing and attacking devices that are not physically connected to the network, including wireless networks.
By the end of this book, you will be able to use NetHunter, the mobile version of Kali Linux, and write a detailed report based on your findings.
What you will learn
- Conduct the initial stages of a penetration test and understand its scope
- Perform reconnaissance and enumeration of target networks
- Obtain and crack passwords
- Use Kali Linux NetHunter to conduct wireless penetration testing
- Create proper penetration testing reports
- Understand the PCI-DSS framework and tools used to carry out segmentation scans and penetration testing
- Carry out wireless auditing assessments and penetration testing
- Understand how a social engineering attack such as phishing works
Who this book is for
This fourth edition of Kali Linux 2018: Assuring Security by Penetration Testing is for pentesters, ethical hackers, and IT security professionals with basic knowledge of Unix/Linux operating systems. Prior knowledge of information security will help you understand the concepts in this book
Table of Contents
- Installing and Configuring Kali Linux
- Setting Up Your Test Lab
- Penetration Testing Methodology
- Footprinting and Information Gathering
- Scanning and Evasion Techniques
- Vulnerability Scanning
- Social Engineering
- Target Exploitation
- Privilege-Escalation and Maintaining Access
- Web Application Testing
- Wireless Penetration Testing
- Mobile Penetration Testing with Kali NetHunter
- PCI DSS Scanning and Penetration Testing
- Tools for Penetration Testing Reporting
- Assessments
Über die Autorinnen und Autoren
Shiva V. N. Parasram is a cybersecurity and risk consultant with over 19 years of experience and is the executive director of the Computer Forensics and Security Institute (CFSI), which specializes in pentesting, Digital Forensics and Incident Response (DFIR), and advanced security training with a global reach. As the only Certified EC-Council Instructor (CEI) in the Caribbean, he has trained thousands and is the founder of the CFSI CyberFence program. Shiva is also the author of three other books from Packt Publishing and has delivered workshops regionally and globally for ISACA, ISC2, universities, and security agencies. He is also a Security Risk Manager Consultant for PTRMS (Canada) positioned within a global financial institution, and a cybersecurity mentor at Springboard (US).
Alex Samm is an IT and computer security professional with 11 years' experience. He's currently working for ESP Global Services. His roles includes system and network administrator, programmer, VMware infrastructure support engineer, and security consultant, among others, for many of the world's largest airlines and pharmaceutical companies, including Roche Diabetes, Norvatis, Ingredion, and Shire Pharmaceuticals. He holds a BSc in Computer Science and CEH, ACE, AME, and NSE, and is currently pursuing OSCP. He also lectures at the Computer Forensics and Security Institute.
Damian Boodoo is a penetration tester and security researcher who wants to live in a world where people have safer networks and don't live in fear of evildoers. With more than 10 years' experience of working in IT, he is the co-founder of DKIT Solutions, who provide security services and other creative solutions to problems that are commonly overlooked. When he's not obsessing over zero days or finding holes in firewalls, he spend his time either tinkering with devices to see how they can be made better or pondering "is it too late to make it into e-sports?"
Gerard Johansen is an incident response professional with over 15 years' experience in areas like penetration testing, vulnerability management, threat assessment modeling, and incident response. Beginning his information security career as a cyber crime investigator, he has built on that experience while working as a consultant and security analyst for clients and organizations ranging from healthcare to finance. Gerard is a graduate of Norwich University's Master of Science in Information Assurance program and a certified information systems security professional. He is currently employed as a senior incident response consultant with a large technology company, focusing on incident detection, response, and threat intelligence integration.
Lee Allen is the associate director at Ohio State University. He specializes in information security, penetration testing, security research, task automation, risk management, data analysis, and 3D application development.
„Über diesen Titel“ kann sich auf eine andere Ausgabe dieses Titels beziehen.
