Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Kali Linux Network Scanning Cookbook

You're reading from Kali Linux Network Scanning Cookbook A Step-by-Step Guide leveraging Custom Scripts and Integrated Tools in Kali Linux

Product type Paperback

Published in May 2017

Publisher

ISBN-13 9781787287907

Length 634 pages

Edition 2nd Edition

Languages

TCP

Tools

Kali Linux

Concepts

Network Security

Author (1):

Hixon

View More author details

Table of Contents (19) Chapters

Title Page

Credits

About the Authors

About the Reviewer

www.PacktPub.com

Customer Feedback

Preface

1. Getting Started FREE CHAPTER

2. Reconnaissance

3. Discovery

4. Port Scanning

5. Fingerprinting

6. Vulnerability Scanning

7. Denial of Service

8. Working with Burp Suite

9. Web Application Scanning

10. Attacking the Browser with BeEF

11. Working with Sparta

12. Automating Kali Tools

Validating command-injection vulnerabilities with HTTP traffic

Command injection is probably the most dangerous of all known web application attack vectors. Most attackers seek to exploit vulnerabilities in the hope that they will ultimately find a way to execute arbitrary commands on the underlying operating system. Command-execution vulnerabilities provide that capability without any additional steps. In this recipe, we will discuss how to use web server logs or custom web service scripts to confirm command-execution vulnerabilities.

Getting ready

To perform command-injection testing against a target using HTTP request confirmation, you will need to have a remote system that is running one or more web applications that are vulnerable to command injection. In the examples provided, an instance of Metasploitable2 is used to perform this task. Metasploitable2 has several preinstalled vulnerable web applications running on the TCP port 80. For more information on setting up Metasploitable2,...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (1)

Hixon

Hixon

Michael Hixon currently works as a security consultant with a focus on penetration testing and web application security. He previously served in the United States Marine Corp, where he was an infantryman, security forces member, and counterintelligence agent. After the military, he worked as a programmer before changing his focus to IT security. He has worked for the Red Cross, Department of Defense, Department of Justice, and numerous intelligence agencies in his career. He holds a bachelors degree in management information systems and multiple professional information-security certifications, including Certified Information Systems Security Professional (CISSP), eLearnSecurity Web Application Penetration Tester (eWPT), Certified Ethical Hacker (CEH), and eLearnSecurity Certified Professional Penetration Tester (eCPPT). He currently runs the Baltimore chapter of the Open Web Application Security Project (OWASP).

See other products by Hixon

Other recommended products

Related to this chapter

Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

Sep 2018 10h 8m

Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

Jul 2017 6h 20m

Python Penetration Testing Essentials

Python Penetration Testing Essentials

This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1.

May 2018 7h 40m

Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

Apr 2020 8h 12m

Hands-On Application Penetration Testing with Burp Suite

Hands-On Application Penetration Testing with Burp Suite

Using Burp Suite, you can quickly build proof of concepts, extract data via an exploit, attack multiple end points in an application and even begin to script complex multi stage attacks. This book will provide a hands-on coverage on how you can get started with executing an application penetration test and be sure of the results.

Feb 2019 12h 12m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

Nov 2019 18h 20m

Hands-On Penetration Testing with Kali NetHunter

Hands-On Penetration Testing with Kali NetHunter

Kali NetHunter is a free-to-use version of Kali that allows for extreme mobility, flexibility and raw power that can be installed and executed on a range of smartphones and tablets. In this book, you will explore Kali NetHunter from different angles in an effort to familiarize and use the distribution to pentest and secure an environment.

Feb 2019 10h 4m

Nmap Network Exploration and Security Auditing Cookbook

Nmap Network Exploration and Security Auditing Cookbook

This book explores how Nmap is one of the most robust tools for network discovery and security auditing. You'll focus on how you can use it to perform hundreds of different tasks, from OS detection and port scanning to advanced fingerprinting and vulnerability exploitation.

Sep 2021 14h 32m

Nmap: Network Exploration and Security Auditing Cookbook

Nmap: Network Exploration and Security Auditing Cookbook

This is the second edition of ‘Nmap 6: Network Exploration and Security Auditing Cookbook'. A book aimed for anyone who wants to master Nmap and its scripting engine through practical tasks for system administrators and penetration testers. Besides introducing the most powerful features of Nmap and related tools, common security auditing tasks for local and remote networks, web applications, databases, mail servers, Microsoft Windows machines and even ICS SCADA systems are explained step by step with exact commands and argument explanations.

May 2017 13h 52m

Network Vulnerability Assessment

Network Vulnerability Assessment

Being able to identify security loopholes has become critical to many businesses. That's where learning network security assessment becomes very important. This book will not only show you how to find out the system vulnerabilities but also help you build a network security threat model.

Aug 2018 8h 28m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Personalised recommendations for you

Based on your interests and search pattern

Mastering Palo Alto Networks

Mastering Palo Alto Networks

Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.

May 2025 21h 32m

Cloud Native Anti-Patterns

Cloud Native Anti-Patterns

Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.

Mar 2025 14h 44m

AWS for System Administrators

AWS for System Administrators

Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.

May 2025 14h 12m

Kubernetes for Generative AI Solutions

Kubernetes for Generative AI Solutions

Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.

Jun 2025 11h 8m

Azure Cloud Projects

Azure Cloud Projects

Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.

May 2025 8h 28m

Sustainable Cloud Development

Sustainable Cloud Development

This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.

Mar 2025 9h 12m

SLIs and SLOs Demystified

SLIs and SLOs Demystified

This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.

Apr 2025 10h 0m