Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Kali Linux Cookbook

You're reading from Kali Linux Cookbook Effective penetration testing solutions

Product type Paperback

Published in Sep 2017

Publisher

ISBN-13 9781784390303

Length 438 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Network Security

Authors (2):

Perciaccante

Corey Schultz

View More author details

Table of Contents (17) Chapters

Title Page

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Customer Feedback

Preface

1. Installing Kali and the Lab Setup FREE CHAPTER

2. Reconnaissance and Scanning

3. Vulnerability Analysis

4. Finding Exploits in the Target

5. Social Engineering

6. Password Cracking

7. Privilege Escalation

8. Wireless Specific Recipes

9. Web and Database Specific Recipes

10. Maintaining Access

Identifying whether there is a web application firewall

We will use wafw00f to identify whether there is a web application firewall between us and our target website.

Many organizations will use a Web Application Firewall (WAF) to protect websites from web-specific attack. Understanding that a security device sits between you and your target is extremely important. You will need to obfuscate and avoid detection. You will have to be more targeted and use special techniques to penetrate the website even with the WAF in place.

Getting ready

Let's ensure the following prerequisites:

Kali Linux is running and you are logged in as root
Validate the internet connectivity

How to do it...

In this recipe we will use wafwoof to see if there is a web application firewall in our path:

Open the terminal screen by clicking on the terminal icon on the top-left corner:

From the main terminal screen, you should be at a Command Prompt of root@kali:~#.
Let's examine a site without a WAF:

 wafw00f scanme.nmap.org

The wafw00f...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (2)

Perciaccante

Perciaccante

Bob Perciaccante is seasoned information security practitioner who has been in the security field for almost 20 years. Currently, he is a consulting systems engineer for Cisco Systems in Pennsylvania where he has worked for the last 10 years focusing on network and data security, network access control, and secure network architectures. His primary day-to-day responsibilities focus on designing secure network solutions for his customers and working to train customers and partners on security solution implementations and daily operations to get the most out of their infrastructure. When not involved in security activities, Bob enjoys eclectic hobbies such as working on cars, 3D printing, and camping. Collaborating with his Cisco peer, Corey P. Schultz, this book is his first security publication.

See other products by Perciaccante

Corey Schultz

Corey Schultz

Corey P. Schultz is a technologist focusing on security research, Internet of Things, and the impact of technology on education and learning. He has over 20 years of experience in the security industry doing security architecture, penetration testing, incident response, and forensic analysis. Corey is currently a technical solutions architect for Cisco Systems Global Security Sales Organization. He works on a daily basis with large environments on designing and architecting secure enterprise networks. You can also find Corey active on Twitter @cschultz0000, where you can also see his schedule of speaking engagements and appearances.

See other products by Corey Schultz

Other recommended products

Related to this chapter

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide

Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.

Kali Linux Intrusion and Exploitation Cookbook

Kali Linux Intrusion and Exploitation Cookbook

Born from it predecessor, Kali Linux 2.0 is the most popular Linux distribution designed for security professionals who build defensive strategies around their systems with an offensive mindset. This book aims at introducing you to the most common and not -so- common pre-installed penetration testing tools and create custom complex images in the form of easy to follow recipes. Right Information gathering, vulnerability assessment & penetration testing for Web, wired and wireless Network this book will help you get grips on exploiting vulnerabilities in your system and fix those security anomalies in no time.

Apr 2017 17h 4m

Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

Sep 2018 10h 8m

Learn Penetration Testing

Learn Penetration Testing

A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.

May 2019 14h 8m

Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

Apr 2020 8h 12m

Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

Nov 2019 18h 20m

Applied Network Security

Applied Network Security

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.

Apr 2017 11h 40m

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.

Feb 2018 14h 12m

Learn Ethical Hacking from Scratch

Learn Ethical Hacking from Scratch

This book is designed to help you learn the basics, it assumes that you have no prior knowledge in hacking, and by the end of it you'll be at a high intermediate level being able launch attacks and hack computer systems just like black-hat hackers do, not only that but you'll also learn how to secure systems from these attacks.

Jul 2018 18h 48m

Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

Jul 2017 6h 20m

Kali Linux Network Scanning Cookbook

Kali Linux Network Scanning Cookbook

With the ever-increasing amount of data flowing in today's world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

May 2017 21h 8m

Kali Linux 2018: Assuring Security by Penetration Testing

Kali Linux 2018: Assuring Security by Penetration Testing

This book is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques. It offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.

Oct 2018 17h 36m

Personalised recommendations for you

Based on your interests and search pattern

Mastering Palo Alto Networks

Mastering Palo Alto Networks

Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.

May 2025 21h 32m

Cloud Native Anti-Patterns

Cloud Native Anti-Patterns

Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.

Mar 2025 14h 44m

AWS for System Administrators

AWS for System Administrators

Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.

May 2025 14h 12m

Kubernetes for Generative AI Solutions

Kubernetes for Generative AI Solutions

Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.

Jun 2025 11h 8m

Azure Cloud Projects

Azure Cloud Projects

Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.

May 2025 8h 28m

Sustainable Cloud Development

Sustainable Cloud Development

This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.

Mar 2025 9h 12m

SLIs and SLOs Demystified

SLIs and SLOs Demystified

This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.

Apr 2025 10h 0m