Preface
For better or for worse, we now live in a world where hacking is the norm. It's in our daily news stories, entertainment, governments, businesses, and homes. While it has become more and more prevalent, it has also become easier. A great deal of attacks take very little technical knowledge as scripts can be found and used by even a novice. For the technically savvy hacker, the stakes are very high as more and more systems can be compromised for financial or political gain.
In a world where hacking has become so easy that a child could do it, it is absolutely essential that organizations verify their own level of protection by having their networks tested using the same tools that cybercriminals use against them. However, the basic usage of these tools is not sufficient knowledge to be an effective information-security professional. It is absolutely critical that information-security professionals understand the techniques that are being employed by these tools and why these techniques are able to exploit various vulnerabilities in a network or system. A knowledge of the basic underlying principles that explain how these common attack tools work enables one to effectively use them, but more importantly, it also contributes to one's ability to effectively identify such attacks and defend against them.
The intention of this book is to enumerate and explain the use of common attack tools that are available on the Kali Linux platform, but more importantly, this book also aims to address the underlying principles that define why these tools work. In addition to addressing the highly functional tools integrated into Kali Linux, we will also create a large number of Python and Bash scripts that can be used to perform similar functions and/or to streamline existing tools.
Ultimately, the intention of this book is to help forge stronger security professionals through a better understanding of their adversary.
What this book covers
Chapter 1, Getting Started, explains the configuration of a security lab and then the installation and configuration of Kali Linux and other security tools.
Chapter 2, Reconnaissance, explains how to collect information on your target using passive information-gathering techniques. Collecting subdomains, e-mail addresses, and DNS enumeration are covered in depth.
Chapter 3, Discovery, explains gathering domain information on our target and identifying hosts on a given network segment.
Chapter 4, Port Scanning, covers multiple tools and methods for finding open ports on one or more hosts.
Chapter 5, Fingerprinting, explains identifying the services and versions associated with them once having identified open ports on our target(s).
Chapter 6, Vulnerability Scanning, discusses ways to identify vulnerabilities based on the services and versions found in the previous chapter.
Chapter 7, Denial of Service, covers how to execute several types of DoS attack.
Chapter 8, Working with Burp Suite, covers Burp Suite and how to use the many tools it comes bundled with.
Chapter 9, Web Application Scanning, covers a number of tools and techniques for testing web applications.
Chapter 10, Attacking the Browser with BeEF, covers the Browser Exploitation Framework (BeEF), including configuration, hooking a browser, and a number of exploits.
Chapter 11, Working with Sparta, looks at how to configure and modify Sparta. We also cover how to take full advantage of the tool to collect and organize your information gathering.
Chapter 12, Automating Kali Tools, demonstrates automating a number of Kali tools to both collect information and exploit targets.
What you need for this book
In order to perform the examples provided in this book, you will need the following:
- Vmware Workstation Player 12 (or newer) or Vmware Fusion 8.5 (or newer)
- PuTTY 6.9 (for Windows users needing SSH)
- Nessus 5.2.6
- Kali Linux 2016.2
- Ubuntu 64-bit 16.x
- Metasploitable2
- Wndows XP SP2
Who this book is for
This book is for information-security professionals and casual security enthusiasts alike. It provides foundational principles if you're a novice but will also introduce scripting techniques and in-depth analysis if you're more advanced. Whether you are brand new to Kali Linux or a seasoned veteran, this book will help you both understand and ultimately master many of the most powerful and useful scanning techniques in the industry. It is assumed that you have some basic security-testing experience.
Sections
In this book, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also).
To give clear instructions on how to complete a recipe, we use these sections as follows:
Getting ready
This section tells you what to expect in the recipe, and describes how to set up any software or any preliminary settings required for the recipe.
How to do it…
This section contains the steps required to follow the recipe.
How it works…
This section usually consists of a detailed explanation of what happened in the previous section.
There's more…
This section consists of additional information about the recipe in order to make the reader more knowledgeable about the recipe.
See also
This section provides helpful links to other useful information for the recipe.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Enumerating DNS using the host command."
A block of code is set as follows:
#!/bin/bash if [ ! $1 ]; then echo "Usage: #./dns-find-transfer.sh <domain>"; exit; fi for server in $(host -t ns $1 |cut -d" " -f4);do printf $server | sed 's/.$//' host -l $1 $server |grep "Address: " | cut -d: -f2 | sed 's/...$//' done
Any command-line input or output is written as follows:
theharvester -d google.com -l 500 -b googleNew terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "On this page, scroll down to the VMware Workstation Player link and click on Download."
Note
Warnings or important notes appear in a box like this.
Note
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors .
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files for this book from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
You can download the code files by following these steps:
- Log in or register to our website using your e-mail address and password.
- Hover the mouse pointer on the
SUPPORTtab at the top. - Click on
Code Downloads & Errata. - Enter the name of the book in the
Searchbox. - Select the book for which you're looking to download the code files.
- Choose from the drop-down menu where you purchased this book from.
- Click on
Code Download.
You can also download the code files by clicking on the Code Files button on the book's webpage at the Packt Publishing website. This page can be accessed by entering the book's name in the Search box. Please note that you need to be logged in to your Packt account.
Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:
- WinRAR / 7-Zip for Windows
- Zipeg / iZip / UnRarX for Mac
- 7-Zip / PeaZip for Linux
The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Kali-Linux-Network-Scanning-Cookbook-Second-Edition. We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from https://www.packtpub.com/sites/default/files/downloads/KaliLinuxNetworkScanningCookbookSecondEdition_ColorImages.pdf.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at [email protected] with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.
