Home Page Icon
Home Page
Table of Contents for
Penetration Testing: A Survival Guide
Close
Penetration Testing: A Survival Guide
by Mohammed A. Imran, Srinivasa Rao Kotipalli, Juned Ahmed Ansari, Bo Weaver, Wolf
Penetration Testing: A Survival Guide
Penetration Testing: A Survival Guide
Table of Contents
Penetration Testing: A Survival Guide
Credits
Preface
What this learning path covers
What you need for this learning path
Who this learning path is for
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Sharpening the Saw
Installing Kali Linux to an encrypted USB drive
Prerequisites for installation
Booting Up
Installing configuration
Setting up the drive
Booting your new installation of Kali
Running Kali from the live CD
Installing and configuring applications
Gedit – the Gnome text editor
Terminator – the terminal emulator for multitasking
EtherApe – the graphical protocol analysis tool
Setting up and configuring OpenVAS
Reporting the tests
KeepNote – the standalone document organizer
Dradis – the web-based document organizer
Running services on Kali Linux
Exploring the Kali Linux Top 10 and more
Summary
2. Information Gathering and Vulnerability Assessment
Footprinting the network
Exploring the network with Nmap
Zenmap
The difference verbosity makes
Scanning a network range
Where can you find instructions on this thing?
A return to OpenVAS
Using Maltego
Using Unicorn-Scan
Monitoring resource use with Htop
Monkeying around the network
Summary
3. Exploitation Tools (Pwnage)
Choosing the appropriate time and tool
Choosing the right version of Metasploit
Starting Metasploit
Creating workspaces to organize your attack
Using the hosts and services commands
Using advanced footprinting
Interpreting the scan and building on the result
Exploiting poor patch management
Finding out whether anyone is home
Using the pivot
Mapping the network to pivot
Creating the attack path
Grabbing system on the target
Setting Up the route
Exploring the inner network
Abusing the Windows NET USE command
Adding a Windows user from the command line
Summary
4. Web Application Exploitation
Surveying the webscape
Concept of Robots.txt
Concept of .htaccess
Quick solutions to cross-site scripting
Reducing buffer overflows
Avoiding SQL injection
Arm yourself with Armitage
Working with a single known host
Discovering new machines with NMap
Zinging Windows servers with OWASP ZAP
Using ZAP as an attack proxy
Reading the ZAP interface
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Table of Contents
Next
Next Chapter
Penetration Testing: A Survival Guide
Penetration Testing: A Survival Guide
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset