chapter outlines the in and outs of the Linux system Terminal window and covers how to manage the file system like the pros. You will learn how to manage users and groups inside Kali, and you will see how to manipulate files and folders during your engagements and much more.
Chapter 2: Bash Scripting
Bash scripting is an essential skill for a penetration tester. In this chapter you will learn how to start to use programming principles such as variables, functions, conditions, loops, and much more.
Chapter 3: Network Hosts Scanning
This chapter teaches you how to conduct network scans like professionals. You will learn first about the basics of networking, and then you will delve deep into the port scanning techniques.
Chapter 4: Internet Information Gathering
This chapter discusses the passive information gathering phase in penetration testing. You will be introduced to how to deal with advanced search engine queries. Also, you will learn how to use Shodan and other tools to get the job done.
Chapter 5: Social Engineering Attacks
This chapter focuses on how to take advantage of human weakness to exploit organizations. You will learn about how to send phishing emails and steal credentials. On top of that, you will see how to use the Social Engineer Toolkit as a penetration tester. Finally, you will see how USB Rubber Ducky operates in similar SE attacks.
Chapter 6: Advanced Enumeration Phase
This chapter reviews how to handle the enumeration phase in a penetration testing engagement. Enumeration means collecting the necessary information that will allow us to exploit the specific service (e.g., FTP, SSH, etc.).
Chapter 7: Exploitation Phase
This chapter discusses some actual attacks and shows you how to get inside the systems. In the previous chapters, you had all the information about each service, and in this one, we will take this step further and exploit the vulnerabilities.
Chapter 8: Web Application Vulnerabilities
This chapter focuses on the basics of web application vulnerabilities. The goal is to allow you test web applications with ease during your engagements. Every company has a website these days, and it's crucial to understand this topic from A to Z.
Chapter 9: Web Penetration Testing and Secure Software Development Lifecycle
In this chapter, you will mainly learn about the methodology of web application penetration testing and how to use Burp Suite Pro. Finally, you will see how to implement a secure software development lifecycle (SSDLC) in an organization.
Chapter 10: Linux Privilege Escalation
This chapter focuses mainly on Linux operating system privilege escalation. The techniques in this chapter will allow you to gain root privileges on a compromised Linux OS.
Chapter 11: Windows Privilege Escalation
This chapter describes how to get administrator privileges on the compromised Windows OS. First you will learn about how to enumerate the Windows OS, and then you will see how to exploit the Windows system with practical examples.
Chapter 12: Pivoting and Lateral Movement
This chapter describes how to use the pivoting techniques to move laterally on the compromised network. In this chapter, you will learn how Windows hashes work under the hood and how to reuse admin credentials to get the job done.
Chapter 13: Cryptography and Hash Cracking
This chapter describes how to crack hashes during your engagements using Hashcat. Before starting on the cracking topic, you will learn about the basics of cryptography including hashing and encryption.
Chapter 14: Reporting
This chapter explains how to present professional penetration testing reports. Also, you will learn how to evaluate accurately the severity of your findings.
Chapter 15: Assembly Language and Reverse Engineering
This chapter will introduce you to the concept of reverse engineering using the assembly language. You will learn about the basics of the assembly language including registers, assembly instructions, memory segments, and much more.
Chapter 16: Buffer/Stack Overflow
This chapter will use what you learned in the previous chapter to exploit the stack using the buffer overflow technique.
Chapter 17: Programming with Python
This chapter discusses the basics of Python version 3. This programming language is the choice of hackers, so you should learn it too.
Chapter 18: Pentest Automation with Python
This chapter focuses on the automation of the penetration testing phases using the Python language. You will see a complete practical example that can use in your career.
Appendix A: Kali Linux Desktop at a Glance
This appendix focuses on how to manage the interface of the Kali Linux desktop environment. You will learn how to handle this operating system with ease and customize it to your liking.
Appendix B: Building a Lab Environment Using Docker
This appendix will delve deep with Docker, and you will see how images and containers work in practice. Both Docker and hypervisor technologies facilitate the creation of a live lab so we, penetration testers, can have fun with it.
Companion Download Files
As you work through the examples in this book, you may choose either to type in all the code manually or to use the source code files that accompany the book. All the source code used in this book is available for download from www.wiley.com/go/kalilinuxpenbible .
How to Contact the Publisher
If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.
To submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line “Possible Book Errata Submission.”
