Kali Linux Penetration Testing Bible. Gus Khawaja
Чтение книги онлайн.
Читать онлайн книгу Kali Linux Penetration Testing Bible - Gus Khawaja страница 3
2 Chapter 2Figure 2.1 Bash ScriptingFigure 2.2 Export ConfigFigure 2.3 Script SectionsFigure 2.4 Conditions and Loops
3 Chapter 3Figure 3.1 TCP HandshakeFigure 3.2 Wireshark Network Interface SelectionFigure 3.3 Wireshark CaptureFigure 3.4 Wireshark ICMP Filter
4 Chapter 4Figure 4.1 ShodanFigure 4.2 Google Dork Site FilterFigure 4.3 Google Dork Site Filter with DescriptionFigure 4.4 Google Hacking DatabaseFigure 4.5 Kali Menu – Information GatheringFigure 4.6 Maltego Transform HubFigure 4.7 Maltego EntitiesFigure 4.8 Maltego TransformsFigure 4.9 Maltego To Domains TranformFigure 4.10 Maltego Domain Name / DNSFigure 4.11 Domain Name TansformsFigure 4.12 Maltego Subdomains Graph
5 Chapter 5Figure 5.1 Admin E‐mailFigure 5.2 Bind ShellFigure 5.3 Reverse ShellFigure 5.4 Virus TotalFigure 5.5 USB Rubber DuckyFigure 5.6 USB Rubber Ducky with MicroSDFigure 5.7 Running PowerShell in Admin Mode
6 Chapter 6Figure 6.1 Jenkins Web PortalFigure 6.2 Jenkins Error MessageFigure 6.3 Firefox Network SettingsFigure 6.4 Kali Menu ‐ Burp SuiteFigure 6.5 Burp Suite ProxyFigure 6.6 Burp Suite – Send to RepeaterFigure 6.7 POST Contents
7 Chapter 7Figure 7.1 OpenVAS Web PortalFigure 7.2 OpenVAS New TargetFigure 7.3 OpenVAS Target OptionsFigure 7.4 OpenVAS Task OptionsFigure 7.5 OpenVAS Run A TaskFigure 7.6 OpenVAS Report ResultsFigure 7.7 OpenVAS – Vulnerability Results SampleFigure 7.8 OpenVAS‐ Report ReferencesFigure 7.9 Google Search for ExploitFigure 7.10 FileZilla FTP ConnectFigure 7.11 FileZilla FTP Connection EstablishedFigure 7.12 Google Search – FTP ExploitFigure 7.13 Wireshark Interface SelectionFigure 7.14 Wireshark Capture ResultsFigure 7.15 Wireshark – Follow TCP StreamFigure 7.16 Wireshark – Cleartext CaptureFigure 7.17 Receiving Email SettingsFigure 7.18 Sending Email SettingsFigure 7.19 Email InboxFigure 7.20 Docker Host DesignFigure 7.21 Jenkins HomepageFigure 7.22 Jenkins ‐ New ProjectFigure 7.23 Jenkins – Add Build StepFigure 7.24 Jenkins – Reverse ShellFigure 7.25 SMB ConnectFigure 7.26 SMB Connection Established
8 Chapter 8Figure 8.1 Mutillidae Home PageFigure 8.2 Mutillidae – DNS LookupFigure 8.3 Mutillidae – Script AlertFigure 8.4 Mutillidae – Blog EntryFigure 8.5 Mutillidae ‐ LogsFigure 8.6 Burp suite – Proxy InterceptFigure 8.7 Burp Suite – User‐Agent EditFigure 8.8 Mutillidae – Bad Characters Error MessageFigure 8.9 Burp Suite – Intercept PayloadFigure 8.10 Burp Suite – Target Host ScriptFigure 8.11 Accounts TableFigure 8.12 Accounts Table ‐ SQL QueryFigure 8.13 Login SQLiFigure 8.14 Login SQLi QueryFigure 8.15 Login SQLi ResultsFigure 8.16 Mutillidae – Login SQLiFigure 8.17 Mutillidae – Login SQLi ResultsFigure 8.18 SQLi ‐ Union Select SyntaxFigure 8.19 SQLi – Union SelectFigure 8.20 SQLi – Union Select with DB VersionFigure 8.21 Schema Table – Credit Cards FieldFigure 8.22 Credit Cards Table QueryFigure 8.23 Extract Credit Cards Table DataFigure 8.24 SQL Query – Write To SystemFigure 8.25 SQLi ErrorFigure 8.26 Mutillidae – Command InjectionFigure 8.27 Mutillidae – Extracting Passwd FileFigure 8.28 Mutillidae – Remote File InclusionFigure 8.29 Mutillidae Blog PageFigure 8.30 Burp Suite – Generate CSRF PoCFigure 8.31 Burp Suite – Generate CSRF Copy HTMLFigure 8.32 CSRF PoC VictimFigure 8.33 CSRF PoC ResultsFigure 8.34 Mutillidae File UploadFigure 8.35 Mutillidae – File Upload ResultsFigure 8.36 File Upload POST DataFigure 8.37 File Upload Post Data PayloadsFigure 8.38 Burp Suite – Intercept Hex TabFigure 8.39 Burp Suite Encoding
9 Chapter 9Figure 9.1 Burp Suite CertificateFigure 9.2 Importing the Burp Suite CertificateFigure 9.3 Burp Suite Proxy Tab, Options SectionFigure 9.4 Burp Suite TargetFigure 9.5 Burp Suite Add To Scope OptionFigure 9.6 Burp Suite In‐Scope FilterFigure 9.7 Burp Suite In‐Scope Filter AppliedFigure 9.8 Burp Suite Discover Content Menu ItemFigure 9.9 Burp Suite Running Discover Content FeatureFigure 9.10 Burp Suite Active ScanFigure 9.11 Burp Suite Send To Repeater Menu ItemFigure 9.12 Changing the UID ParamFigure 9.13 Burp Suite Intruder Positions SubtabFigure 9.14 Burp Suite Intruder PayloadFigure 9.15 Burp Suite Intruder Payload OptionFigure 9.16 Burp Suite Intruder AttackFigure 9.17 Burp Suite Extender TabFigure 9.18 BApp StoreFigure 9.19 Creating Reports in Burp SuiteFigure 9.20 Report Sample in Burp SuiteFigure 9.21 Software Development LifecycleFigure 9.22 Secure Development LifecycleFigure 9.23 Network DiagramFigure 9.24 Data Flow Diagram
10 Chapter 10Figure 10.1 Google Search – Dirty COW Exploit
11 Chapter 11Figure 11.1 Windows PermissionsFigure 11.2 Iperius BackupFigure 11.3 Iperius About TabFigure 11.4 Exploit‐DB – Iperius ExploitationFigure 11.5 Iperius – Evil.bat Config
12 Chapter 12Figure 12.1 Port ForwardingFigure 12.2 ECorp Network Diagram
13 Chapter 13Figure 13.1 RSA Tool
14 Chapter 14Figure 14.1 CVSS CalculatorFigure 14.2 CVSS Results
15 Chapter 15Figure 15.1 General CPU RegistersFigure 15.2 Index RegistersFigure 15.3 Pointer RegistersFigure 15.4 Segment RegistersFigure 15.5 Memory SegmentsFigure 15.6 Immunity PausedFigure 15.7 Main Function InstructionsFigure 15.8 Follow In DumpFigure 15.9 Memory Dump WindowFigure 15.10 Memory Map MenuFigure 15.11 Memory Map WindowFigure 15.12 HelloWorld.text
Figure 15.13 RegistersFigure 15.14 Stack
16 Chapter 16Figure 16.1 Stack PointersFigure 16.2 PUSH EBPFigure 16.3 Immunity Debugger, Opening a FileFigure 16.4 Immunity Debugger, Run ButtonFigure 16.5 Error MessageFigure 16.6 Stack StructureFigure 16.7 Filling the Buffer with AsFigure 16.8 Stack Overflow with A, B, and C
17 Chapter 17Figure 17.1 Running VS CodeFigure 17.2 Python ExtensionFigure 17.3 PylintFigure 17.4 DebugFigure 17.5 Output
18 Chapter 18Figure 18.1 Application Workflow
19 Appendix AFigure A.1 Choose Kali/Linux on the Load MenuFigure A.2 Xfce Installation OptionFigure A.3 Kali DesktopFigure A.4 Kali MenuFigure A.5 Remove from FavoritesFigure A.6 Add to FavoritesFigure A.7 Kali Menu ToolsFigure