Kali Linux Penetration Testing Bible

(KALI-LINUX.AE1)/ISBN:978-1-64459-423-0

This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)

Lessons

21+ Lessons | 55+ Exercises | 122+ Flashcards | 122+ Glossary of terms

TestPrep

Hand on lab

32+ LiveLab | 32+ Video tutorials | 59+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • What Does This Course Cover?

Lessons 2: Mastering the Terminal Window

  • Kali Linux File System
  • Managing Users and Groups in Kali
  • Files and Folders Management in Kali Linux
  • Remote Connections in Kali
  • Kali Linux System Management
  • Networking in Kali Linux
  • Summary

Lessons 3: Bash Scripting

  • Basic Bash Scripting
  • Printing to the Screen in Bash
  • Variables
  • Script Parameters
  • User Input
  • Functions
  • Conditions and Loops
  • Summary

Lessons 4: Network Hosts Scanning

  • Basics of Networking
  • Network Scanning
  • DNS Enumeration
  • Summary

Lessons 5: Internet Information Gathering

  • Passive Footprinting and Reconnaissance
  • Summary

Lessons 6: Social Engineering Attacks

  • Spear Phishing Attacks
  • Payloads and Listeners
  • Social Engineering with the USB Rubber Ducky
  • Summary

Lessons 7: Advanced Enumeration Phase

  • Transfer Protocols
  • E‐mail Protocols
  • Database Protocols
  • CI/CD Protocols
  • Web Protocols 80/443
  • Graphical Remoting Protocols
  • File Sharing Protocols
  • Summary

Lessons 8: Exploitation Phase

  • Vulnerabilities Assessment
  • Services Exploitation
  • Summary

Lessons 9: Web Application Vulnerabilities

  • Web Application Vulnerabilities
  • Summary

Lessons 10: Web Penetration Testing and Secure Software Development Lifecycle

  • Web Enumeration and Exploitation
  • Secure Software Development Lifecycle
  • Summary

Lessons 11: Linux Privilege Escalation

  • Introduction to Kernel Exploits and Missing Configurations
  • Kernel Exploits
  • SUID Exploitation
  • Overriding the Passwd Users File
  • CRON Jobs Privilege Escalation
  • sudoers
  • Exploiting Running Services
  • Automated Scripts
  • Summary

Lessons 12: Windows Privilege Escalation

  • Windows System Enumeration
  • File Transfers
  • Windows System Exploitation
  • Summary

Lessons 13: Pivoting and Lateral Movement

  • Dumping Windows Hashes
  • Pivoting with Port Redirection
  • Summary

Lessons 14: Cryptography and Hash Cracking

  • Basics of Cryptography
  • Cracking Secrets with Hashcat
  • Summary

Lessons 15: Reporting

  • Overview of Reports in Penetration Testing
  • Scoring Severities
  • Report Presentation
  • Summary

Lessons 16: Assembly Language and Reverse Engineering

  • CPU Registers
  • Assembly Instructions
  • Data Types
  • Memory Segments
  • Addressing Modes
  • Reverse Engineering Example
  • Summary

Lessons 17: Buffer/Stack Overflow

  • Basics of Stack Overflow
  • Stack Overflow Exploitation
  • Summary

Lessons 18: Programming with Python

  • Basics of Python
  • Running Python Scripts
  • Debugging Python Scripts
  • Practicing Python
  • Python Basic Syntaxes
  • Variables
  • More Techniques in Python
  • Summary

Lessons 19: Pentest Automation with Python

  • Penetration Test Robot
  • Summary

Lessons 20: APPENDIX A: Kali Linux Desktop at a Glance

  • Downloading and Running a VM of Kali Linux
  • Kali Xfce Desktop
  • Summary

Lessons 21: APPENDIX B: Building a Lab Environment Using Docker

  • Docker Technology
  • Summary

Lessons 22:

Hands-on LAB Activities

Mastering the Terminal Window

  • Managing Users Using Users Commands
  • Changing the Permissions of a File Using the chmod Command

Network Hosts Scanning

  • Performing Port Scanning and Identifying Live Hosts
  • Performing Zone Transfer Using dig

Internet Information Gathering

  • Using Maltego
  • Using Google Hacking Database (GHDB)
  • Using Shodan to Find Webcams
  • Using the Information Gathering Tool

Social Engineering Attacks

  • Gathering Information Using the Social Engineering Toolkit
  • Analyzing Malware using VirusTotal
  • Creating Reverse and Bind Shells Using Netcat

Advanced Enumeration Phase

  • Performing Session Hijacking using Burpsuite

Exploitation Phase

  • Performing Vulnerability Scanning Using OpenVAS
  • Searching Exploits using searchsploit
  • Securing the FTP Service
  • Using the msfvenom Program

Web Application Vulnerabilities

  • Exploiting Local File Inclusion and Remote File Inclusion Vulnerabilities
  • Conducting Cross-Site Request Forgery Attacks
  • Exploiting Command Injection Vulnerabilities
  • Exploiting a Website using SQL Injection
  • Attacking a Website Using XSS Injection

Linux Privilege Escalation

  • Creating a Shell Script and cron Job

Windows Privilege Escalation

  • Using Basic Enumeration Commands
  • Displaying Networking Information
  • Using Meterpreter to Display the System Information

Pivoting and Lateral Movement

  • Using Mimikatz
  • Cracking Passwords using Cain and Abel

Cryptography and Hash Cracking

  • Performing Symmetric Encryption
  • Examining Asymmetric Encryption
  • Observing an SHA256-Generated Hash Value
  • Observing an MD5-Generated Hash Value

Pentest Automation with Python

  • Finding Live Hosts by Using the Ping Sweep in Python