finelybook
Kali Linux Intrusion and Exploitation Cookbook
by 作者: Ishan Girdhar,Dhruv Shah
B071V5BWYZ
pages 页数: 512 pages
Publisher Finelybook 出版社: Packt Publishing (21 April 2017)
Language 语言: English
ISBN-10 书号: 1783982160
ISBN-13 书号: 9781783982165
Over 70 recipes for system administrators or DevOps to master Kali Linux 2 and perform effective security assessments
About This Book
Set up a penetration testing lab to conduct a preliminary assessment of attack surfaces and run exploits
Improve your testing efficiency with the use of automated vulnerability scanners
Work through step-by-step recipes to detect a wide array of vulnerabilities,exploit them to analyze their consequences,and identify security anomalies
Who this book is for
This book is intended for those who want to know more about information security. In particular,it's ideal for system administrators and system architects who want to ensure that the infrastructure and systems they are creating and managing are secure. This book helps both beginners and intermediates by allowing them to use it as a reference book and to gain in-depth knowledge.
What you will learn
Understand the importance of security assessments over merely setting up and managing systems/processes
Familiarize yourself with tools such as OPENVAS to locate system and network vulnerabilities
Discover multiple solutions to escalate privileges on a compromised machine
Identify security anomalies in order to make your infrastructure secure and further strengthen it
Acquire the skills to prevent infrastructure and application vulnerabilities
Exploit vulnerabilities that require a complex setup with the help of Metasploit
In Detail
With the increasing threats of breaches and attacks on critical infrastructure,system administrators and architects can use Kali Linux 2.0 to ensure their infrastructure is secure by finding out known vulnerabilities and safeguarding their infrastructure against unknown vulnerabilities.
This practical cookbook-style guide contains chapters carefully structured in three phases – information gathering,vulnerability assessment,and penetration testing for the web,and wired and wireless networks. It's an ideal reference guide if you're looking for a solution to a specific problem or learning how to use a tool. We provide hands-on examples of powerful tools/scripts designed for exploitation.
In the final section,we cover various tools you can use during testing,and we help you create in-depth reports to impress management. We provide system engineers with steps to reproduce issues and fix them.
Style and approach
This practical book is full of easy-to-follow recipes with based on real-world problems faced by the authors. Each recipe is divided into three sections,clearly defining what the recipe does,what you need,and how to do it. The carefully structured recipes allow you to go directly to your topic of interest.
Contents
Chapter 1. Getting Started - Setting Up an Environment
Chapter 2. Network Information Gathering
Chapter 3. Network Vulnerability Assessment
Chapter 4. Network Exploitation
Chapter 5. Web Application Information Gathering
Chapter 6. Web Application Vulnerability Assessment
Chapter 7. Web Application Exploitation
Chapter 8. System and Password Exploitation
Chapter 9. Privilege Escalation and Exploitation
Chapter 10. Wireless Exploitation
70多个系统管理员或DevOps掌握Kali Linux 2的配方,并进行有效的安全评估
关于这本书
建立渗透测试实验室,对攻击面进行初步评估并运行漏洞
使用自动漏洞扫描程序提高测试效率
通过分步配方检测各种漏洞,利用它们分析其后果,并确定安全异常
这本书是谁
本书适用于那些想了解更多信息安全的人员。特别是,它是理想的系统管理员和系统架构师谁想要确保他们正在创建和管理的基础架构和系统是安全的。这本书通过允许初学者和中间人使用它作为参考书并获得深入的知识,帮助初学者和中间人。
你会学到什么
了解安全评估对于建立和管理系统/流程的重要性
熟悉OPENVAS等工具来查找系统和网络漏洞
发现多种解决方案来升级受损机器的特权
识别安全异常,以使您的基础设施安全并进一步加强
获得防止基础设施和应用程序漏洞的技能
利用Metasploit的帮助,利用需要复杂设置的漏洞
详细
随着对关键基础架构的破坏和攻击的威胁越来越大,系统管理员和架构师可以使用Kali Linux 2.0,通过发现已知漏洞并保护其基础设施免受未知漏洞的影响,确保其基础架构安全。
这本实用的菜谱式指南包含三个章节,分为三个阶段: 信息收集,漏洞评估和针对网络以及有线和无线网络的渗透测试。如果您正在寻找具体问题的解决方案或了解如何使用工具,这是一个理想的参考指南。我们提供实用的强大的工具/脚本,用于开发。
在最后一节,我们将介绍在测试过程中可以使用的各种工具,我们可以帮助您创建深入的报告来打动管理。我们为系统工程师提供了重现问题和解决问题的步骤。
风格和方法
这本实用的书充满了基于作者面临的真实世界问题的易于遵循的食谱。每个食谱分为三个部分,清楚地定义食谱做什么,你需要什么以及如何做。精心组织的食谱可让您直接转到您感兴趣的话题。
目录
第1章入门 - 设置环境
网络信息收集
第3章网络脆弱性评估
第四章网络开发
第5章Web应用信息收集
第6章Web应用程序漏洞评估
第7章Web应用程序开发
第八章系统和密码开发
第九章特权升级和剥削
第10章无线开发
