|
Book details / order |
PENETRATION TESTING WITH THE BASH SHELL MAKE THE MOST OF THE BASH SHELL AND KALI LINUX'S COMMAND-LINE-BASED SECURITY ASSESSMENT TOOLS |
What you will learn from this book
perform network enumeration techniques with dig, whois, dnsenum, dnsmap, and others
learn how to fuzz and reverse engineer using the kali linux command line tools
exploit common web application vulnerabilities using skipfish, arcachi, and sqlmap
accomplish man-in-the-middle attacks straight from your command line
assess ssl security using sslyze and openssl
carry out network traffic analysis using tcpdump
in detail
this book teaches you to take your problem solving capabilities to the next level with the bash shell, to assess network and application level security by leveraging the power of the command-line tools available with kali linux.
the book begins by introducing some of the fundamental bash scripting and information processing tools. building on this, the next few chapters focus on detailing ways to customize your bash shell using functionalities such as tab completion and rich text formatting. after the fundamental customization techniques and general purpose tools have been discussed, the book breaks into topics such as the command-line-based security tools in the kali linux operating system. the general approach in discussing these tools is to involve general purpose tools discussed in previous chapters to integrate security assessment tools. this is a one stop solution to learn bash and solve information security problems.
approach
an easy-to-understand, step-by-step practical guide that shows you how to use the linux bash terminal tools to solve information security problems.
who this book is for
if you are a penetration tester, system administrator, or developer who would like an enriching and practical introduction to the bash shell and kali linux command-line-based tools, this is the book for you.
about the author
keith makan is the lead author of android security cookbook, packt publishing. he is an avid computer security enthusiast and a passionate security researcher. keith has published numerous vulnerabilities in android applications, wordpress plugins, and popular browser security software such as firefox's noscript and google chrome's xss auditor. his research has also won him numerous listings on the google application security hall of fame. keith has been working as a professional security assessment specialist, penetration tester, and security advisory for over 2 years.
preface
chapter 1: getting to know bash
getting help from the man pages
navigating and searching the filesystem
navigating directories
listing directory contents
searching the filesystem
file testing options
file action options
using i/o redirection
redirecting output
redirecting input
using pipes
getting to know grep
regular expression language – a crash course
regular expression matcher selection options
regular expression matching control options
output control options
file selection options
summary
further reading
chapter 2: customizing your shell
formatting the terminal output
the prompt string
prompt string customizations
aliases
customizing the command history
protecting sensitive information from leakage
customizing tab completion
summary
further reading
chapter 3: network reconnaissance
interrogating the whois servers
interrogating the dns servers
using dig
using dnsmap
enumerating targets on the local network
host discovery with arping
target enumeration with nmap
summary
further reading
chapter 4: exploitation and reverse engineering
using the metasploit command-line interface
getting started with msfcli
using invocation modes with msfcli
bash hacks and msfcli
preparing payloads with metasploit
creating and deploying a payload
disassembling binaries
disassembling with objdump
a note about the reverse engineering assembler code
debugging binaries for dynamic analysis
getting started with gdb
setting execution breakpoints and watch points
inspecting registers, memory values, and runtime information
summary
further reading
chapter 5: network exploitation and monitoring
mac and arp abuse
spoofing mac addresses
abusing address resolution
man-in-the-middle attacks
ettercap dns spoofing
interrogating servers
snmp interrogation
smtp server interrogation
brute-forcing authentication
using medusa
traffic filtering with tcpdump
getting started with tcpdump
using the tcpdump packet filter
assessing ssl implementation security
using sslyze
bash hacks and sslyze
automated web application security assessment
scanning with skipfish
scanning with arachni
summary
further reading
index.
Author : Keith makan
Publication : Packt publication
Isbn : 9789351106722
Store book number : 105
NRS 480.00
|
|
|
|
|
|
|
|
|
|