Publicado Por
Unknown
//
14:42
//
31 oct 2014
Table of Contents Preface 1 Chapter 1: Getting Started 7 Configuring a security lab with VMware Player (Windows) 7 Configuring a security lab with VMware Fusion (Mac OS X) 13 Installing Ubuntu Server 16 Installing Metasploitable2 20 Installing Windows Server 22 Increasing the Windows attack surface 24 Installing Kali Linux 27 Configuring and using SSH 31 Installing Nessus on Kali Linux 35 Configuring Burp Suite on Kali Linux 39 Using text editors (VIM and Nano) 42 Chapter 2: Discovery Scanning 45 Using Scapy to perform layer 2 discovery 49 Using ARPing to perform layer 2 discovery 58 Using Nmap to perform layer 2 discovery 63 Using NetDiscover to perform layer 2 discovery 66 Using Metasploit to perform layer 2 discovery 69 Using ICMP ping to perform layer 3 discovery 73 Using Scapy to perform layer 3 discovery 78 Using Nmap to perform layer 3 discovery 87 Using fping to perform layer 3 discovery 90 Using hping3 to perform layer 3 discovery 94 Using Scapy to perform layer 4 discovery 100 Using Nmap to perform layer 4 discovery 111 Using hping3 to perform layer 4 discovery 115 ii Table of Contents Chapter 3: Port Scanning 125 UDP port scanning 126 TCP port scanning 126 UDP scanning with Scapy 129 UDP scanning with Nmap 136 UDP scanning with Metasploit 140 Stealth scanning with Scapy 145 Stealth scanning with Nmap 153 Stealth scanning with Metasploit 160 Stealth scanning with hping3 167 Connect scanning with Scapy 170 Connect scanning with Nmap 178 Connect scanning with Metasploit 184 Connect scanning with Dmitry 192 TCP port scanning with Netcat 195 Zombie scanning with Scapy 199 Zombie scanning with Nmap 204 Chapter 4: Fingerprinting 209 Banner grabbing with Netcat 211 Banner grabbing with Python sockets 213 Banner grabbing with Dmitry 217 Banner grabbing with Nmap NSE 220 Banner grabbing with Amap 221 Service identification with Nmap 224 Service identification with Amap 226 Operating system identification with Scapy 230 Operating system identification with Nmap 237 Operating system identification with xProbe2 238 Passive operating system identification with p0f 241 SNMP analysis with Onesixtyone 244 SNMP analysis with SNMPwalk 245 Firewall identification with Scapy 247 Firewall identification with Nmap 262 Firewall identification with Metasploit 264 Chapter 5: Vulnerability Scanning 269 Vulnerability scanning with Nmap Scripting Engine 270 Vulnerability scanning with MSF auxiliary modules 276 Creating scan policies with Nessus 280 iii Table of Contents Vulnerability scanning with Nessus 283 Command-line scanning with Nessuscmd 288 Validating vulnerabilities with HTTP interaction 291 Validating vulnerabilities with ICMP interaction 293 Chapter 6: Denial of Service 297 Fuzz testing to identify buffer overflows 298 Remote FTP service buffer overflow DoS 302 Smurf DoS attack 305 DNS amplification DoS attack 309 SNMP amplification DoS attack 320 NTP amplification DoS attack 330 SYN flood DoS attack 332 Sock stress DoS attack 339 DoS attacks with Nmap NSE 344 DoS attacks with Metasploit 348 DoS attacks with the exploit database 354 Chapter 7: Web Application Scanning 359 Web application scanning with Nikto 360 SSL/TLS scanning with SSLScan 363 SSL/TLS scanning with SSLyze 366 Defining a web application target with Burp Suite 369 Using Burp Suite Spider 371 Using Burp Suite engagement tools 373 Using Burp Suite Proxy 375 Using the Burp Suite web application scanner 376 Using Burp Suite Intruder 378 Using Burp Suite Comparer 381 Using Burp Suite Repeater 382 Using Burp Suite Decoder 386 Using Burp Suite Sequencer 387 GET method SQL injection with sqlmap 390 POST method SQL injection with sqlmap 394 Requesting a capture SQL injection with sqlmap 397 Automating CSRF testing 399 Validating command injection vulnerabilities with HTTP traffic 402 Validating command injection vulnerabilities with ICMP traffic 404 iv Table of Contents Chapter 8: Automating Kali Tools 407 Nmap greppable output analysis 407 Nmap port scanning with targeted NSE script execution 410 Nmap NSE vulnerability scanning with MSF exploitation 413 Nessuscmd vulnerability scanning with MSF exploitation 416 Multithreaded MSF exploitation with reverse shell payload 419 Multithreaded MSF exploitation with backdoor executable 422 Multithreaded MSF exploitation with ICMP verification 424 Multithreaded MSF exploitation with admin account creation 426 Index 429
Descargar:
0 comentarios: