Himanshu Sharma - Kali Linux - An Ethical Hackers Cookbook: Practical recipes that combine strategies, attacks, and tools for advanced penetration testing, 2nd Edition

Copyright 2019 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin Boricha
Acquisition Editor: Rohit Rajkumar
Content Development Editor: Ronn Kurien
Technical Editor: Prachi Sawant
Copy Editor: Safis Editing
Project Coordinator: Jagdish Prabhu
Proofreader: Safis Editing
Indexer: Manju Arasan
Graphics: Tom Scaria
Production Coordinator: Jayalaxmi Raja

First published: October 2017
Second edition: March 2019

Production reference: 1290319

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-78995-230-8

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at customercare@packtpub.com for more details.

At www.packt.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Himanshu Sharma has been active in the field of bug bounty since 2009, and has been listed in Apple, Google, Microsoft, Facebook, Adobe, Uber, AT&T, Avira, and many more with hall of fame listings as proof.

He has been a speaker at multiple international conferences, including Botconf '13, Confidence 2018, RSA Asia Pacific and Japan '18, and Hack In The Box 2019. He also spoke at the IEEE conference in California and Malaysia, as well as for TedX.

Currently, he is the cofounder of BugsBounty, a crowd-sourced security platform for ethical hackers and companies interested in cyber services. He has also authored the following books: Kali Linux An Ethical Hacker's Cookbook, and Hands-On Red Team Tactics.

Bhargav Tandel has over 7 years' experience in information security with companies including Reliance jio, Vodafone, and Wipro. His core expertise and passions are vulnerability assessment, penetration testing, Red Team, ethical hacking, and information security. He is currently pursuing the OSCP certification. He has the ability to solve complex problems involving a wide variety of information systems, work independently on large-scale projects, and thrive under pressure in fast-paced environments, all while directing multiple projects from concept to implementation.

Kunal Sehgal has been heading critical cybersecurity roles for financial organizations, for over 15 years now. He is an avid blogger and a regular speaker on cyber-related topics across Asia.

He also holds a bachelor's degree in computer applications from Panjab University, and a postgraduate diploma from Georgian College in cyberspace security. He holds numerous cyber certifications, including Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Tenable Certified Nessus Auditor (TCNA), Certificate of Cloud Security Knowledge (CCSK), ISO 27001 Lead Auditor, Offensive Security Certified Professional (OSCP), and CompTIA Security+.

Shivanand Persad has a master's in business administration from the Australian Institute of Business, and a bachelor of science in electrical and computer engineering from the University of the West Indies. He possesses a wide variety of specializations, including controls and instrumentation systems, wireless and wired communication systems, strategic management, and business process re-engineering. With over a decade of experience across multiple engineering disciplines, and a lengthy tenure with one of the largest ISPs in the Caribbean, he continues to be passionate about technology and its continuous development. When he's not reading everything in sight, he enjoys archery, martial arts, biking, and tinkering.

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

This book begins with the installation and configuration of Kali Linux to help you perform your tests. You will then learn about methods that will help you gather intel and perform web application exploitation using tools such as Burp. Moving forward, you will also learn how to perform network exploitation by generating payloads using MSFPC, Metasploit, and Cobalt Strike. Next, you will learn about monitoring and cracking wireless networks using Aircrack, Fluxion, and Wifi-Pumpkin. After that, you will learn how to analyze, generate, and crack passwords using tools such as Patator, John the Ripper, and ceWL. Later, you will also learn about some of the tools that help in forensic investigations. Lastly, you will learn how to create an optimum quality pentest report!