چه کسانی این کتاب را می‌خوانند

دانشجوعلاقه‌مند یادگیری
کتابخوان حرفه‌ایلذت مطالعه
نویسندهالهام‌گیری

LEARNING KALI LINUX : security testing, penetration testing & ethical hacking

Ric Messier

قیمت نهایی

۴۹٬۰۰۰ تومان

نسخه اصلی و اورجینال

بلافاصله پس از خرید، فایل کتاب روی دستگاه شما آمادهٔ دانلود است.

تحویل فوری
پرداخت امن
ضمانت فایل
پشتیبانی

مشخصات کتاب

نویسنده
Ric Messier
سال انتشار
۲۰۲۴
فرمت
PDF
زبان
انگلیسی
حجم فایل
۳۰٫۴ مگابایت
شابک
9781098154134، 1098154134

دربارهٔ کتاب

With hundreds of tools preinstalled, the Kali Linux distribution makes it easier for security professionals to get started with security testing quickly. But with more than 600 tools in its arsenal, Kali Linux can also be overwhelming. The new edition of this practical book covers updates to the tools, including enhanced coverage of forensics and reverse engineering. Author Ric Messier also goes beyond strict security testing by adding coverage on performing forensic analysis, including disk and memory forensics, as well as some basic malware analysis. • Explore the breadth of tools available on Kali Linux • Understand the value of security testing and examine the testing types available • Learn the basics of penetration testing through the entire attack lifecycle • Install Kali Linux on multiple systems, both physical and virtual • Discover how to use different security-focused tools • Structure a security test around Kali Linux tools • Extend Kali tools to create advanced attack techniques • Use Kali Linux to generate reports once testing is complete Copyright Table of Contents Preface What This Book Covers New in This Edition Who This Book Is For The Value and Importance of Ethics Conventions Used in This Book O’Reilly Online Learning How to Contact Us Acknowledgments Chapter 1. Foundations of Kali Linux Heritage of Linux About Linux Acquiring and Installing Kali Linux Virtual Machines Low-Cost Computing Windows Subsystem for Linux Desktops Xfce Desktop GNOME Desktop Logging In Through the Desktop Manager Cinnamon and MATE Using the Command Line File and Directory Management Process Management Other Utilities User Management Service Management Package Management Remote Access Log Management Summary Useful Resources Chapter 2. Network Security Testing Basics Security Testing Network Security Testing Monitoring Layers Stress Testing Denial-of-Service Tools Encryption Testing Packet Captures Using tcpdump Berkeley Packet Filters Wireshark Poisoning Attacks ARP Spoofing DNS Spoofing Summary Useful Resources Chapter 3. Reconnaissance What Is Reconnaissance? Open Source Intelligence Google Hacking Automating Information Grabbing Recon-ng Maltego DNS Reconnaissance and whois DNS Reconnaissance Regional Internet Registries Passive Reconnaissance Port Scanning TCP Scanning UDP Scanning Port Scanning with nmap High-Speed Scanning Service Scanning Manual Interaction Summary Useful Resources Chapter 4. Looking for Vulnerabilities Understanding Vulnerabilities Vulnerability Types Buffer Overflow Race Condition Input Validation Access Control Vulnerability Scanning Local Vulnerabilities Using lynis for Local Checks OpenVAS Local Scanning Root Kits Remote Vulnerabilities Quick Start with OpenVAS Creating a Scan OpenVAS Reports Network Device Vulnerabilities Auditing Devices Database Vulnerabilities Identifying New Vulnerabilities Summary Useful Resources Chapter 5. Automated Exploits What Is an Exploit? Cisco Attacks Management Protocols Other Devices Exploit Database Metasploit Starting with Metasploit Working with Metasploit Modules Importing Data Exploiting Systems Armitage Social Engineering Summary Useful Resources Chapter 6. Owning Metasploit Scanning for Targets Port Scanning SMB Scanning Vulnerability Scanning Exploiting Your Target Using Meterpreter Meterpreter Basics User Information Process Manipulation Privilege Escalation Pivoting to Other Networks Maintaining Access Cleaning Up Summary Useful Resources Chapter 7. Wireless Security Testing The Scope of Wireless 802.11 Bluetooth Zigbee WiFi Attacks and Testing Tools 802.11 Terminology and Functioning Identifying Networks WPS Attacks Automating Multiple Tests Injection Attacks Password Cracking on WiFi besside-ng coWPAtty Aircrack-ng Fern Going Rogue Hosting an Access Point Phishing Users Wireless Honeypot Bluetooth Testing Scanning Service Identification Other Bluetooth Testing Home Automation Testing Summary Useful Resources Chapter 8. Web Application Testing Web Architecture Firewall Load Balancer Web Server Application Server Database Server Cloud-Native Design Web-Based Attacks SQL Injection XML Entity Injection Command Injection Cross-Site Scripting Cross-Site Request Forgery Session Hijacking Using Proxies Burp Suite Zed Attack Proxy WebScarab Paros Proxy Automated Web Attacks Recon nikto wapiti dirbuster and gobuster Java-Based Application Servers SQL-Based Attacks Content Management System Testing Assorted Tasks Summary Useful Resources Chapter 9. Cracking Passwords Password Storage Security Account Manager PAM and Crypt Acquiring Passwords Offline Cracking John the Ripper Rainbow Tables HashCat Online Cracking Hydra Patator Web-Based Cracking Summary Useful Resources Chapter 10. Advanced Techniques and Concepts Programming Basics Compiled Languages Interpreted Languages Intermediate Languages Compiling and Building Programming Errors Buffer Overflows Heap Overflows Return to libc Writing Nmap Modules Extending Metasploit Maintaining Access and Cleanup Metasploit and Cleanup Maintaining Access Summary Useful Resources Chapter 11. Reverse Engineering and Program Analysis Memory Management Program and Process Structures Portable Executable Executable and Linkable Format Debugging Disassembly Java Decompilation Reverse Engineering Radare2 Cutter Ghidra Summary Resources Chapter 12. Digital Forensics Disks, Filesystems, and Images Filesystems Acquiring Disk Images Introducing The Sleuth Kit Using Autopsy File Analysis File from Disk Images Recovering Deleted Files Data Searches Hidden Data PDF Analysis Steganography Memory Forensics Summary Resources Chapter 13. Reporting Determining Threat Potential and Severity Writing Reports Audience Executive Summary Methodology Findings Managing Results Text Editors GUI-Based Editors Notes Cherry Tree Capturing Data Organizing Your Data Dradis Framework CaseFile Summary Useful Resources Index About the Author Colophon

قیمت نهایی

۴۹٬۰۰۰ تومان