๐”– Scriptorium
โœฆ   LIBER   โœฆ
๐Ÿ“

Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics

โœ Scribed by Meel, Ummed;

Publisher
BPB Publications
Year
2023
Tongue
English
Leaves
384
Category
Library
โฌ‡  Acquire This Volume

No coin nor oath required. For personal study only.

โœฆ Synopsis

Explore and use the latest VAPT approaches and methodologies to perform comprehensive and effective security assessments

Key Features

โ— A comprehensive guide to vulnerability assessment and penetration testing (VAPT) for all areas of cybersecurity.

โ— Learn everything you need to know about VAPT, from planning and governance to the PPT framework.

โ— Develop the skills you need to perform VAPT effectively and protect your organization from cyberattacks.

Description

This book is a comprehensive guide to Vulnerability Assessment and Penetration Testing (VAPT), designed to teach and empower readers of all cybersecurity backgrounds. Whether you are a beginner or an experienced IT professional, this book will give you the knowledge and practical skills you need to navigate the ever-changing cybersecurity landscape effectively.

With a focused yet comprehensive scope, this book covers all aspects of VAPT, from the basics to the advanced techniques. It also discusses project planning, governance, and the critical PPT (People, Process, and Technology) framework, providing a holistic understanding of this essential practice. Additionally, the book emphasizes on the pre-engagement strategies and the importance of choosing the right security assessments.

The book's hands-on approach teaches you how to set up a VAPT test lab and master key techniques such as reconnaissance, vulnerability assessment, network pentesting, web application exploitation, wireless network testing, privilege escalation, and bypassing security controls. This will help you to improve your cybersecurity skills and become better at protecting digital assets. Lastly, the book aims to ignite your curiosity, foster practical abilities, and prepare you to safeguard digital assets effectively, bridging the gap between theory and practice in the field of cybersecurity.

What you will learn

โ— Understand VAPT project planning, governance, and the PPT framework.

โ— Apply pre-engagement strategies and select appropriate security assessments.

โ— Set up a VAPT test lab and master reconnaissance techniques.

โ— Perform practical network penetration testing and web application exploitation.

โ— Conduct wireless network testing, privilege escalation, and security control bypass.

โ— Write comprehensive VAPT reports for informed cybersecurity decisions.

Who this book is for

This book is for everyone, from beginners to experienced cybersecurity and IT professionals, who want to learn about Vulnerability Assessment and Penetration Testing (VAPT). To get the most out of this book, it's helpful to have a basic understanding of IT concepts and cybersecurity fundamentals.

โœฆ Table of Contents

Cover
Title Page
Copyright Page
Dedication Page
About the Author
About the Reviewer
Acknowledgement
Preface
Table of Contents
1.โ€‚Beginning with Advanced Pen Testing
Introduction
Structure
Objectives
Fundamentals of VAPT
Vulnerability Assessment
Penetration Testing
Advanced penetration testing techniques and strategies
Business and compliance requirements for VAPT
Industrial approach and methodology in VAPT
Goals and objectives
Kickoff call
Intelligence gathering
Passive intelligence
Active intelligence
Threat modeling
Vulnerability assessment
Automated VA scan
Manual VA scan
Penetration testing
Post exploitation
Reporting
Security posture: Executive summary
Detailed technical report
Vulnerability management tracker
Security audit standards and frameworks: Best practices
Open web application security project standard
CWE/SANS Top 25
Penetration Testing Execution Standard
Open-source security testing methodology manual
NIST Cybersecurity Framework
ISO 27001 standards
CIS benchmarks
ISACA standards and guidelines
MITRE framework
Pre-engagement interaction with customers
Define audit scope
Exercise nature
Testing method
Black box
Grey box
White box
Environment selection
Approach and methodology selection
Exercise time selection
Project timeline
Rules of engagement
Deliverables
Designing the Scope of Work for security audits
Project planning and governance in VAPT
Project planning
Project management
Project governance
Delivery and customer success tactics in VAPT
Conclusion
References
2.โ€‚Setting up the VAPT Lab
Introduction
Structure
Initiating with Kali Linux
Kali Linux features
Establishing the virtualization landscape
How is it useful in VAPT
Deploying Kali Linux 2023.2
Installing Kali Linux on VMware workstation
Installing Kali Linux on VirtualBox
Arranging network services
Enabling ProxyChains
Use cases of ProxyChains
Personalizing Kali Linux
Changing the desktop environment
Installing additional applications
Modifying system settings
Changing the login screen
Refreshing Kali Linux
Enabling third-party VAPT tools
MobSF framework
Trivy
Setting up vulnerable machines and applications
Setting up Metasploitable 2
Setting Up BWAPP
Conclusion
3.โ€‚Active and Passive Reconnaissance Tactics
Introduction
Structure
What is reconnaissance
Why is reconnaissance so important
Types of reconnaissance
Passive reconnaissance
Active reconnaissance
Passive reconnaissance tools and tactics
WHOIS
DNS reconnaissance
IP reconnaissance
Shodan
Route mapping
Email address
Name and number
Password or breach data dump
Active reconnaissance tools and tactics
Host discovery
Port scanning
Port scanning techniques
Running services and version detection
OS fingerprinting
Directory enumeration
Hard-coded information
Additional resources for reconnaissance
Maltego
SPARTA
Conclusion
4.โ€‚Vulnerability Assessment and Management
Introduction
Structure
Overview of vulnerability assessment
Vulnerability nomenclature
Vulnerability management life cycle
Vulnerability assessment
Web application
OWASP ZAP
Burp suite
Computer network
Nessus
Legion
NMAP
Mobile application
MobSF
Container
Trivy
Vulnerability management
Application security
Conclusion
5.โ€‚Exploiting Computer Network
Introduction
Structure
Objectives
Understanding network pen testing
Introduction to Metasploit
Metasploit database and workspace management
Integrating NMAP scans with Metasploit
Metasploit automation
Starting with auxiliary and exploits
Auxiliary modules
Exploit modules
Post-exploitation modules
Manual exploitation
Exploitation using Armitage
Setting up Armitage
Conclusion
6.โ€‚Exploiting Web Application
Introduction
Structure
Objectives
What is web application pen testing
Web application pen testing approach
Web application pen testing attack vectors
OWASP top 10 for web application
Web application pen testing threat modeling
Web application pen testing mind map
Detecting web app firewalls and load balancers
Exploiting application-specific vulnerabilities
SQL injection
PHP code execution
Brute force at login
Broken authentication
Insecure Direct Object Reference
XSS using XSS validator
Backdoor via unrestricted file upload
HTTP parameter pollution
Business logic flaws
Conclusion
7.โ€‚Exploiting Wireless Network
Introduction
Structure
Objectives
Introduction to wireless pentesting
Wireless network fundamentals
Wireless networks and protocols overview
Wireless network topologies and architectures
Radio Frequency fundamentals
Wireless security threats and standards
Common wireless security threats
Wireless security overview
Wireless pen testing methodology
Steps involved in wireless pentesting
Approach to wireless pentesting
Wireless pen testing tools
Overview of wireless pen testing tools
Common wireless pen testing tools
Configuring Kali Linux for wireless pentesting
Configuring Kali Linux for wireless attacks
Wireless network exploitation techniques
Compromising WPA/WPA2 encryption
Man-in-the-middle attacks with rogue access points
Bypassing hidden SSIDs
Bypassing MAC and open authentication
Denial-of-service attacks
Advanced wireless attacks
Attacking wireless routers with Reaver
Conclusion
8.โ€‚Hash Cracking and Post Exploitation
Introduction
Structure
Objectives
Exploring hash functions
Purpose and properties of modern hash functions
Unveiling common hash algorithms
Mastering password hashing
Art of securing passwords
Cutting-edge techniques - Salting and key stretching
Unleashing hash cracking techniques
Strategic approaches
Empowering hash cracking arsenal
Elite tools for hash warriors
Hash-identifier
John the Ripper
John the Ripper Jumbo
Hashcat
Online tools for hash warriors
CrackStation
Hashes
Difference between hashing, encryption and encoding
Post exploitation and lateral movement
Understanding post exploitation
Significance of lateral movement
Privilege escalation techniques
Privilege escalation on Linux
Phase 1: Initial access
Phase 2: Preparing for privilege escalation using a Udev exploit
Phase 3: Escalating privileges
Privilege escalation on Windows
Phase 1: Initial access
Phase 2: Preparing for privilege escalation using bypass UAC
Phase 3: Escalating privileges
Exploring network pivoting
Pivoting approach
Phase 1: Gain (initial) access to Windows 7
Phase 2: Network info gathering and pivot connection establishment
Phase 3: Network pivoting by exploiting Metasploitable 2 machine
Persistence and lateral movement
Strategies for persistent access and lateral movement
Persistence through hashdump techniques
Exploring RDP for lateral movement
Unleashing the power of Mimikatz in meterpreter
Conclusion
9.โ€‚Bypass Security Controls
Introduction
Structure
Objectives
Significance of bypassing security controls
Advancements in security controls
Cutting-edge technologies
Intelligent systems
Evolving threat landscape
Cloud specific security controls
Security control bypass in network recon
Source port manipulation
IP address spoofing / decoy IP
Packet fragmentation
Spoofing MAC address
Custom packet creation
Nmap Scripting Engine scripts
Outsmarting Windows Defender
Antivirus evasion techniques and tools
Antivirus evasion techniques
Antivirus evasion tools
Harnessing Metasploit templates and custom binaries for antivirus evasion
Shellter
Unicorn
Phantom-Evasion
Invoke-Stealth
Cutting-edge WAF evasion tactics
Evolving social engineering tactics
Phishing simulation
Phishing approach and methodology
Gophish
Conclusion
10.โ€‚Revolutionary Approaches to Report Writing
Introduction
Structure
Objectives
Overview of report writing
Importance of report writing in cybersecurity
Integrating reports in comprehensive assessments
Components of well-crafted reports
Vulnerability Assessment report
Penetration Testing report
Risk assessment and prioritization
Quantifying risks for effective assessment
Utilizing CVSS scores
Factors influencing CVSS scores
Interpreting and applying CVSS scores appropriately
Types of cybersecurity assessment reports
Executive summary report
Detailed technical assessment report
Vulnerability management tracker
Examples of detailed reports
Web application VAPT report writing example
Network VAPT report writing example
Automated vulnerability management with DefectDojo
Conclusion
Index

๐Ÿ“œ SIMILAR VOLUMES

Advanced Penetration Testing with Kali L
๐Ÿ“ Advanced Penetration Testing with Kali Linux: Unlocking industry-oriented VAPT tactics (English Edition)
โœ Ummed Meel ๐Ÿ“‚ Library ๐Ÿ“… 2023 ๐Ÿ› BPB Publications ๐ŸŒ English

<p><span>Explore and use the latest VAPT approaches and methodologies to perform comprehensive and effective security assessments</span></p><p></p><p></p><p></p><p><span>Key Features</span></p><p><span>โ— A comprehensive guide to vulnerability assessment and penetration testing (VAPT) for all areas o

Web Penetration Testing with Kali Linux
๐Ÿ“ Web Penetration Testing with Kali Linux
โœ Joseph Muniz, Aamir Lakhani ๐Ÿ“‚ Library ๐Ÿ“… 2013 ๐Ÿ› Packt Publishing ๐ŸŒ English

Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. Readers will learn how to think like real attackers, exploit systems, and expose vulnerabilities. Even though web

Web Penetration Testing with Kali Linux
๐Ÿ“ Web Penetration Testing with Kali Linux
โœ Joseph Muniz, Aamir Lakhani ๐Ÿ“‚ Library ๐Ÿ“… 2013 ๐Ÿ› Packt Publishing ๐ŸŒ English

<p>A practical guide to implementing penetration testing strategies on websites, web applications, and standard web protocols with Kali Linux </p> <p><b>Overview</b></p> <ul> <li>Learn key reconnaissance concepts needed as a penetration tester</li> <li>Attack and exploit key features, authentication

Web Penetration Testing with Kali Linux
๐Ÿ“ Web Penetration Testing with Kali Linux
โœ Joseph Muniz; Aamir Lakhani ๐Ÿ“‚ Library ๐Ÿ› Packt Pub Limited ๐ŸŒ English

Web Penetration Testing with Kali Linux contains various penetration testing methods using BackTrack that will be used by the reader. It contains clear step-by-step instructions with lot of screenshots. It is written in an easy to understand language which will further simplify the understanding for