Analysts and engineers performing security testing or penetration testing are typically expected to deliver a report at the end of their work. In this video, created for entry-to-intermediate-level security engineers, you'll learn to use the Kali Linux toolsets that help you handle three major tasks associated with producing such reports. First, you'll learn about the Kali tools that let you manipulate and manage the …
Analysts and engineers performing security testing or penetration testing are typically expected to deliver a report at the end of their work. In this video, created for entry-to-intermediate-level security engineers, you'll learn to use the Kali Linux toolsets that help you handle three major tasks associated with producing such reports. First, you'll learn about the Kali tools that let you manipulate and manage the sometimes overwhelming volume of data that security and penetration test generate. Second, you'll learn about the Kali tools that help you capture and organize your test notes before integrating them into your reports. Third, you'll learn about the Kali tools that let you collaborate with your security colleagues to collect, manage, and prepare comprehensive reports. Participants should have access to Kali Linux before starting this course.
Ric Messier (GCIH, GSEC, CEH, CISSP) is the Director for Cyber Academic Programs at Circadence. He has decades of information security experience and is the author of dozens of O'Reilly titles on infosec and digital forensics, including Introduction to Penetration Testing and Learning Linux Security. He holds a BS in Information Technology from the University of Massachusetts, an MS in Digital Forensic Science from Champlain College, and a PhD in Information Assurance and Security from Capella University.
Starting with Kali Linux
Introduction
About the Author
System Requirements
Acquiring Kali Linux
Tool Categories Available in Kali Linux
Installation and Management
Booting to Kali
Installing Kali
Overview of the User Interface
Customizing Kali
Getting Updated from the UI
System Settings
Command Line
Using the Terminal
Managing Directories
File Permissions
Viewing Files
Using grep
Using Pipes to Chain Commands
Editing Files
Getting Help from the Command Line
Date Management
Listing Services
Starting and Stopping Services
Package Management
The Package Manager
Updating and Searching for Packages
Installing and Updating Packages
Listing and Erasing Packages
Building Packages from Source
Managing Repositories
Intelligence Gathering with Kali Linux
Chapter Introduction
About the Author
System Requirements
Using Maltego
Starting with Maltego Community Edition
Running Machines in Maltego
Use Maltego to Stalk a Company
Obtaining Company Footprint with Maltego
Looking up People in Maltego
Using Transforms
Viewing Graphs
Creating a Machine
Gathering DNS Information
Using dig
Using nslookup
Using dnswalk
Using DNSRecon
Using dnsmap
Using dnsenum
Other Information Gathering
Passive Network Scanning
Acquiring Information from Metadata (Metagoofil)
Using Miranda for UPnP
Using Recon-ng
Using theHarvester
Using snmp-check
Using Parsero
Vulnerability Assessment with Kali Linux
Chapter Introduction
About the Author
System Requirements
Web Vulnerabilities
Quick Start Scanning with ZAProxy
Using ZAProxy as a Proxy
Spidering Using ZAProxy
Active Scanning Using ZAProxy
Fuzzing Attacks Using ZAProxy
Using Breakpoints with ZAProxy
Using w3af
Targeted Scans Using w3af
Using Arachni
Using Vega
Using skipfish
Using Xsser
OS Vulnerabilities
Using Lynis for Local Vulnerability Identification
Getting Started with OpenVAS
Accessing OpenVAS via the Web Interface
Quick Start Scanning with OpenVAS
Setting Policy with OpenVAS
Reviewing Reports in OpenVAS
Using Root Kit Hunter
Using Yersinia for Network Vulnerabilities
Database Vulnerabilities
Using sqlmap
Using sqlninja
Using HexorBase
Using Jsql
Working with Exploits in Kali Linux
Chapter Introduction
About the Author
System Requirements
Using Web Exploitations Tools
Exploiting with w3af
Exploiting with jboss-autopwn
Using Commix
Using Maltego Teeth
Using BeEF
Program Exploitation Tools
Adding Vulnerabilities with Backdoor Factory
Basic Vulnerable Program
Compiling and Running Vulnerable Program
About the Stack
Using objdump
Using dd debugger
Setting Breakpoints
Looking at Stack Using dd
Manipulating the Instruction Pointer
Using Social Engineer’s Toolkit
Start to Finish
Using Metasploit
Importing Information
Identifying Vulnerabilities
Locating Modules
Exploiting a Vulnerability
Privilege Escalation to Root Using udev
Maintaining Access Using Cymothoa
Reporting and Password Cracking with Kali Linux
Chapter Introduction
About the Author
System Requirements
Cracking Passwords
Unshadow Passwd Files
Word Lists
Word Lists Available in Kali
Using John Using Brute Force Attack
Using John with Wordlist
Using Ophcrack for Rainbow Tables
Using Ncrack
Web Application Password Attacks
Using patator
Using Hydra
Hydra Attacks Against Protocols
Data Capture and Reporting
Text Files for Notes
Using Leafpad
Using CutyCapt
Using Faraday IDE
Using KeepNote
Using recordmydesktop