• Preface | xi
    		•

    Learning Kali Linux




    Download 22,59 Mb.
    Pdf ko'rish
    bet7/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   2   3   4   5   6   7   8   9   10   ...   225
    Bog'liq
    learningkalilinux

    x | Preface

    Metasploit but also cover some of the other tools available for exploiting the vul‐
    nerabilities found by the tools discussed in other parts of the book.
    Owning Metasploit
    Metasploit is a dense piece of software. Getting used to using it effectively can
    take a long time. Nearly 2,000 exploits are available in Metasploit, as well as over
    500 payloads. When you mix and match those, you get thousands of possibilities
    for interacting with remote systems. Beyond that, you can create your own mod‐
    ules. We’ll cover Metasploit beyond just the basics of using it for rudimentary
    exploits.
    Wireless Security Testing
    Everyone has wireless networks these days. That’s how mobile devices like
    phones and tablets, not to mention a lot of laptops, connect to enterprise net‐
    works. However, not all wireless networks have been configured in the best man‐
    ner possible. Kali Linux has tools available for performing wireless testing. This
    includes scanning for wireless networks, injecting frames, and cracking pass‐
    words.
    Web Application Testing
    A lot of commerce happens through web interfaces. Additionally, a lot of sensi‐
    tive information is available through web interfaces. Businesses need to pay
    attention to how vulnerable their important web applications are. Kali is loaded
    with tools that will help you perform assessments on web applications. We’ll take
    a look at proxy-based testing as well as other tools that can be used for more
    automated testing. The goal is to help you provide a better understanding of the
    security posture of these applications to the organization you are doing testing
    for.
    Cracking Passwords
    This isn’t always a requirement, but you may be asked to test both remote sys‐
    tems and local password databases for password complexity and difficulty in get‐
    ting in remotely. Kali has programs that will help with password cracking—both
    cracking password hashes, as in a password file, and brute forcing logins on
    remote services like SSH, VNC, and other remote access protocols.
    Advanced Techniques and Concepts
    You can use all the tools in Kali’s arsenal to do extensive testing. At some point,
    though, you need to move beyond the canned techniques and develop your own.
    This may include creating your own exploits or writing your own tools. Getting a
    better understanding of how exploits work and how you can develop some of
    your own tools will provide insight on directions you can go. We’ll cover extend‐
    ing some of the tools Kali has as well as the basics of popular scripting languages
    along the way.
    Preface | xi

    Reporting
    The most important thing you will do is generate a report when you are done
    testing. Kali has a lot of tools that can help you generate a report at the end of
    your testing. We’ll cover techniques for taking notes through the course of your
    testing as well as some strategies for generating the report.

    Download 22,59 Mb.
    1   2   3   4   5   6   7   8   9   10   ...   225




    Download 22,59 Mb.
    Pdf ko'rish