Home Page Icon
Home Page
Table of Contents for
Chapter 13: Client-Side Attacks - Social Engineering
Close
Chapter 13: Client-Side Attacks - Social Engineering
by Glen D. Singh
Learn Kali Linux 2019
Title Page
Copyright and Credits
Learn Kali Linux 2019
Dedication
About Packt
Why subscribe?
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
Section 1: Kali Linux Basics
Introduction to Hacking
Who is a hacker?
Types of hackers
Black hat hacker
White hat hacker
Gray hat hacker
Suicide hacker
State-sponsored hacker
Script kiddie
Cyber terrorist
Exploring important terminology
Threat
Asset
Vulnerability
Exploit
Risk
Zero-day
Hack value
Penetration testing phases
Pre-engagement
Information gathering
Threat modeling
Vulnerability analysis
Exploitation
Post-exploitation
Report writing
Penetration testing methodologies
OWASP
NIST
OSSTMM
SANS 25
Penetration testing approaches
White box
Black box
Gray box
Types of penetration testing
Web application penetration testing
Mobile application penetration testing
Social engineering penetration testing
Network penetration testing
Cloud penetration testing
Physical penetration testing
Hacking phases
Reconnaissance or information gathering
Scanning
Gaining access
Maintaining access
Covering tracks
Summary
Questions
Further reading
Setting Up Kali - Part 1
Technical requirements
Lab overview
Virtualization
Hypervisors
Type 1 hypervisor
Type 2 hypervisor
Additional components
Virtual switches
Operating systems
Building our lab
Creating a virtual network
Setting up Kali Linux
Attaching the virtual network to a virtual machine
Installing Nessus
Setting up Android emulators
Installing Metasploitable 2
Summary
Questions
Further reading
Setting Up Kali - Part 2
Technical requirements
Installing Windows as a VM
Creating a user account
Opting out of automatic updates
Setting a static IP address
Adding additional interfaces
Installing Ubuntu 8.10
Creating and using snapshots
Troubleshooting Kali Linux
Network adapter and USB incompatibility 
VM memory problems
Summary
Further reading
Getting Comfortable with Kali Linux 2019
Technical requirements
Understanding Kali Linux
What's new in Kali Linux 2019?
Basics of Kali Linux
The Terminal and Linux commands
Navigating in Kali Linux
Updating sources and installing programs
The find, locate, and which commands
The locate command
The which command
The find command
Managing Kali Linux services
Summary
Questions
Further reading
Section 2: Reconnaissance
Passive Information Gathering
Technical requirements
Reconnaissance and footprinting
Reconnaissance
Footprinting
Understanding passive information gathering
Understanding OSINT
Using the top OSINT tools
Maltego
Recon-ng
theHarvester
Shodan
OSRFramework
Identifying target technology and security controls
Discovering technologies using Shodan
The power of Netcraft
Recognizing technologies with WhatWeb
Finding data leaks in cloud resources
Understanding Google hacking and search operators
Leveraging whois and copying websites with HTTrack
whois
HTTrack
Finding subdomains using Sublist3r
Summary
Questions
Further reading
Active Information Gathering
Technical requirements
Understanding active information gathering
DNS interrogation
What is DNS and why do we need it on a network?
Performing DNS enumeration and zone transfer using dnsenum
Using the host utility to perform DNS analysis
Finding subdomains with dnsmap
DNS interrogation using Fierce
Scanning
Nmap
Performing a ping sweep with Nmap
Obtaining operating system and service versions using Nmap
Scanning host devices with ICMP disabled
Performing a stealth scan using Nmap
Scanning UDP ports using Nmap
Evading detection using Nmap
Evading firewalls with Nmap
Checking for a stateful firewall
NSE scripts
Zenmap
Hping3
SMB, LDAP enumeration, and null sessions
SMBmap and SMBclient
Enum4linux
LDAP enumeration
Null sessions
User enumeration through noisy authentication controls
Web footprints and enumeration with EyeWitness
Metasploit auxiliary modules
Summary
Questions
Further reading
Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019
Working with Vulnerability Scanners
Technical requirements
Nessus and its policies
Nessus policies
Scanning with Nessus
Exporting Nessus results
Analyzing Nessus results
Using web application scanners
Nikto
WPScan
Burp Suite
Using Intruder for brute force
Summary
Questions
Further reading
Understanding Network Penetration Testing
Technical requirements
Introduction to network penetration testing
Types of penetration test
Understanding the MAC address
How to spoof the MAC address
Connecting a wireless adapter to Kali Linux
Managing and monitoring wireless modes
Enabling monitor mode manually
Enabling monitor mode using airmon-ng
Summary
Questions
Further reading
Network Penetration Testing - Pre-Connection Attacks
Technical requirements
Getting started with packet sniffing using airodump-ng
Targeted packet sniffing using airodump-ng
Deauthenticating clients on a wireless network
Creating a rogue AP/evil twin
Performing a password spraying attack
Setting up watering hole attacks
Exploiting weak encryption to steal credentials
Summary
Questions
Further reading
Network Penetration Testing - Gaining Access
Technical requirements
Gaining access
WEP cracking
WPA cracking
Securing your network from the aforementioned attacks
SSID management
MAC filtering
Power levels for antennas
Strong passwords
Securing enterprise wireless networks
Configuring wireless security settings to secure your network
Exploiting vulnerable perimeter systems with Metasploit
EternalBlue exploitation
Penetration testing Citrix and RDP-based remote access systems
Citrix penetration testing
Breaking into RDP
Leveraging user credentials
Plugging PWN boxes and other tools directly into a network
Bypassing NAC
Summary
Questions
Further reading
Network Penetration Testing - Post-Connection Attacks
Technical requirements
Gathering information
Scanning using Netdiscover
Scanning using AutoScan-Network
Scanning using Zenmap
MITM attacks
ARPspoof
MITMf
Use cases of MITMf
Session hijacking
DHCP attacks
Exploiting LLMNR and NetBIOS-NS
WPAD protocol attacks
Wireshark
Basic overview of Wireshark and how to use it in MITM attacks
Configuring a SPAN port
Configuring a monitor (sniffer) interface on Wireshark
Parsing Wireshark packet captures to find the goods
Escalating privileges
Lateral movement tactics
PowerShell tradecraft
Removing Windows Defender virus definitions
Disabling Windows Antimalware Scan Interface
Launching a VLAN hopping attack
Summary
Questions
Further reading
Network Penetration Testing - Detection and Security
Technical requirements
Using Wireshark to understand ARP
Detecting ARP poisoning attacks
Detecting suspicious activity
MITM remediation techniques
Encryption
Dynamic ARP inspection
Sniffing remediation techniques
Summary
Questions
Further reading
Client-Side Attacks - Social Engineering
Technical requirements
Basics of social engineering
Types of social engineering
Human-based social engineering
Eavesdropping
Shoulder surfing
Dumpster diving
Computer-based social engineering
Phishing
Spear phishing
Mobile-based social engineering
Social engineering through social networking
Phone-based social engineering (vishing)
Defending against social engineering
Protecting your perimeter security
Protecting the help desk and general staff
Additional countermeasures
Detecting phishing emails
Recon for social engineering (doxing)
Planning for each type of social engineering attack
Social engineering tools
Social-Engineer Toolkit
Ghost Phisher
Summary
Questions
Further reading
Performing Website Penetration Testing
Technical requirements
Information gathering
Discovering technologies that are being used on a website
Discovering websites on the same server
Discovering sensitive files
robots.txt
Analyzing discovered files
Cryptography
File upload and file inclusion vulnerabilities
XSS
Stored XSS
Reflected XSS
CSRF
SQLi
Insecure deserialization
Common misconfigurations
Vulnerable components
IDOR
Exploiting file upload vulnerabilities
Exploiting code execution vulnerabilities
Exploiting LFI vulnerabilities
Preventing vulnerabilities
Summary
Questions
Further reading
Website Penetration Testing - Gaining Access
Technical requirements
Exploring the dangers of SQL injection
Dangers from SQL injection vulnerabilities
Bypassing logins using SQL injection
SQL injection vulnerabilities and exploitation
Discovering SQL injections with POST
Detecting SQL injections and extracting data using SQLmap
Preventing SQL injection
Cross-Site Scripting vulnerabilities
Understanding XSS
Discovering reflected XSS
Discovering stored XSS
Exploiting XSS – hooking vulnerable page visitors to BeEF
Discovering vulnerabilities automatically
Burp Suite
Acunetix
OWASP ZAP
Summary
Questions
Further reading
Best Practices
Technical requirements
Guidelines for penetration testers
Gaining written permission
Being ethical
Penetration testing contract
Rules of engagement
Additional tips and tricks
Web application security blueprints and checklists
OWASP
Penetration testing execution standard
Reporting
Penetration testing checklist
Information gathering
Network scanning
Enumeration
Gaining access
Covering tracks
Summary
Questions
Further reading
Assessments
Chapter 1: Introduction to Hacking
Chapter 2: Setting Up Kali - Part
Chapter 4: Getting Comfortable with Kali Linux 2019
Chapter 5: Passive Information Gathering
Chapter 6: Active Information Gathering
Chapter 7: Working with Vulnerability Scanners
Chapter 8: Understanding Network Penetration Testing
Chapter 9: Network Penetration Testing - Pre-Connection Attacks
Chapter 10: Network Penetration Testing - Gaining Access
Chapter 11: Network Penetration Testing - Post-Connection Attacks
Chapter 12: Network Penetration Testing - Detection and Security
Chapter 13: Client-Side Attacks - Social Engineering
Chapter 14: Performing Website Penetration Testing
Chapter 15: Website Penetration Testing - Gaining Access 
Chapter 16: Best Practices
Other Books You May Enjoy
Leave a review - let other readers know what you think
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
Chapter 12: Network Penetration Testing - Detection and Security
Next
Next Chapter
Chapter 14: Performing Website Penetration Testing
Chapter 13: Client-Side Attacks - Social Engineering
Eavesdropping
Phishing
Smishing
SET
and Ghost Phisher
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset