Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Title Page
Copyright
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
Introduction to Network Security
Murphy's law
Hackers (and their types) defined
Hacker tools
The hacking process
Ethical hacking issues
Current technologies
Recent events and statistics of network attacks
Our defense
Security for individuals versus companies
Wi-Fi vulnerabilities
Knowns and unknowns
False positives
Mitigation against threats
Building an assessment
Summary
References
Sniffing the Network
What is network sniffing?
Why network sniffing is important
Scan a single IP
Scan a host
Scan a range of IPs
Scan a subnet
Nmap port selection
Scan a single port
Scan a range of ports
Scan 100 most common ports (fast)
Scan all 65535 ports
Nmap port scan types
Scan using TCP SYN scan (default)
Scan using TCP connect
Service and OS detection
Detect OS and services
Standard service detection
More aggressive service detection
Lighter banner-grabbing detection
Nmap output formats
Save default output to file
Save in all formats
Scan using a specific NSE script
Scan with a set of scripts
Lab 1-a scan to search for DDoS reflection UDP services
Using Wireshark filters
Wireshark filter cheat sheet
Lab 2
Sparta
Brute-force passwords
Lab 3-scanning
Scanning a subnet
Spoofing and decoy scans
Evading firewalls
Gathering version info
UDP scan
The reason switch
Using a list
Output to a file
Commands
Starting the listener
Countermeasures
Summary
How to Crack Wi-Fi Passwords
Why should we crack our own Wi-Fi?
What's the right way to do it?
The method
The requirements
What is packet injection?
Wi-Fi cracking tools
The steps
The Transmission Control Protocol (TCP) handshake
The password lists
How to make a strong password
The short version (a cheat-sheet for the aircrack-ng suite)
Summary
Creating a RAT Using Msfvenom
Remote Access Trojans
Ways to disguise your RAT though Metasploit
PDF-embedded RAT
MS Word-embedded RAT
Android RAT
Your defence
Summary
References
Veil Framework
Veil-Evasion
Veil-Pillage
How do hackers hide their attack?
Intrusion with a PDF
The scenario
Veil-PowerTools
What is antivirus protection?
What are some vulnerabilities in antivirus protection?
Evasion and antivirus signatures
Summary
References
Social Engineering Toolkit and Browser Exploitation
Social engineering
What are web injections?
How SQL injections work
Cross site scripting (XSS) attacks
Preventative measures against XSS attacks
How to reduce your chances of being attacked
Browser exploitation with BeEF
Browser hijacking
BeEF with BetterCap
BeEF with man-in-the-middle framework (MITMF)
BeEF with SET
Summary
Advanced Network Attacks
What is an MITM attack?
Related types of attacks
Examples of MITM
Tools for MITM attacks
Installing MITMF using Kali Linux
Summary
Passing and Cracking the Hash
What is a hash?
Authentication protocols
Cryptographic hash functions
How do hackers obtain the hash?
What tools are used to get the hash?
How are hashes cracked?
How do pass the hash attacks impact businesses?
What defences are there against hash password attacks?
Summary
References
Links to download tools
SQL Injection
What is SQL and how does it work?
SQL command examples
SQL injection
Examples of SQL injection attacks
Ways to defend against SQL injection attacks
Attack vectors for web applications
Bypassing authentication
Bypass blocked and filtered websites
Finding vulnerabilities from a targeted sites
Extracting data with SQLmap
Hunting for web app vulnerabilities with Open Web Application Security Project (OWASP) ZAP
Summary
Scapy
Scapy
Creating our first packet
Sending and receiving
Layering
Viewing the packet
Handling files
The TCP three way handshake
SYN scan
A DNS query
Malformed packets
Ping of death
Teardrop attack (aka Nestea)
ARP cache poisoning
ARP poisoning commands
ACK scan
TCP port scanning
VLAN hopping
Wireless sniffing
OS fingerprinting ISN
Sniffing
Passive OS detection
Summary
Web Application Exploits
Web application exploits
What tools are used for web application penetration testing?
What is Autopwn?
Using Autopwn2
What is BeEF and how to use it?
Defenses against web application attacks
Summary
Evil Twins and Spoofing
What is an evil twin?
What is address spoofing?
What is DNS spoofing?
What tools are used for setting up an evil twin?
The dangers of public Wi-Fi and evil twins
How to detect an evil twin?
Summary
Injectable Devices
A deeper look into USB
A possible threat
An evil USB
How does the Rubber Ducky work?
Disabling ports
A KeyGrabber?
What the glitch?
Summary
The Internet of Things
What is the Internet of Things?
IOT vulnerabilities and cyber security
IOT and botnets
Summary
Sources
Detection Systems
IDS
IPS
Host based
Network-based
Physical
Summary of differences
Why?
Who and when?
Security Information and Event Management (SIEM)
Splunk
Alert status
IDS versus IPS
Snort as an IPS
How?
Lab 1-installing Snort and creating ICMP rules lab
Lab 2-create the following snort.conf and icmp.rules files
Rule options
Lab 3-execute Snort
Show log alert
Alert explanation
Lab 4-execute Snort as Daemon
Summary
Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra
The history of Wi-Fi - the WLAN standard
Wireless vulnerability
The Wi-Fi Pineapple
For penetration testing
Lab 1-how to set up
Getting connected
Performing a scan
Getting connected, managing your network, and broadcasting Wi-Fi
Reporting data
Logging data with Pineapple
Reporting data
Enabling the landing page
Summary
Offensive Security and Threat Hunting
What is offensive security?
What tools are used for offensive security?
SET browser exploit lab
Threat hunting platforms
Using the Pineapple for offensive security
Lab 1-setting up an Evil Portal on the Pineapple
Summary
← Prev
Back
Next →
← Prev
Back
Next →