Preface
Chapter 1: Introduction to Ethical Hacking
Introduction to Ethical Hacking
Understanding the need for cybersecurity
Exploring cybersecurity terminology
Identifying threat actors and their intent
Understanding what matters to threat actors
Exploring the importance of penetration testing
Penetration testing methodologies
Discovering penetration testing approaches
Types of penetration testing
Exploring the phases of penetration testing
Understanding the Cyber Kill Chain framework
Summary
Further reading
Chapter 2: Building a Penetration Testing Lab
Technical requirements
An overview of the lab setup and technologies used
Setting up a hypervisor and virtual networks
Setting up and working with Kali Linux
Setting up a vulnerable web application
Deploying Metasploitable 2 as a vulnerable machine
Building and deploying Metasploitable 3
Summary
Further reading
Chapter 3: Setting Up for Advanced Penetration Testing Techniques
Technical requirements
Building an Active Directory red tea...m lab
Setting up a wireless penetration testing lab
Summary
Further reading
Chapter 4: Passive Reconnaissance
Technical requirements
The importance of reconnaissance
Exploring passive reconnaissance
Creating a sock puppet
Anonymizing internet-based traffic
Summary
Further reading
Chapter 5: Exploring Open-Source Intelligence
Technical requirements
Google hacking techniques
Domain reconnaissance
Sub-domain harvesting
Identifying organizational infrastructure
Harvesting employees¡¯ data using Hunter
Automating social media reconnaissance with Sherlock
Summary
Further reading
Chapter 6: Active Reconnaissance
Technical requirements
Understanding active information
Profiling websites using EyeWitness
Exploring active scanning techniques
Using scanning evasion techniques
Enumerating network services
Discovering data leaks in the cloud
Summary
Further reading
Chapter 7: Performing Vulnerability Assessments
Technical requirements
Getting started with Nessus
Vulnerability identification using Nmap
Working with Greenbone Vulnerability Manager
Using web application scanners
Summary
Further reading
Chapter 8: Understanding Network Penetration Testing
Technical requirements
Introduction to network penetration testing
Working with bind and reverse shells
Antimalware evasion techniques
Working with wireless adapters
Managing and Monitoring wireless modes
Summary
Further reading
Chapter 9: Performing Network Penetration Testing
Technical requirements
Exploring password-based attacks
Performing host discovery
Identifying and exploiting vulnerable services
Summary
Further reading
Chapter 10: Post-Exploitation Techniques
Technical requirements
Pass-the-hash techniques
Post exploitation using Meterpreter
Data encoding and exfiltration
Summary
Further reading
Chapter 11: Delving into Command and Control Tactics
Technical requirements
Understanding C2
Setting up C2 operations
Post-exploitation using Empire
Working with Starkiller
Summary
Further reading
Chapter 12: Working with Active Directory Attacks
Technical requirements
Understanding Active Directory
Enumerating Active Directory
Leveraging network-based trust
Summary
Further reading
Chapter 13: Advanced Active Directory Attacks
Technical requirements
Understanding Kerberos
Abusing trust on IPv6 with Active Directory
Attacking Active Directory
Domain dominance and persistence
Summary
Further reading
Chapter 14: Advanced Wireless Penetration Testing
Technical Requirements
Introduction to Wireless Networking
Performing Wireless Reconnaissance
Compromising WPA/WPA2 Networks
Performing AP-less Attacks
Exploiting Enterprise Networks
Setting Up a Wi-Fi Honeypot
Exploiting WPA3 Attacks
Summary
Further Reading
Chapter 15: Social Engineering Attacks
Technical requirements
Fundamentals of social engineering
Types of social engineering
Planning for each type of social engineering attack
Defending against social engineering
Exploring social engineering tools and techniques
Summary
Further reading
Chapter 16: Understanding Website Application Security
Technical requirements
Understanding web applications
Exploring the OWASP Top 10: 2021
Getting started with FoxyProxy and Burp Suite
Understanding injection-based attacks
Exploring broken access control attacks
Discovering cryptographic failures
Understanding insecure design
Exploring security misconfiguration
Summary
Further reading
Chapter 17: Advanced Website Penetration Testing
Technical requirements
Identifying vulnerable and outdated components
Exploiting identification and authentication failures
Understanding software and data integrity failures
Exploring server-side request forgery
Understanding security logging and monitoring failures
Understanding cross-site scripting
Automating SQL injection attacks
Performing client-side attacks
Summary
Further reading
Chapter 18: Best Practices for the Real World
Technical requirements
Guidelines for penetration testers
Penetration testing checklist
Creating a hacker¡¯s toolkit
Setting up remote access
Next steps ahead
Summary
Further reading
Appendix
Index
Glen D. Singh [Àú]
Glen D. Singh is a cybersecurity instructor and consultant for various institutions within the Republic of Trinidad and Tobago. He conducts multiple training exercises in offensive security, digital forensics, and network security annually. He also holds various information security certifications, such as the EC-Council's Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Cisco's CCNA Security, CCNA Routing and Switching, and many others in the field of network security.