Name: Kali Linux: Pentesting with Kali Linux: 2-in-1
Rating: 3.9 (15 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created byPackt Publishing

Last updated 8/2018

English

What you'll learn

Get to brace with latest techniques and methods to defeat even the toughest threats
Learn to build your own pentesting lab environment & practice advance techniques
Explore a massive variety of stealing techniques to bypass variety of protections when penetration testing
Learn to penetrate WEP security using tools such as Aircrack-ng, Wifite .py, and Nethunter
Learn encryption-cracking skills and gain insights into methods used by top pentesters and ethical hackers

Course content

2 sections • 50 lectures • 5h 34m total length

The Course Overview2:26
This video provides an overview of the entire course.
Installing Kali Virtual Machine6:27
The aim of this video is to explain how to install Kali Virtual Machine.
Download the VMware workstation player
Complete the installation
Log in with the configured ID and password
Setting Up Metasploitable23:19
The aim of this video is to explain setting up Metasploitable2.
Get to know what Metasploitable2 is
Learn why it is needed
Go through the steps to set up
Setting up Kali Virtual Machine4:37
The aim of this video is to learn to set up Kali VM after installation.
Install VMware tools in kali Linux
Set up the VM settings
Run the command and update the machine
Setting up Third Party Tools on Kali8:12
The aim of this video is to learn to install third-party software on Kali VM.
Learn how to install the Debian package
Install the tar.gz or tar.bz2 package
Run the command
Penetration Testing Classification4:19
To start with Penetration Testing, it is essential to understand what it is and how it is different from Vulnerability Assessment. Also, a Pentester needs to know the various types of Pentest.
Get to know about Penetration Testing
Explore the difference between Penetration Testing and Vulnerability Assessment
Differentiate between Black Hat, White Hat, and Grey Hat Penetration Testing
Pentesting Methodology8:18
As a Pentester, it should be a practice to follow well-known standards and methodologies to have the maximum benefit from an activity. In this video, we will discuss about the two most well-known standards—OWASP and PTES—to get in line with industry standards.
Get introduced to the OWASP methodology
Learn about the PTES methodology phase-wise
Gathering the Client Requirements5:03
Before starting with the testing activity, all relevant information with respect to the client’s requirements and expectation from the activity should be well-defined. Gathering the client’s requirements also helps the pentester define the flow of the testing activity in a better way.
Draw a questionnaire to devise all information from the client
Identify the internal and external stakeholders to understand their requirements
Get the identified requirements validated by the client
Target Scoping2:52
Once the client’s requirements have been gathered, it is necessary to understand and define what needs to be tested and what not. Defining the scope helps in developing transparency between the client and the pentester and also setting the expectations right.
Define what needs to be tested and what not
Prepare a questionnaire to get clarity on scope
Get the questionnaire validated by the client
Walkthrough of Kali10:40
As a pentester, having all the required tools at one place is the best thing to happen. Kali OS provides a suite of pentesting tools, all at one place.
Understand the categorization of tools included in Kali
Add/edit repositories in Kali
Update and upgrade the OS for latest packages
Using Nmap17:04
When gathering information about the target device, port scanning is an essential step. Nmap is the best available tool to perform port scanning on the target device.
Get introduced to Nmap as a pentesting tool
Understand the various features provided by Nmap
Run a sample scan using Nmap to understand its working
Introduction to the Metasploit Framework13:06
When a pentester finds a vulnerability, it has to be checked for false positives and also to understand what impact it will have on the device if exploited. The Metasploit framework provides the pentester with the platform to exploit the vulnerabilities reported by the scanning tools.
Get introduced to the framework and its components
Launch Metasploit either through the console or GUI
Configure and run a exploit as sample
Wireshark Basics11:04
At times, a pentester would like to analyze the traffic being sent and received in the network. Wireshark serves the purpose to work as network packet analyzer. It can capture the packets and display them in a detailed way.
Set up Wireshark to get started with using it
Select an interface and start to capture the packets
Analyze the packets to find more information
A Burpsuite Walkthrough – Basics10:56
When pentesting web applications, the pentester would like to read through the HTTP packets being sent and received between the application and the web server. Burpsuite is the best available proxy tool to intercept and read these packets.
Confirm Burp’s proxy listener is active and working
Set up Buprsuite and the browser to work as proxy
Start intercepting and analyzing the traffic
Types of Reconnaissance – Active and Passive4:53
For a successful penetration test, it is essential to gather as much information as possible about the target. Reconnaissance is the set of process and techniques to discover and collect the required information.
Understand the difference between active and passive reconnaissance
Determine the scope to conduct reconnaissance for Penetration Testing
Discover information about the target and map the network
Using NsLookup5:17
At times, a pentester would be having either the domain name or the IP address of the target device and they would like to perform a name server lookup. NsLookup is a nice tool to query the DNS and obtain the domain name or the IP address.
Get familiar with the working of NsLookup
Query the mail exchange server records
Query the name server record
Using Traceroute/Tracert11:22
Sometimes a pentester would like to display the route and measure transit delays of packets across an Internet Protocol network, or they may want to gather information about the IP ranges around a given host. Traceroute can be used to perform these activities.
Run Traceroute on the target’s IP address
Understand the number of hops between the tester and the target
Change arguments to get more information using Traceroute
Gathering Open Web Information8:42
There would be scenarios when information about the target may be available on the web. As a pentester, we should gather this information also.
Use Whois lookup to gather information such as domain name and IP address block
Use Netcraft to see detailed information about a web server involved with a website
Use Archive.org to get back-dated data about a website
Scanning Using Nmap8:45
When gathering information about the target by scanning, a single scan may not yield juicy information. So, it’s necessary to run various scans using Nmap to gather more information.
Scan a single or multiple IP address
Scan to perform host discovery
Use Nmap scan to perform OS detection on the target
Detailed Walkthrough - Nmap7:51
When a particular type of scan is blocked at the target end, it is essential to have other scan type to execute. Nmap can scan in various ways to help a pen tester.
Run TCP connect scan and TCP stealth scan
Execute UDP scan to determine information about UDP ports
Run version detection to get version information about the services running on target
Nmap Scripting Engine (NSE)9:01
Scanning large networks manually can be tedious at times. The NSE allows the pentester to write and use scripts to automate various networking tasks.
Understand the usage of NSE
Perform a walkthrough of different categories of the scripts
Run a script to understand its use
Scan Types – Nmap9:30
At times, using multiple scan type of Nmap may not yield much information about any firewall before the target device. Nmap has more advanced scan types for such situations. Multiple options can be combined to run custom scan.
Running scan using multiple scan options in one command
Next run a detailed scan for any particular port or service only
Cloak the scan with decoys to perform stealth scan
Exporting Nmap Scan Output5:45
Scan results may be needed for future reference or for pushing into other tools to make the next step of penetration testing easy. Nmap allows to exports the results in formats which can be used later.
First, we save the scan result in the default nmap format
Next, we save the results in XML format
Finally, we save the results in the grep format
Introduction to Zenmap – Graphical Nmap6:39
Need a GUI for performing Network scanning? Zenmap is the solution. It’s the official GUI for Nmap Scanner.
Understand the advantages of Zenmap over Nmap
Walkthrough of Zenmap interface and options available
Run a scan using Zenmap and analyze the results
Banner Grabbing with Netcat6:38
While performing pen testing of a network, we may want to read from or write to the network connection using TCP or UDP. Netcat is a feature-rich utility which can be used to debug or investigate about the network.
Understand the features of Netcat
Understand usage of Netcat with few examples
Perform Banner grabbing using Netcat
Test your knowledge

The Course Overview3:01
This video will give you an overview about the course.
Installing Kali Linux in VirtualBox8:16
In this video, we will learn how to install Kali Linux in a VirtualBox environment and how to connect/setup their wireless adapter to conduct penetration testing.
Install Kali Linux in VirtualBox
Connect your wireless adapter to Kali Linux
Update Kali Linux to the latest version
Installing NetHunter on Android7:04
In this video, we will learn how to install and configure NetHunter on a One Plus One Android-based smartphone for use in our penetration tests.
Choosing your NetHunter Device
Installing NetHunter
Wireless Networks5:44
In this video, a short discussion of the types of wireless networks, their frequencies, and types of security used (WEP, WPA, WPA2, and WPS).
Wireless Networks and types
Evolution of Wireless Networks
Wireless Security
Concealing and Changing Your MAC Address9:44
In this video, we will learn the importance of MAC addresses, how to conceal your own MAC address, and how to impersonate other people’s MAC addresses.
MAC address
Change your MAC address
Scanning the Airwaves8:40
Here we are just reviewing basics of seeing what network are around us.
Scan for available networks
Connect to these networks in Kali
Promiscuous Mode6:07
In this video, students will learn about promiscuous mode, and how to turn your wireless adapter into eavesdropping devices.
What is promiscuous mode?
Put your wireless adapter in this mode
Hunting for Networks3:36
In this video, students will learn to use the built-in tools to find previously hidden wireless networks.
Find broadcasting networks
Find hidden networks
Information Gathering with Airodump-ng5:36
In this video, we will use airodump-ng to monitor the wireless networks within range of our Kali Linux machine. We will cover the different types of information that we can gain using airodump-ng and show how we can setup capturing the network traffic from a single wireless network using the tool.
Utilize airodump-ng to monitor networks
Explore information gathering
Discover capturing network traffic
WEP Security4:03
In this video, we will learn the history and theory behind how Wired Equivalent Privacy [WEP] works in our wireless networks. This video provides the foundation of how the encryption works, so we will understand what they are doing when they attempt to crack its security.
Discover the history of WEP security
Explore the theory behind WEP security
Understand the exploitable flaw in WEP security
Setting Up the WEP Access Point3:57
In this video, we will configure their wireless access point to use WEP for security, providing us with a target to use in our penetration test.
Learn to configure a WEP access point
Create a wireless network for attack
Cracking WEP Using Aircrack-ng10:16
In this video, you will learn how to do a fake authentication attack using aireplay-ng. The fake authentication attack allows you to perform authentication using either Open or Shared Key WEP authentication. In this attack, aireplay-ng collects an ARP packet and retransmits it back to the wireless access point. This causes a chain reaction where the access point repeats the ARP packet with a new IV repeatedly. By collecting all these IV's, we are able to crack the WEP Shared Key.
Learn to configure aircrack-ng
Discover cracking WEP using aircrack-ng
Cracking WEP Using Wifite.py2:37
Cracking WEP Using NetHunter5:35
In this video, we will learn how to use Nethunter to crack WEP using an Android device.
Explore launching a terminal in NetHunter
Learn to crack WEP using NetHunter
WPA/WPA2 Security3:26
In this video, we will learn the history and theory behind how WPA/WPA2 works in our wireless networks. This video provides the foundation of how the encryption works, so we will understand what they are doing when they attempt to crack its security.
Understand the history of WPA and WPA2 security
Discover the theory behind WPA2 security and its working
Learn about the exploitable flaw in WPA2
Brute Force Versus Dictionary Attacks6:00
In this video, we will learn the two different types of password cracking attacks that are used during WPA2 attacks.)
Learn about brute force attack
Learn about dictionary attack
Choosing the attack to crack WPA2
Setting Up the WPA2 Access Point2:45
In this video, we will configure their wireless access point to use WPA2 for security, providing us with a target to use in our penetration test.
Learn to configure the WPA2 access point
Understand how to configure a password
Create a wireless network to practice
Cracking WPA2 Using Aircrack-ng10:53
In this video, you will learn how to capture a WPA/WPA2 handshake by performing a deauthorization attack against a client, and then crack that handshake using a dictionary attack to find the WPA/WPA2 network password.
Learn to capture a WPA/WPA2 handshake
Perform a deauthorization attack against client
Explore cracking the handshake using a dictionary attack
Cracking WPA2 Using Wifitie.py5:33
In this video, we will learn how to use WiFite.py to crack WPA2.
Learn to use Wifite.py to crack WPA/WPA2
Understand how it’s easier compared to utilizing aircrack-ng
Cracking WPA2 Using NetHunter8:02
In this video, we will learn how to use Nethunter to crack WPA2 using an Android device.
Explore using NetHunter to crack WPA/WPA2
Discover how it’s easier compared to utilizing aircrack-ng suite alone
WiFi Protected Setup (WPS)3:24
In this lesson, you will learn about how WPS attempts to make configuring your wireless network simply by using a pin code or push button for your devices, and how we can exploit the vulnerability in its implementation to easily gain access to WPA and WPA2 secured networks.
What is WPS?
Learn about the exploitable flaw in WPS
Setting Up WPS2:43
In this lesson, students will learn to setup WPS on their access point to use as a target network for our penetration test.
Learn to setup an access point to use WPS
Utilize the access point to attack
Attacking WPS Using Wash, Reaver, and Bully7:12
In this attack, we will use wash, Reaver, and bully to scan for WPS networks, determine the unique PIN that protects them, and then receive a plain text version of the WPA2 password.
Learn to use Wash to identify WPS networks
Explore using Reaver to determine the WPS pin
Discover utilizing
Attacking WPS Using NetHunter4:44
In this lesson, students will learn how to use NetHunter to crack WPS using an Android device.
Understand using NetHunter to crack WPS
Learn how to use Wash and Reaver in NetHunter
Conclusion3:09
In this video, we take a look at tips to troubleshooting any obstacles you may face in order to tackle them with finesse. Finally, we summarize our learnings in the course.
Troubleshooting tips
Course summary
Test your knowledge

Requirements

Basic knowledge of networking is required.

Description

With advance hackers and threats always on the increase in our virtual world ,proficiency with pentesting is an absolute necessity for individuals & organization trying to secure their systems.

With this[1] comprehensive 2-in-1 course you will get an complete [2] insight into penetration testing, it'll walk you through the pentesting environment and tools required to perform penetration testing, giving you an edge in knowing more about wireless security used in today's networks. Moreover it additionally helps you to gain knowledge on how penetration attack on wireless networks and protocols works. This course ensure that you be successful in any of the penetration tests that you perform by providing you test challenges at the end of the course.

Contents and Overview

This training program includes 2 complete courses, carefully chosen to give you the most comprehensive training possible.

The first course, Getting Started with Pentesting, covers tools & techniques to increase your success in pentesting. It gives you detailed instruction in information gathering to perform attacks on target. Whether you are a beginner or an intermediate learner, this course will provide you skills required to be successful in creating & planning advanced penetration test.

The second course, Wireless Penetration Testing for ethical Hackers, starts with serving to you to decide on right tools to perform penetration testings.You will additionally learn the way to carry out wireless penetration attacks against wireless networks and their protocols so as to create strong and sturdy security systems using the foremost popular tools in the penetration testing community.

By the end of the Learning Path, you will get hands-on how to set up complete wireless penetration testing lab! And would be able to carry out wireless network reconnaissance,sniffing, etc.

About the Authors:

Tajinder Kalsi has more than nine years working experience in IT field, tajinder has conducted seminars in engineering colleges all across india, on topics such as information security, android application development, website development, and cloud computing. He has worked in more than 120 colleges with over 10,000 students. In his spare time, he has also worked as a technical reviewer for Packt and has reviewed the following books Web application penetration testing with kalI Linux and mastering kali Linux for advanced penetration testing. He is best described as dedicated, devoted, and determined and a person who strongly believes in making his dreams come true. He defines himself as a tireless worker, who loves to laugh and make others laugh.
Jason Dion, CISSP No. 349867, is an adjunct instructor at liberty university’s college of engineering and computational science and anne arundel community college’s department of computing technologies with multiple information technology professional certifications, including certified information systems security professional (CISSP), certified ethical hacker (CEH), certified network defense architect (CNDA), digital forensic examiner (DFE), digital media collector (DMC), security+, network+, a+, and information technology infrastructure library v3. With networking experience dating back to 1992, Jason has been a network engineer, deputy director of a network operations center, and an information systems officer for large organizations around the globe.

Who this course is for:

This learning path is for ethical hackers, security analyst, penetration testers from beginners to advanced learners who would love to improve their skills in securing their networks by performing penetration testing. This learning path is also for users fascinated about finding security vulnerabilities in wireless standard protocols such as WEP, WAP.

What you'll learn

Explore related topics

Course content

Getting started with pentesting25 lectures • 3hr 13min

Wireless penetration testing for Ethical Hackers25 lectures • 2hr 22min

Requirements

Description

Who this course is for: