Master key approaches used by real attackers to perform advanced pentesting in tightly secured infrastructure, cloud and virtualized environments, and devices, and learn the latest phishing and hacking techniques

Key Features

• Explore red teaming and play the hackers game to proactively defend your infrastructure
• Use OSINT, Google dorks, Nmap, recon-nag, and other tools for passive and active reconnaissance
• Learn about the latest email, Wi-Fi, and mobile-based phishing techniques

Book Description

Remote working has given hackers plenty of opportunities as more confidential information is shared over the internet than ever before. In this new edition of Mastering Kali Linux for Advanced Penetration Testing, you'll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You'll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You'll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances.

This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems.

By the end of this book, you'll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.

What you will learn

• Exploit networks using wired/wireless networks, cloud infrastructure, and web services
• Learn embedded peripheral device, Bluetooth, RFID, and IoT hacking techniques
• Master the art of bypassing traditional antivirus and endpoint detection and response (EDR) tools
• Test for data system exploits using Metasploit, PowerShell Empire, and CrackMapExec
• Perform cloud security vulnerability assessment and exploitation of security misconfigurations
• Use bettercap and Wireshark for network sniffing
• Implement complex attacks with Metasploit, Burp Suite, and OWASP ZAP

Who this book is for

This fourth edition is for security analysts, pentesters, ethical hackers, red team operators, and security consultants wanting to learn and optimize infrastructure/application/cloud security using advanced Kali Linux features. Prior penetration testing experience and basic knowledge of ethical hacking will help you make the most of this book.