ANTI-HACKER TOOL KIT. ourth Edition



Similar documents
Open Source Security Tool Overview

Some Tools for Computer Security Incident Response Team (CSIRT)

Ethical Hacking and Attack Tools

Vulnerability Assessment and Penetration Testing

Penetration Testing with Kali Linux

June 2014 WMLUG Meeting Kali Linux

Open Source Security Tools

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.


Build Your Own Security Lab

Evaluation of Penetration Testing Software. Research

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Automated Penetration Testing with the Metasploit Framework. NEO Information Security Forum March 19, 2008

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

WEB APPLICATION HACKING. Part 2: Tools of the Trade (and how to use them)

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

Contents. vii. Preface. P ART I THE HONEYNET 1 Chapter 1 The Beginning 3. Chapter 2 Honeypots 17. xix

Penetration Testing Workshop

Guide to Computer Forensics and Investigations, Second Edition

Linux Network Security

VMware: Advanced Security

Pentesting iphone & ipad Apps Hack In Paris 2011 June 17

Monitor and Secure Linux System with Open Source Tripwire

INCIDENT RESPONSE & COMPUTER FORENSICS, SECOND EDITION

EC Council Security Analyst (ECSA)

Open Source Security Tools for Information Technology Professionals

Open Source Security: Opportunity or Oxymoron?

An Introduction to Network Vulnerability Testing

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Attack Frameworks and Tools

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Deciphering The Prominent Security Tools Ofkali Linux

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Description: Objective: Attending students will learn:

Windows" 7 Desktop Support

NETWORK SECURITY HACKS

Ethical Hacking as a Professional Penetration Testing Technique

SCP - Strategic Infrastructure Security

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

Virtualization and Other Tricks.

LEARNING COMPUTER SYSTEMS VULNERABILITIES EXPLOITATION THROUGH PENETRATION TEST EXPERIMENTS

NSSA Faculty Involvement in IT Security Auditing at RIT

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

CYBERTRON NETWORK SOLUTIONS

by Penetration Testing

Demystifying Penetration Testing

Contents. Part 1 SSH Basics 1. Acknowledgments About the Author Introduction

Network Defense Tools

Security Considerations White Paper for Cisco Smart Storage 1

Conducting a Penetration Test/Vulnerability Analysis to Improve an Organization s Information Security Posture

Virtual Learning Tools in Cyber Security Education

Network Security and Firewall 1

During your session you will have access to the following lab configuration. CLIENT1 (Windows XP Workstation) /24

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

Audience. Pre-Requisites

WHITE PAPER. An Introduction to Network- Vulnerability Testing

INFORMATION SECURITY TRAINING CATALOG (2015)

Networks and Security Lab. Network Forensics

NETWORK PENETRATION TESTING

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Computer Virtualization in Practice

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

information security and its Describe what drives the need for information security.

CONTENTS AT A GMi#p. Chapter I Ethical Hacking Basics I Chapter 2 Cryptography. Chapter 3 Reconnaissance: Information Gathering for the Ethical Hacker

By Jascha Wanger

Certified Penetration Testing Specialist

IDS and Penetration Testing Lab ISA656 (Attacker)

INTRUSION DETECTION SYSTEM

Introduction Open Source Security Tools for Information Technology Professionals

Hacking: Information Gathering and Countermeasures

Forensics source: Edward Fjellskål, NorCERT, Nasjonal sikkerhetsmyndighet (NSM)

Lab Configuring Access Policies and DMZ Settings

WEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services

Network Monitoring Tool with LAMP Architecture

How to scan/exploit a ssl based webserver. by xxradar. mailto:xxradar@radarhack.com. Version 1.

Vulnerability analysis

Open Source and Incident Response

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Intrusion Detection Systems (IDS)

!!!!!!!!!!!!!!!!!!!!!!

Virtualization for Security

TABLE OF CONTENTS NETWORK SECURITY 2...1

IOS110. Virtualization 5/27/2014 1

James Stanger, PhD Senior Director, Products - CompTIA 18 November, 2015

Transcription:

ANTI-HACKER TOOL KIT i ' Mm. i m Fm ourth Edition m

CONTENTS Acknowledgments Introduction xvii xix The Best of the Basics 1 Managing Source Code and Working with Programming Languages 3 SCM Concepts 4 Git Working with Repositories 10 Working with Subversion 16 Mercurial 19 Subversion 20 Creating a Repository 20 Working with Repositories 21 Working with Revisions 22 Eclipse Integrated Developer Environment 25 Working with Source Control 25 Programming Languages 27 Common Terms 27 Security 28 C++ 29 Java 29 JavaScript 29 Perl 31 Python 32 Ruby 33 10 im

X Anti-Hacker Tool Kit 2 Command-Line Environments 35 Unix Command Line 36 Pipes and Redirection 37 Command Cornucopia 42 BackTrack Linux 43 Configuration 44 Implementation 44 MacPorts 48 Getting Started 49 Installing and Managing Ports 51 Tweaking the Installation 54 Cygwin 55 Download and Installation 55 Implementation 58 The X Window System 65 Choosing a Window Manager 66 A Client/Server Model 66 How Remote X Servers and Clients Communicate 69 Securing X Hosts with Xhost and Xauth 69 Securing X Communications with Secure Shell 72 Other X Components 73 Now You Know 74 Windows PowerShell 75 Verb Your Nouns 76 Scripting and Signing 80 3 Virtual Machines and Emulators 83 Benefits of Virtualization 84 Oracle VirtualBox 87 Installing Guest Additions 89 Remote Access 92 VMware Player 93 Download and Installation 93 Configuration 93 Virtual PC 97 Configuration 97 Parallels 100 Installing Parallels Tools 100 Open Source Alternatives 102 Bochs 102 QEMU 104 KVM 104 Qubes 105 Vice 105 Wine 106 Xen Hypervisor 107

Contents Xi 9 Systems 4 Vulnerability Scanning 111 Overview of Vulnerability Scanning 112 Open Port/Service Identification 113 Banner/Version Check 114 Traffic Probe 114 Vulnerability Probe 115 Vulnerability Examples 116 OpenVAS 120 Installation 121 Implementation 125 Working with Vulnerability Standards 138 OpenVAS Summary 140 Metasploit 140 Getting Started 140 Hunting for Vulns 142 Compromising a System 144 More Resources 157 5 File System Monitoring 159 File System Metadata 160 Windows File Metadata 162 File Integrity 164 AIDE 165 Installation 166 Implementation 166 Samhain 170 Tripwire 170 Implementation 171 Securing Your Files with Tripwire 180 6 Windows Auditing 181 Evolution of Windows Security 182 Nbtstat 184 Implementation 184 Retrieving a MAC Address 187 Cain & Able 189 Implementation 189 Microsoft Baseline Security Analyzer 191 Using the MBSA Command-Line Interface 192 Implementation 192 PsTools 195 Implementation 196

Xfl Anti-Hacker Tool Kit O Networks 7 Netcat 217 Network Communication Basics 218 Netcat Implementation 219 Netcat's 101 Uses 225 Cryptcat 244 Neat 245 Compile for Windows 245 Options 246 Socat 247 Implementation 247 219 8 Port Forwarding and Redirection 249 Understanding Port and Services 250 Secure Shell (SSH) 252 Datapipe 253 Implementation 254 FPipe 256 Implementation 256 WinRelay 258 Implementation 258 9 Network Reconnaissance 269 Nmap 270 Implementation 271 Nmap Scripting Engine (NSE) 295 THC-Amap 296 Implementation 296 System. Tools 302 Whois 302 Host, Dig, and Nslookup 307 Traceroute 10 Network Sniffers and Injectors 315 Sniffers Overview Tcpdump and WinDump 318 Implementation 319 Wireshark 332 Implementation 332 Ettercap 341 Installation 341 Implementation 342 Potential for Disaster 346 311 317

Contents Xiti Hping 347 Implementation 347 Wireless Networks 356 Kismet 358 Implementation 358 Expanding Kismet's Capabilities 363 Aircrack-ng 365 Implementation 365 11 Network Defenses 371 Firewalls and Packet Filters: The Basics 372 What Is a Firewall? 372 Packet Filter vs. Firewall 374 How a Firewall Protects a Network 375 Packet Characteristics to Filter 375 Stateless vs. Stateful Firewalls 377 Network Address Translation (NAT) and Port Forwarding 378 The Basics of Virtual Private Networks 381 Inside the Demilitarized Zones 382 Linux System Firewall 384 OS X System Firewall 385 Windows System Firewall 387 Snort: An Intrusion-Detection System 388 Installation and Implementation 389 Snort Plug-ins 397 So Much More 399 12 War Dialers 401 ToneLoc 402 Implementation: Creating the tl.cfg File 403 Implementation: Running a Scan 407 Implementation: Navigating the ToneLoc Interface 409.dat File Techniques 409 THC-Scan 414 Implementation: Configuring THC-Scan 414 Implementation: Running THC-Scan 417 Implementation: Navigating THC-Scan 417 Implementation: Manipulating THC-Scan.dat Files 419 WarVOX 420 Inter-Asterisk Exchange 420 Installation 421 Implementation 422 Analysis 424 Beyond the CONNECT String 425

/fflpf s Anti-Hacker Tool Kit Applications 13 Binary Analysis 429 The Anatomy of a Computer Program 430 Determining a Binary File Type 433 Identifying Binary Obfuscation 434 Black Box Analysis 435 Creating a Sandboxed System 436 Finding Text Clues 436 Conducting Unix-based Run-time Analysis with lsof 438 Using a Sniffer to Examine Network Traffic 438 Identifying Unix-based System Calls 439 Obtaining Memory 441 Generating Assembly Instructions 442 Analyzing Run-time Binaries with Debuggers 445 Debugging Tools for Windows 445 OllyDbg 447 Interactive Disassembler (IDA) 449 GNU Debugger (GDB) 450 14 Web Application Hacking 459 Scanning for Web Vulnerabilities 460 Nikto 461 HTTP Utilities 469 Curl 469 OpenSSL : 472 Stunnel 477 Application Inspection 482 Zed Attack Proxy 482 Sqlmap 489 15 Password Cracking and Brute-Force Tools 497 We're Doomed 499 Alternate Deployment Schemes 501 Password OpSec 502 John the Ripper 503 Implementation 504 LOphtcrack 518 Hashcat 521 Grabbing Windows Password Hashes 522 Pwdump 522 Active Brute-Force Tools 523 THC-Hydra 525

Contents XV 9 Forensics 16 Basic Forensics 533 Data Collection 534 Drive Imaging 535 dd for Duplication 536 Forensic Tools 541 The Sleuth Kit 541 Autopsy 541 Security Onion 548 Learning More 550 17 Privacy Tools 551 Improving Anonymity and Pri vacy Private Browsing Mode 553 Ghostery 554 The Onion Router (Tor) 558 Installation 560 Implementation 561 GnuPG 564 Installation 564 Implementation 565 Verify a Package 570 Disk Encryption 572 Off-the-Record (OTR) Messaging and Pidgin 573 Installation 574 Implementation 574 Index 579 553