Premium
Title Page
1/2/2026
Copyright Page
1/2/2026
Dedication Page
1/2/2026
About the Author
1/2/2026
About the Reviewer
1/2/2026
Acknowledgement
1/2/2026
Preface
1/2/2026
Table of Contents
1/2/2026
1. Setting Some Ground Rules
1/2/2026
Introduction
1/2/2026
Structure
1/2/2026
The rules of engagement
1/2/2026
Setting up a Hacking Lab
1/2/2026
Downloading Kali
1/2/2026
Kali Linux image types
1/2/2026
Installer
1/2/2026
Weekly
1/2/2026
Everything
1/2/2026
NetInstaller
1/2/2026
Finally, there is LIVE
1/2/2026
Downloading the image
1/2/2026
Updating and upgrading Kali
1/2/2026
Getting a target system to attack
1/2/2026
Conclusion
1/2/2026
2. Reconnaissance Tools
1/2/2026
Objectives
1/2/2026
Gathering email addresses, usernames, and IP addresses
1/2/2026
Email addresses and their importance
1/2/2026
Nmap your open ports
1/2/2026
Discover directory structures that are open
1/2/2026
Hunter.io
1/2/2026
theHarvester
1/2/2026
Have I Been Pwned
1/2/2026
Using Censys
1/2/2026
Domain information
1/2/2026
DNS records
1/2/2026
Role of subdomains in reconnaissance
1/2/2026
Recon-ng
1/2/2026
Weaknesses in Secure Socket Layer
1/2/2026
Burp Suite
1/2/2026
What web technology is being used?
1/2/2026
Social networks
1/2/2026
Social Searcher
1/2/2026
Sherlock
1/2/2026
CloudFail
1/2/2026
Public records
1/2/2026
Maltego
1/2/2026
Search engines
1/2/2026
The Wayback Machine
1/2/2026
Shodan
1/2/2026
Images and video search engines
1/2/2026
3. Diving Deeper into Your Targets
1/2/2026
Download metadata and files with Metagoofil
1/2/2026
SpiderFoot
1/2/2026
Checkusername.com
1/2/2026
DNSMap
1/2/2026
p0f
1/2/2026
BizNar search
1/2/2026
Netcraft
1/2/2026
Cree.py
1/2/2026
Dirsearch
1/2/2026
HTTrack
1/2/2026
Job sites
1/2/2026
OSRFramework
1/2/2026
4. Scanning Tools and Techniques
1/2/2026
Checking for live systems
1/2/2026
Scanning outside the box
1/2/2026
Simple Service Discovery Protocol
1/2/2026
More DNS tricks
1/2/2026
Exploring certificate scanning techniques
1/2/2026
DNSRecon
1/2/2026
Hping3
1/2/2026
ACK scan
1/2/2026
ICMP scan
1/2/2026
UDP scan
1/2/2026
SYN scan
1/2/2026
FIN scan
1/2/2026
Banner grabbing
1/2/2026
Telnet
1/2/2026
Wget
1/2/2026
Nmap
1/2/2026
WhatWeb
1/2/2026
Amap
1/2/2026
OS Fingerprinting
1/2/2026
netdiscover
1/2/2026
Wireshark
1/2/2026
Wireless networks
1/2/2026
Kismet
1/2/2026
Physical tools
1/2/2026
Hak5
1/2/2026
Raspberry Pi with customized tools
1/2/2026
5. Further Scanning and Enumerating the Targets
1/2/2026
Ports and services to know
1/2/2026
Enumerating via defaults
1/2/2026
NMAP Default Script
1/2/2026
NetBIOS enumeration
1/2/2026
Decoding LDAP enumeration
1/2/2026
Layers of LDAP
1/2/2026
Golden ticket, DNS
1/2/2026
DNS enumeration tools
1/2/2026
nslookup
1/2/2026
Host
1/2/2026
Using DNSenum
1/2/2026
Domain Information Groper
1/2/2026
Zone transfers
1/2/2026
Enumerating using SNMP
1/2/2026
Security concerns with SNMP
1/2/2026
SNMP version 3: The game-changer
1/2/2026
Understanding what information can be exposed
1/2/2026
Role of the management information base
1/2/2026
PSTools
1/2/2026
Default PowerShell commands
1/2/2026
6. Techniques for Pwning Targets
1/2/2026
Introduction to vulnerabilities
1/2/2026
Third-party sites
1/2/2026
Kali's own Exploitdb
1/2/2026
Breakout Nmap
1/2/2026
Vulscan
1/2/2026
Password cracking
1/2/2026
John the Ripper
1/2/2026
Using John the Ripper
1/2/2026
Hashcat
1/2/2026
Hydra
1/2/2026
Mimikatz
1/2/2026
Bash Bunny
1/2/2026
The Shark Jack
1/2/2026
O.MG Cable
1/2/2026
Bypassing locks
1/2/2026
Exploitation tools
1/2/2026
PowerShell Empire
1/2/2026
Metasploit
1/2/2026
Armitage: Adding Steroids to Metasploit
1/2/2026
SQLMap
1/2/2026
OWASP ZAP
1/2/2026
Social engineering
1/2/2026
Social Engineering Toolkit
1/2/2026
Cloning a website with SET
1/2/2026
7. Wi-Fi Tools
1/2/2026
Finding hidden wireless networks
1/2/2026
Aircrack-ng
1/2/2026
Using DeAuth to create a MiTM attack
1/2/2026
Airmon-ng
1/2/2026
Other airmon-ng commands
1/2/2026
Airodump-ng
1/2/2026
Airbase-ng
1/2/2026
Aireplay-ng
1/2/2026
Cracking WPA, WPA2, and WEP
1/2/2026
aircrack-ng
1/2/2026
Using the top wireless hacking hardware
1/2/2026
Attacks facilitated by WiFi Pineapple
1/2/2026
Wardriving and mapping wireless networks
1/2/2026
WiGLE.net
1/2/2026
8. Now to Maintain Access
1/2/2026
Creating backdoors
1/2/2026
Simple backdoor scripts
1/2/2026
Utilizing web shells
1/2/2026
Security implications
1/2/2026
PowerShell backdoor
1/2/2026
Hiding your tracks
1/2/2026
Clearing logs
1/2/2026
Beyond logs
1/2/2026
Alternate data streams on NTFS
1/2/2026
Recipes for maintaining access
1/2/2026
ProxyChains
1/2/2026
Use case of ProxyChains
1/2/2026
Using PowerShell Empire to maintain persistence
1/2/2026
Using Metasploit to set persistence
1/2/2026
Setting up persistence with Metasploit
1/2/2026
9. Covering Your Tracks
1/2/2026
Hiding files
1/2/2026
Common techniques for hiding files
1/2/2026
Renaming and changing attributes of files
1/2/2026
Changing file attributes
1/2/2026
Modifying file attributes
1/2/2026
Practical applications and considerations
1/2/2026
Understanding file attributes in Linux
1/2/2026
Understanding file attributes in macOS
1/2/2026
Common macOS file attributes
1/2/2026
Modifying file attributes in macOS
1/2/2026
Alternate Data Streams
1/2/2026
Encrypting data
1/2/2026
Basics of data encryption
1/2/2026
Tools for data encryption
1/2/2026
Decrypting files with GnuPG
1/2/2026
Using Horse Pill Linux Rootkit
1/2/2026
Working of Horse Pill
1/2/2026
Destroying evidence
1/2/2026
Importance of evidence destruction
1/2/2026
Common methods for destroying evidence
1/2/2026
Temporary file cleanup
1/2/2026
10. Implementing the Learning
1/2/2026
Traits of a security professional
1/2/2026
Applying practical skills
1/2/2026
Career advancement
1/2/2026
Career advancement before documentation
1/2/2026
Documenting your work
1/2/2026
Using the AttackForge.com framework
1/2/2026
Using Dradis to document results
1/2/2026