Key FeaturesEmploy advanced pentesting techniques with Kali Linux to build highly-secured systemsGet to grips with various stealth techniques to remain undetected and defeat the latest defenses and follow proven approachesSelect and configure the most effective tools from Kali Linux to test network security and prepare your business against malicious threats and save costsBook DescriptionThis book will take you, as a tester or security practitioner through the journey of reconnaissance, vulnerability assessment, exploitation, and post-exploitation activities used by penetration testers and hackers.We will start off by using a laboratory environment to validate tools and techniques, and using an application that supports a collaborative approach to penetration testing. Further we will get acquainted with passive reconnaissance with open source intelligence and active reconnaissance of the external and internal networks. We will also focus on how to select, use, customize, and interpret the results from a variety of different vulnerability scanners. Specific routes to the target will also be examined, including bypassing physical security and exfiltration of data using different techniques. You will also get to grips with concepts such as social engineering, attacking wireless networks, exploitation of web applications and remote access connections. Later you will learn the practical aspects of attacking user client systems by backdooring executable files. You will focus on the most vulnerable part of the network—directly and bypassing the controls, attacking the end user and maintaining persistence access through social media.You will also explore approaches to carrying out advanced penetration testing in tightly secured environments, and the books hands-on approach will help you understand everything you need to know during a Red teaming exercise or penetration testingWhat you will learnSelect and configure the most effective tools from Kali Linux to test network securityEmploy stealth to avoid detection in the network being testedRecognize when stealth attacks are being used against your networkExploit networks and data systems using wired and wireless networks as well as web servicesIdentify and download valuable data from target systemsMaintain access to compromised systemsUse social engineering to compromise the weakest part of the network—the end usersAbout the AuthorVijay Kumar Velu is a passionate information security practitioner, author, speaker, and blogger. He is currently working as associate director in one of the Big4 based in Malaysia. He has more than 11 years of IT industry experience, is a licensed penetration tester, and has specialized in providing technical solutions to a variety of cyber problems, ranging from simple security configuration reviews to cyber threat intelligence and incident response. He also holds multiple security qualifications, including Certified Ethical Hacker, EC-council Certified Security Analyst, and Computer Hacking Forensics Investigator.Vijay has been invited to speak at the National Cyber Security Summit (NCSS), Indian Cyber Conference (InCyCon), Open Cloud Conference, and other ethical hacking conferences held in India, and he has also delivered multiple guest lectures and training on the importance of information security at various business schools in India.He has authored a book entitled Mobile Application Penetration Testing, and also reviewed Learning Android Forensics, Packt Publishing.For the information security community, Vijay serves as a member of the board in Kuala Lumpur for Cloud Security Alliance (CSA) and the chair member of the National Cyber Defense and Research Center (NCDRC) in India. Outside work, he enjoys playing music and doing charity.Vijay is an early adopter of technology and always listens to any crazy ideas—so if you have an innovative idea, product, or service, do not hesitate to drop him a line.Table of ContentsGoal-Based Penetration Testing with Kali LinuxOpen Source Intelligence and Passive ReconnaissanceActive Reconnaissance of the External and Internal NetworksVulnerability AssessmentPhysical Security and Social EngineeringWireless AttacksReconnaissance and Exploitation of Web-Based ApplicAttacking Remote AccessClient-Side ExploitationBy-Passing Security ControlsExploitationAction on the ObjectivePrivilege EscalationCommand and Control