Ethical Hacking Workshop: Explore a practical approach to learning and applying ethical hacking techniques for effective cybersecurity

Ethical Hacking Workshop....2

Contributors....7

About the authors....7

About the reviewers....9

Preface....16

Who this book is for....17

What this book covers....18

To get the most out of this book....18

Conventions used....20

Get in touch....21

Share Your Thoughts....21

Download a free PDF copy of this book....22

Part 1:Network Fundamentals....23

Chapter 1: Networking Primer....24

Technical requirements....24

Why is networking crucial?....24

Networking concepts on-premises and in the cloud....25

Packets....25

MAC address....26

IP addresses....26

Cloud computing....27

Infrastructure-as-a-Service....29

Software-as-a-Service....30

Platform-as-a-Service....30

Networking tools and attacks....31

Packet capturing....31

MAC address spoofing....35

ARP spoofing....37

Setting up the lab....39

Putting what you have learned into practice....44

Best practices....46

Summary....46

Chapter 2: Capturing and Analyzing Network Traffic....48

Technical requirements....48

Capturing network traffic....48

Capturing and analyzing wired network traffic....51

Working with network traffic in the cloud....63

Putting what you have learned into practice....64

Best practices....64

Summary....64

Chapter 3: Cryptography Primer....65

Technical requirements....65

What is encryption?....65

The Caesar cipher....66

The Vigenère cipher....67

Overview of common encryption ciphers....67

Encryption algorithms....68

Symmetric encryption....68

Asymmetric encryption....72

Common types of encryption attacks....73

Encryption in the cloud....73

Putting what you have learned into practice....74

Summary....77

Part 2: Breaking and Entering....78

Chapter 4: Reconnaissance....79

Technical requirements....79

What is reconnaissance?....79

Passive information gathering....81

Active information gathering....92

Performing recon on wireless networks....94

Performing recon in the cloud....99

Gitleaks....99

CloudBrute....101

Putting what you have learned into practice....102

DNS domain enumeration....102

Performing OSINT with Shodan....103

Conducting wireless reconnaissance....103

Best practices....103

Summary....104

Chapter 5: Scanning....105

Technical requirements....105

Scanning techniques....105

Port scanning....106

Understanding Nmap....108

Vulnerability scanning....116

Nmap vulnerability scanning....116

OpenVAS....118

Wi-Fi and cloud scanning....123

Wireless scanning....123

Scanning exercises....133

Summary....134

Chapter 6: Gaining Access....135

Technical requirements....135

Social engineering....135

Phishing....136

IP address sniffing and spoofing....137

Wireshark....137

macchanger....138

Code-based attacks....139

Buffer overflow....139

Format string attacks....140

Exploiting services....142

Password cracking....142

Pass the hash....150

Web app attacks....151

Exploiting cloud services....159

Exercises on gaining access....160

Summary....161

Part 3: Total Immersion....162

Chapter 7: Post-Exploitation....163

Technical requirements....163

Privilege escalation....163

unix-privsec-check....164

LinPEAS....166

Lateral movement....167

Evil-WinRM....167

Backdoors and Trojan horses....171

Trojan horse....175

Rootkits....179

User-mode rootkits....180

Kernel-mode rootkits....181

Rootkit scanning....183

Maintaining access in the cloud environment....189

Post-exploitation exercises....190

Privilege escalation and lateral movement....190

Backdoors and Trojan horses....190

Embedded software backdoor....190

Rootkits....192

Summary....193

Index....194

Why subscribe?....211

Other Books You May Enjoy....211

Packt is searching for authors like you....213

Share Your Thoughts....214

Download a free PDF copy of this book....214

The Ethical Hacking Workshop will teach you how to perform ethical hacking and provide you with hands-on experience using relevant tools.

By exploring the thought process involved in ethical hacking and the various techniques you can use to obtain results, you'll gain a deep understanding of how to leverage these skills effectively.

Throughout this book, you'll learn how to conduct a successful ethical hack, how to use the tools correctly, and how to interpret the results to enhance your environment's security. Hands-on exercises at the end of each chapter will ensure that you solidify what you’ve learnt and get experience with the tools.

By the end of the book, you'll be well-versed in ethical hacking and equipped with the skills and knowledge necessary to safeguard your enterprise against cyber-attacks.

What you will learn

• Understand the key differences between encryption algorithms, hashing algorithms, and cryptography standards
• Capture and analyze network traffic
• Get to grips with the best practices for performing in-cloud recon
• Get start with performing scanning techniques and network mapping
• Leverage various top tools to perform privilege escalation, lateral movement, and implant backdoors
• Find out how to clear tracks and evade detection

Who this book is for

This book is for cybersecurity professionals who already work as part of a security team, blue team, purple team or as a security analyst and want to become familiar with the same skills and tools that potential attackers may use to breach your system and identify security vulnerabilities. A solid understanding of cloud computing and networking is a prerequisite.