Hands-On Penetration Testing with Kali NetHunter

coverpage

Title Page

Copyright and Credits

Hands-On Penetration Testing with Kali NetHunter

About Packt

Why subscribe?

Packt.com

Contributors

About the authors

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

Disclaimer

Section 1: Exploring Kali NetHunter

Introduction to Kali NetHunter

What is Kali NetHunter?

Tools within Kali NetHunter

MAC Changer

The MITM framework

HID attacks

DuckHunter HID

BadUSB MITM attacks

The MANA Wireless Toolkit

Software defined radio

Network Mapper

The Metasploit Payload Generator

Searchsploit

The Android platform and security model

The Android architecture

The Application layer

The Application Framework Layer

Android Libraries

Android Runtime

Kernel

The Android security model

Android Device Manager

SafetyNet

Verify applications

Application services

Android updates

The Google Play Store

Google Play Protect

Installing NetHunter

Building Kali NetHunter for a specific device (optional)

Additional optional hardware

Summary

Understanding the Phases of the Pentesting Process

The need for penetration testing

Types of hackers

White hat

Grey hat

Black hat

Script kiddie

Suicide hacker

Hacktivist

State-sponsored hacker

Penetration testing

Blue teaming vs red teaming vs purple team

Blue team

Red team

Purple team

Types of penetration tests

Phases of penetration testing

The pre-attack phase

The attack phase

The post-attack phase

Penetration testing methodologies and frameworks

OWASP testing framework

PCI penetration testing guide

Penetration Testing Execution Standard

Open Source Security Testing Methodology Manual

Phases of penetration testing

Reconnaissance

Scanning

Gaining access

Maintaining access

Clearing tracks

Deliverables

Summary

Section 2: Common Pentesting Tasks and Tools

Intelligence-Gathering Tools

Technical requirements

Objectives of intelligence gathering

Information for the taking

Types of information available

Network information

Organizational data

Tools for gathering useful information

Using Shodan

Working with filters

Using Metagoofil

Exercise using Metagoofil to collect information

Using Nikto