Cyber Security
5 Kali Linux books you should read this year
Kali Linux is a Linux distribution designed for digital forensics, penetration testing, security research, and reverse engineering.
Here is a selection of books for different experience levels, you can either start from scratch or get advanced tips – there’s something for everyone.
Advanced Security Testing with Kali Linux
Independently published / Author: Daniel Dieterle
This book covers the more intermediate and advanced uses of the Kali Linux pentesting distribution. You will learn topics like:
- The MITRE ATT@CK Framework
- Command & Control (C2) frameworks
- In-depth network scanning
- Web app pentesting
- Advanced techniques like “Living off the Land”
- AV bypass tools
- Using IoT devices in security
Kali Linux Penetration Testing Bible
Wiley / Author: Gus Khawaja
This book is the hands-on and methodology guide for pentesting with Kali Linux. You’ll discover everything you need to know about the tools and techniques hackers use to gain access to systems like yours so you can erect reliable defenses for your virtual assets. Whether you’re new to the field or an established pentester, you’ll find what you need in this comprehensive guide.
- Build a modern dockerized environment
- Discover the fundamentals of the bash language in Linux
- Use a variety of effective techniques to find vulnerabilities (OSINT, Network Scan, and more)
- Analyze your findings and identify false positives and uncover advanced subjects, like buffer overflow, lateral movement, and privilege escalation
- Apply practical and efficient pentesting workflows
- Learn about Modern Web Application Security Secure SDLC
- Automate your penetration testing with Python
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali
No Starch Press / Author: OccupyTheWeb
If you’re getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you’ll learn the basics of using the Linux operating system and acquire the tools and techniques you’ll need to take control of a Linux environment.
First, you’ll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you’ll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You’ll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to:
- Cover your tracks by changing your network information and manipulating the rsyslog logging utility
- Write a tool to scan for network connections, and connect and listen to wireless networks
- Keep your internet activity stealthy using Tor, proxy servers, VPNs, and encrypted email
- Write a bash script to scan open ports for potential targets
- Use and abuse services like MySQL, Apache web server, and OpenSSH
- Build your own hacking tools, such as a remote video spy camera and a password cracker
Mastering Kali Linux for Advanced Penetration Testing, 4th Edition
Packt Publishing / Author: Vijay Kumar Velu
In this book you’ll learn an offensive approach to enhance your penetration testing skills by testing the sophisticated tactics employed by real hackers. You’ll go through laboratory integration to cloud services so that you learn another dimension of exploitation that is typically forgotten during a penetration test. You’ll explore different ways of installing and running Kali Linux in a VM and containerized environment and deploying vulnerable cloud services on AWS using containers, exploiting misconfigured S3 buckets to gain access to EC2 instances.
This book delves into passive and active reconnaissance, from obtaining user information to large-scale port scanning. Building on this, different vulnerability assessments are explored, including threat modeling. See how hackers use lateral movement, privilege escalation, and command and control (C2) on compromised systems. By the end of this book, you’ll have explored many advanced pentesting approaches and hacking techniques employed on networks, IoT, embedded peripheral devices, and radio frequencies.
For more information about this book, we have a video with the author you can watch here.
The Ultimate Kali Linux Book – 2nd Edition
Packt Publishing / Author: Glen D. Singh
This is a comprehensive guide for those who are new to Kali Linux and penetration testing that will have you up to speed in no time. Using real-world scenarios, you’ll understand how to set up a lab and explore core penetration testing concepts.
Throughout this book, you’ll focus on information gathering and even discover different vulnerability assessment tools bundled in Kali Linux. You’ll learn to discover target systems on a network, identify security flaws on devices, exploit security weaknesses and gain access to networks, set up Command and Control (C2) operations, and perform web application penetration testing. In this updated second edition, you’ll be able to compromise Active Directory and exploit enterprise networks.
Finally, this book covers best practices for performing complex web penetration testing techniques in a highly secured environment.
Source: https://www.helpnetsecurity.com/2022/09/13/5-kali-linux-books/
IoT security threats highlight the need for zero trust principles
New infosec products of the week: October 27, 2023
Raven: Open-source CI/CD pipeline security scanner
Apple news: iLeakage attack, MAC address leakage bug
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
