InfoSec With Me :)

Mastering Kali Linux For Advanced Penetration Testing | Infosecwithme

Click on Download Button | Infosecwithme

Kali LinuxRevealed | Mastering the Penetration TestingDistribution | Infosecwithme

Thanks to Raphaël Hertzog, JimO’Gorman, and Mati Aharoni

Click on Download button | Infosecwithme

Table of Content

1. About Kali Linux

2. Getting Started with Kali Linux

3. Linux Fundamentals

4. Installing Kali Linux

5. Configuring Kali Linux

6. Helping Yourself & Getting Help

7. Securing & Monitoring Kali Linux

8. Debian Package Management

9. Advanced Phase

10. Kali Linux in the Enterprise

11. Introduction to Security Assessments

12. Conclusion:The Road Ahead 

Click on Download button | Infosecwithme

Kali Linux CTF Blueprints - Buchanan, Cam PDF | Infosecwithme

Thanks to Cameron Buchanan


The Topic are really in-depth with scenario based approach. you can refer table of content & download to study it.

I am 100% sure you will have more fun while reading & practicing it. it will enhance your skills very well.

Click on Download button | Infosecwithme

Chapter 1: Microsoft Environments

Creating a vulnerable machine
Securing a machine
Creating a secure network
Basic requirements
Setting up a Linux network
Setting up a Windows network
Hosting vulnerabilities

Scenario 1 – warming Adobe ColdFusion Setup                                                                                  Variations
                                                                           
Scenario 2 – making a mess with MSSQL
Setup                                                                         
Variations                                                                                                   

Scenario 3 – trivializing TFTP
Vulnerabilities                                                                                               
Flag placement and design
Testing your flags
Making the flag too easy
Making your finding too hard
Alternate ideas

Post exploitation and pivoting
Exploitation guides
Scenario 1 – traverse the directories like it ain't no thing
Scenario 2 – your database is bad and you should feel bad
Scenario 3 – TFTP is holier than the Pope
Challenge modes                             

Chapter 2: Linux Environments 

Differences between Linux and Microsoft
Setup

Scenario 1 – learn Samba and other dance forms
Setup
Configuration
Testing                                                                             
Variations
Information disclosure
File upload

Scenario 2 – turning on a LAMP
Setup
The PHP
Variations
Out-of-date
versions
Login bypass
SQL injection
Dangerous PHP
PHPMyAdmin

Scenario 3 – destructible distros
Setup
Variations

Scenario 4 – tearing it up with Telnet
Setup
Variations
Default credentials
Buffer overflows

Flag placement and design
Exploitation guides
Scenario 1 – smashing Samba
Scenario 2 – exploiting XAMPP
Scenario 3 – liking a privilege
Scenario 4 – tampering with Telnet

Chapter 3: Wireless and Mobile 

Wireless environment setup
Software
Hardware

Scenario 1 – WEP, that's me done for the day
Code setup
Network setup

Scenario 2 – WPA-2
Setup                                                                                                           
Scenario 3 – pick up the phone Setup                                                                               
Important things to remember

Exploitation guides
Scenario 1 – rescue the WEP key
Scenario 2 – potentiating partial passwords
Scenario 3.1 – be a geodude with geotagging
Scenario 3.2 – ghost in the machine or man in the middle
Scenario 3.3 – DNS spoof your friends for fun and profit

Chapter 4: Social Engineering 

Scenario 1 – maxss your haxss
Code setup

Scenario 2 – social engineering: do no evil
Setup
Variations

Scenario 3 – hunting rabbits
Core principles
Potential avenues
Connecting methods
Creating an OSINT target

Scenario 4 – I am a Stegosaurus
Visual steganography

Exploitation guides
Scenario 1 – cookie theft for fun and profit
Scenario 2 – social engineering tips
Scenario 3 – exploitation guide
Scenario 4 – exploitation guide

Chapter 5: Cryptographic Projects 

Crypto jargon

Scenario 1 – encode-ageddon
Generic encoding types
Random encoding types

Scenario 2 – encode + Python = merry hell
Setup
Substitution cipher variations

Scenario 3 – RC4, my god, what are you doing?
Setup
Implementations

Scenario 4 – Hishashin
Setup
Hashing variations

Scenario 5 – because Heartbleed didn't get enough publicity as it is
Setup
Variations             

Exploitation guides
Scenario 1 – decode-alypse now
Scenario 2 – trans subs and other things that look awkward in your history
Automatic methods
Scenario 3 – was that a 1 or a 0 or a 1?
Scenario 4 – hash outside of Colorado
Scenario 5 – bleeding hearts

Chapter 6: Red Teaming 

Chapter guide
Scoring systems
Setting scenarios
Reporting                                                                           
        Reporting example
Reporting explanation

CTF-style variations
DEFCON game
Physical components
Attack and defense
Jeopardy

Scenario 1 – ladders, why did it have to be ladders?
Network diagram
Brief
Setting up virtual machines
DMZ
missileman
               secret1                                                                     
               secret2
       secret3

Attack guide
Variations
Dummy devices
Combined OSINT trail
The missile base scenario summary

Scenario 2 – that's no network, it's a space station
Network diagram Brief                                                                               
Setting up a basic network
Attack of the clones
Customizing cloned VMs
Workstation1
Workstation2
Workstation3
Workstation4
Workstation5

Attack guide
Variations
The network base scenario summary Summary                                                                                Appendix                                                                             
Further reading
Recommended competitions
Existing vulnerable VMs

Click on Download button | Infosecwithme

Social Engineering Using Kali Linux PDF | Infosecwithme

Credit to Rahul Singh Patel

Click on Download button | Infosecwithme

Table of content:

Chapter 1: Introduction to Social Engineering Attacks 

Understanding social engineering attacks 
Phases in a social engineering attack 
Research 
Hook 
Play 
Exit 
Types of social engineering 
Human-based social engineering 
Computer-based social engineering 
Computer-based social engineering tools – Social-Engineering Toolkit (SET) 
Website cloning 
Policies and procedure 
Training 
Incident response system 
Classification of information 
Password policies
Summary

Chapter 2: Understanding Website Attack Vectors 

Phishing and e-mail hacking – Credential Harvester attack 
Updating your Social-Engineering Toolkit 
Web jacking 
Spear-phishing attack vector 
Java Applet Attack 
Defense against these attacks 

Chapter 3: Performing Client-side Attacks through SET 

Creating a payload and a listener 
Vulnerability
Exploit
Payload 
Steps to create a payload and listener 
Understanding the mass mailer attack 
Understanding the SMS spoofing attack vector 
The predefined template
Summary                                                                                

Chapter 4: Understanding Social Engineering Attacks 

Identity theft 
Stealing an identity
Elicitation
Skills required in an attacker 
Penetration testing tools 
The Browser Exploitation Framework 
The Social Engineering Framework 
Sefemails 
Sefphish 
Sefnames 
SefPayload 
Defense
Summary      

Click on Download Button | Infosecwithme

                                                                          

Practical Penetration Testing Techniques using Kali Linux PDF | Infosecwithme

Click on Download button  | Infosecwithme

Table of Content:

Click on Download button | Infosecwithme