Kali Linux is the most comprehensive distributions for pentesting and ethical hacking. It also contains popular forensics tools available to conduct professional-level forensics investigations. It also plays a very important role when it comes to securing your data or discovering loopholes within your system.
This Learning Path is an easy-to-follow, clear and concise instructions to guide you through the practical techniques and tools using Kali Linux. You'll start with learning to perform vulnerability assessments using well-known softwares such as Nessus and OpenVas & try to exploit those vulnerabilities to show the consequences. Next you will learn about network traffic capture and analysis along with leveraging OpenVAS 9 for vulnerability scanning by finding loopholes and conquering your network environment. Finally you will learn about digital forensic which consist of how to extract and recover data, analyze the acquired data, and report and present digital evidence from a device.
Contents and Overview
This training program includes 3 complete courses, carefully chosen to give you the most comprehensive training possible.
The first course, Digital Forensics with Kali Linux covers instructions for digital imaging and forensics, and shows you hashing tools to perform successful forensic analysis with Kali Linux. It start by showing you how to use the tools (dc3dd in particular) to acquire images from the media to be analyzed, either hard drives, mobile devices, thumb drives, or memory cards. The course presents the Autopsy forensic suite and other specialized tools, such as the Sleuth Kit and RegRipper, to extract and analyze various artifacts from a Windows image. Next you'll learn how to perform the analysis of an Android device image using Autopsy. It also teaches you file carving and recovery of deleted data, and then the process of acquiring and analyzing RAM memory (live analysis) using the Volatility framework. Finally, we demonstrate how to report and present digital evidence found during the analysis. By the end of the course, you will be able to extract and recover data, analyze the acquired data, and report and present digital evidence from a device.
The second course, Finding and Exploiting Hidden Vulnerabilities cover detailed vulnerability assessment and based on the findings try to exploit the target. This course will help you understand the understand the process of VAPT (Vulnerability Assessment and Penetration Testing) step by step. So here you’ll learn how to perform vulnerability assessments using well-known softwares such as Nessus and OpenVas. After finding the vulnerabilities, the next step for a pentester is to try to exploit those vulnerabilities to show the consequences, and nothing is better for this than Metasploit Framework. This being said you’ll also learn about many key features of Metasploit Framework and use it to exploit the vulnerabilities on the target device/machine. Finally, you’ll understand why you need to document everything done during the activity. By the end of this course, you’ll have a good understanding of the approach to follow when doing VAPT for any client.
The third course, Mastering Kali Linux network scanning covers core network scanning tasks. In this course, you'll learn to fundamentals of utilizing Kali Linux so you can gain control over your network environment. It also focuses on core network scanning tasks such as discovery scanning, port scanning, service enumeration, operating system identification, vulnerability mapping, and validating identified findings. Next, you will also learn about network traffic capture and analysis along with leveraging OpenVAS 9 for vulnerability scanning. Lastly, this course will also teach you to create your own packages and host your own custom repositories along with securing and monitoring Kali Linux at the Network and filesystem level. By the end of this video, you will be very proficient at finding loopholes and conquering your network.
By the end of the course, you’ll have a good understanding of the approach to follow when doing VAPT for any client & also able to extract and recover data, analyze the acquired data, and report and present digital evidence from a device.
About the Authors
- Marco Alamanni has professional experience working as a Linux system administrator and Information Security analyst in banks and financial institutions. He holds a BSc in Computer Science and an MSc in Information Security. His interests in information technology include ethical hacking, digital forensics, malware analysis, Linux, and programming, among other things. He also collaborates with IT magazines to write articles about Linux and IT security. He has used Kali Linux on various occasions to conduct incident response and forensics in his professional activity, besides using it for penetration testing purposes. He is also the author of “Kali Linux Wireless Penetration Testing Essentials” published by Packt Publishing.
- Tajinder Kalsi with more than 9 years of working experience in the field of IT, Tajinder has conducted Seminars in Engineering Colleges all across India, on topics such as Information Security and Android Application Development at more than 120 colleges and teaching 10,000+ students. Apart from training, he has also worked on VAPT projects for various clients. When talking about certifications, Tajinder is a certified ISO 27001:2013 Auditor.
Prior to this course, Tajinder has authored Practical Linux Security Cookbook published by Packt Publishing. He was also a Technical Reviewer with Packt, in his spare time and has reviewed the books titled - Web Application Penetration Testing with Kali Linux and Mastering Kali Linux for Advanced Penetration Testing. He is best described as dedicated, devoted, and determined and a person who strongly believes in making his dreams come true. He defines himself as a tireless worker, who loves to laugh and make others laugh.
- Paul Olushile is a Unix/Linux System Administrator expert with 4 years experience as a Kali Linux Penetration Tester. He's responsible for setting up and maintaining Linux servers, training and maintaining servers installed and setting up with custom builds and applications on a network; creating, deleting and modifying local user and group accounts; and troubleshooting and fixing NFS, TCP/IP and other protocols problems. He's a freelancer in Kali Linux Penetration Testing and Research, breaking into computers and networks in order to find potential security breaches, running tests, creating written reports, detailing assessment findings and recommendations, designing new tests, designing and creating new penetration tools and tests, working on improvements for security services, including continuous enhancement of existing methodology materials and supporting assets and running security audits.
- Basic knowledge of Kali Linux is assumed.