Book Description

Build, test, and customize your own Capture the Flag challenges across multiple platforms designed to be attacked with Kali LinuxAbout This BookPut the skills of the experts to the test with these tough and customisable pentesting projectsDevelop each challenge to suit your specific training, testing, or client engagement needsHone your skills, from wireless attacks to social engineering, without the need to access live systemsWho This Book Is ForIf you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.What You Will LearnSet up vulnerable services for both Windows and LinuxCreate dummy accounts for social engineering manipulationSet up Heartbleed replication for vulnerable SSL serversDevelop full-size labs to challenge current and potential testersConstruct scenarios that can be applied to Capture the Flag style challengesAdd physical components to your scenarios and fire USB missile launchers at your opponentsChallenge your own projects with a best-practice exploit guide to each scenarioIn DetailAs attackers develop more effective and complex ways to compromise computerized systems, penetration testing skills and tools are in high demand. A tester must have varied skills to combat these threats or fall behind. This book provides practical and customizable guides to set up a variety of exciting challenge projects that can then be tested with Kali Linux.Learn how to create, customize, and exploit penetration testing scenarios and assault courses. Start by building flawed fortresses for Windows and Linux servers, allowing your testers to exploit common and not-so-common vulnerabilities to break down the gates and storm the walls. Mimic the human element with practical examples of social engineering projects. Facilitate vulnerable wireless and mobile installations and cryptographic weaknesses, and replicate the Heartbleed vulnerability. Finally, combine your skills and work to create a full red-team assessment environment that mimics the sort of corporate network encountered in the field.