Penetration Testing Using Kali Linux New!
The purpose of this module is to introduce students to the use of Kali Linux to perform a penetration test against a target system in a controlled lab environment. The material is approached from the perspective of what an actual penetration tester would do in a real-life penetration testing scenario.
This module contains the following nine labs and provides a hands-on introduction to penetration testing to prepare students for opportunities as penetration testers or red team members in industry and government:
LABS (Complete in order):
- Scan a network to identify target systems using Nmap.
- Enumerate network services on target systems using Nmap, ssh, and Netcat.
- Locate vulnerabilities on targets using the Nmap Scripting Engine.
- Research vulnerabilities using the CVE database and locate a Metasploit module.
- Exploit vulnerabilities on target systems using Metasploit.
- Use post-exploitation techniques to change system configurations, exfil and crack password hashes, and create persistent backdoor access.
- Remove traces of penetration testing from the target system.
- Document the penetration test.
This module includes lecture slides that provide an overview of each lab and should be given to the students prior to attempting the lab.
The nine labs need to be completed in order. Each lab establishes the conditions for the next lab, so performing the labs out of sequence will cause problems for the students.
Ensure the students are documenting their lab activities. Documentation is a big part of penetration testing. Students should be encouraged to provide written documentation as well as screenshots of their activities. Students should also be encouraged to document any issues or mistakes they make and steps taken to correct the issue.
Using the Virginia Cyber Range
All of the labs in this module are designed to be used in the Virginia Cyber Range, Cyber Basics (2018) environment. If you don’t already have an instructor account on the range, request an account here.
Once the instructor has an account and a new course is created, the instructor should add the Cyber Basics (2018) environment, and then invite their students to be able to use it in the Virginia Cyber Range.
NOTE: When using the Virginia Cyber Range, each instance of the lab environment will have a different network, so the IP addresses in the lab example will not match the students’ lab environment. The labs include notes to remind students to change the IP address in the example to the IP address of their lab environment, but it is always a good idea to reinforce this during the lecture.
- K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- K0111: Knowledge of common network tools (e.g., ping, traceroute, nslookup) and interpret the information results.
- K0119: Knowledge of hacking methodologies in Windows or Unix/Linux environment.
- K0129: Knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep).
- K0307: Knowledge of common network tools (e.g., ping, traceroute, nslookup).
- K0342: Knowledge of penetration testing principles, tools, and techniques.
- S0051: Skill in the use of penetration testing tools and techniques.
- A0055: Ability to operate common network tools (e.g., ping, traceroute, nslookup).
- Penetration Testing (PTT)