Kali Linux CTF Blueprints -- Table of Contents -- Kali Linux CTF Blueprints -- Credits -- About the Author -- About the Reviewers -- www.PacktPub.com -- Support files, eBooks, discount offers, and more -- Why subscribe? -- Free access for Packt account holders -- Preface -- What this book covers -- What you need for this book -- Who this book is for -- Reading guide -- A warning -- Conventions -- Reader feedback -- Customer support -- Downloading the example code -- Errata -- Piracy -- Questions -- 1. Microsoft Environments -- Creating a vulnerable machine -- Securing a machine -- Creating a secure network -- Basic requirements -- Setting up a Linux network -- Setting up a Windows network -- Hosting vulnerabilities -- Scenario 1 - warming Adobe ColdFusion -- Setup -- Variations -- Scenario 2 - making a mess with MSSQL -- Setup -- Variations -- Scenario 3 - trivializing TFTP -- Vulnerabilities -- Flag placement and design -- Testing your flags -- Making the flag too easy -- Making your finding too hard -- Alternate ideas -- Post-exploitation and pivoting -- Exploitation guides -- Scenario 1 - traverse the directories like it ain't no thing -- Scenario 2 - your database is bad and you should feel bad -- Scenario 3 - TFTP is holier than the Pope -- Challenge modes -- Summary -- 2. Linux Environments -- Differences between Linux and Microsoft -- The setup -- Scenario 1 - learn Samba and other dance forms -- Setup -- Configuration -- Testing -- Variations -- Information disclosure -- File upload -- Scenario 2 - turning on a LAMP -- Setup -- The PHP -- Variations -- Out-of-date versions -- Login bypass -- SQL injection -- Dangerous PHP -- PHPMyAdmin -- Scenario 3 - destructible distros -- Setup -- Variations -- Scenario 4 - tearing it up with Telnet -- Setup -- Variations -- Default credentials -- Buffer overflows -- Flag placement and design.

Exploitation guides -- Scenario 1 - smashing Samba -- Scenario 2 - exploiting XAMPP -- Scenario 3 - like a privilege -- Scenario 4 - tampering with Telnet -- Summary -- 3. Wireless and Mobile -- Wireless environment setup -- Software -- Hardware -- Scenario 1 - WEP, that's me done for the day -- Code setup -- Network setup -- Scenario 2 - WPA-2 -- Setup -- Scenario 3 - pick up the phone -- Setup -- Important things to remember -- Exploitation guides -- Scenario 1 - rescue the WEP key -- Scenario 2 - potentiating partial passwords -- Scenario 3.1 - be a geodude with geotagging -- Scenario 3.2 - ghost in the machine or man in the middle -- Scenario 3.3 - DNS spoof your friends for fun and profit -- Summary -- 4. Social Engineering -- Scenario 1 - maxss your haxss -- Code setup -- Scenario 2 - social engineering: do no evil -- Setup -- Variations -- Scenario 3 - hunting rabbits -- Core principles -- Potential avenues -- Connecting methods -- Creating an OSINT target -- Scenario 4 - I am a Stegosaurus -- Visual steganography -- Exploitation guides -- Scenario 1 - cookie theft for fun and profit -- Scenario 2 - social engineering tips -- Scenario 3 - exploitation guide -- Scenario 4 - exploitation guide -- Summary -- 5. Cryptographic Projects -- Crypto jargon -- Scenario 1 - encode-ageddon -- Generic encoding types -- Random encoding types -- Scenario 2 - encode + Python = merry hell -- Setup -- Substitution cipher variations -- Scenario 3 - RC4, my god, what are you doing? -- Setup -- Implementations -- Scenario 4 - Hishashin -- Setup -- Hashing variations -- Scenario 5 - because Heartbleed didn't get enough publicity as it is -- Setup -- Variations -- Exploitation guides -- Scenario 1 - decode-alypse now -- Scenario 2 - trans subs and other things that look awkward in your history -- Automatic methods -- Scenario 3 - was that a 1 or a 0 or a 1?.

Scenario 4 - hash outside of Colorado -- Scenario 5 - bleeding hearts -- Summary -- 6. Red Teaming -- Chapter guide -- Scoring systems -- Setting scenarios -- Reporting -- Reporting example -- Reporting explanation -- CTF-style variations -- DEFCON game -- Physical components -- Attack and defense -- Jeopardy -- Scenario 1 - ladders, why did it have to be ladders? -- Network diagram -- Brief -- Setting up virtual machines -- DMZ -- missileman -- secret1 -- secret2 -- secret3 -- Attack guide -- Variations -- Dummy devices -- Combined OSINT trail -- The missile base scenario summary -- Scenario 2 - that's no network, it's a space station -- Network diagram -- Brief -- Setting up a basic network -- Attack of the clones -- Customizing cloned VMs -- Workstation1 -- Workstation2 -- Workstation3 -- Workstation4 -- Workstation5 -- Attack guide -- Variations -- The network base scenario summary -- Summary -- A. Appendix -- Further reading -- Recommended competitions -- Existing vulnerable VMs -- Index.