Penetration Testing with Raspberry Pi

Penetration Testing with Raspberry Pi

by Joseph Muniz, Aamir Lakhani
Released January 2015
Publisher(s): Packt Publishing
ISBN: 9781784396435

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Construct a hacking arsenal for penetration testers or hacking enthusiasts using Kali Linux on a Raspberry Pi

In Detail

The Raspberry Pi is a low-cost credit-card sized computing system that can be customized for just about anything including penetration testing. Raspberry Pi is the best known platform not because it is cheap but because it is very powerful. Kali is a pentesting/security auditing Linux distribution. Kali Linux has many penetration-testing programs, including nmap (a port scanner), Wireshark (a packet analyzer), John the Ripper (a password cracker), Aircrack-ng (a software suite for the penetration-testing of wireless LANs), and Burp suite and OWASP ZAP (both web application security scanners).

This book covers how to turn a Raspberry Pi into a hacking arsenal to leverage the most popular open source toolkit, Kali Linux. You will learn how to use various tools to breach networks and steal data.

What You Will Learn

  • Install and tune Kali Linux on a Raspberry Pi for hacking

  • Use a Raspberry Pi for pentests such as breaking wireless security, scanning networks, and capturing sensitive data

  • Perform man-in-the-middle attacks and bypass SSL encryption

  • Compromise systems using various exploits and toolkits

  • Bypass security defenses and remove data off a target network

  • Develop a command and control system to manage remotely placed Raspberry Pis

  • Turn a Raspberry Pi into a honeypot to capture sensitive information

  • Grasp professional penetration testing through proper documentation

    •

    Table of contents

    1. Penetration Testing with Raspberry Pi
      1. Table of Contents
      2. Penetration Testing with Raspberry Pi
      3. Credits
      4. About the Authors
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
      7. Disclaimer
      8. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the color images of this book
          2. Errata
          3. Piracy
          4. Questions
      9. 1. Raspberry Pi and Kali Linux Basics
        1. Purchasing a Raspberry Pi
        2. Assembling a Raspberry Pi
          1. Preparing a microSD card
        3. Installing Kali Linux
        4. Combining Kali Linux and Raspberry Pi
          1. Pros and cons of the Raspberry Pi
          2. Raspberry Pi penetration testing use cases
        5. Cloning the Raspberry Pi SD card
        6. Avoiding common problems
        7. Summary
      10. 2. Preparing the Raspberry Pi
        1. Raspberry Pi use cases
        2. The Command and Control server
        3. Preparing for a penetration test
        4. Overclocking
        5. Setting up wireless cards
        6. Setting up a 3G USB modem with Kali Linux
        7. Setting up the SSH service
        8. SSH default keys and management
        9. Reverse shell through SSH
        10. Stunnel
        11. Installing a Stunnel client
        12. Wrapping it up with an example
        13. Summary
      11. 3. Penetration Testing
        1. Network scanning
          1. Nmap
          2. Wireless security
        2. Cracking WPA/WPA2
          1. Creating wordlists
          2. Capturing traffic on the network
          3. Tcpdump
          4. Man-in-the-middle attacks
        3. Getting data to the Pi
          1. ARP spoofing
          2. Ettercap
          3. Ettercap command line
        4. Driftnet
        5. Tuning your network capture
        6. Scripting tcpdump for future access
          1. Wireshark
          2. Capturing a WordPress password example
          3. TShark
        7. Beating HTTPS with SSLstrip
          1. Launching an SSLstrip attack
        8. Summary
      12. 4. Raspberry Pi Attacks
        1. Exploiting a target
        2. Metasploit
          1. Creating your own payloads with Metasploit
          2. Wrapping payloads
        3. Social engineering
          1. The Social-Engineer Toolkit
        4. Phishing with BeEF
        5. Rogue access honeypots
          1. Easy-creds
        6. Summary
      13. 5. Ending the Penetration Test
        1. Covering your tracks
          1. Wiping logs
        2. Masking your network footprint
          1. Proxychains
          2. Resetting the Raspberry Pi to factory settings
            1. Remotely corrupting Kali Linux
        3. Developing reports
          1. Creating screenshots
            1. ImageMagick
            2. Shutter
          2. Compressing files
            1. Zip/Unzip
            2. File Roller
            3. Split
        4. Summary
      14. 6. Other Raspberry Pi Projects
        1. PwnPi
        2. Raspberry Pwn
        3. PwnBerry Pi
        4. Defending your network
          1. Intrusion detection and prevention
            1. Snort
          2. Content filter
            1. KidSafe
          3. Remote access with OpenVPN
          4. Tor relays and routers
            1. Raspberry Tor
            2. Tor router
        5. Running Raspberry Pi on your PC with QEMU emulator
        6. Other Raspberry Pi uses
          1. Flight tracking using PiAware
          2. PiPlay
          3. PrivateEyePi
        7. More uses
        8. Summary
      15. Index

    Product information

    • Title: Penetration Testing with Raspberry Pi
    • Author(s): Joseph Muniz, Aamir Lakhani
    • Release date: January 2015
    • Publisher(s): Packt Publishing
    • ISBN: 9781784396435