Hands-On Penetration Testing on Windows: Unleashing Kali Linux, PowerShell and Windows debugging tools for security testing and analysis

Phil Bramwell


Master the art of identifying vulnerabilities within the Windows OS and develop the desired solutions for it using Kali Linux.

Key Features

  • Identify the vulnerabilities in your system using Kali Linux 2018.02
  • Discover the art of exploiting Windows kernel drivers
  • Get to know several bypassing techniques to gain control of your Windows environment

Book Description

Windows has always been the go-to platform for users around the globe to perform administration and ad hoc tasks, in settings that range from small offices to global enterprises, and this massive footprint makes securing Windows a unique challenge. This book will enable you to distinguish yourself to your clients.

In this book, you'll learn advanced techniques to attack Windows environments from the indispensable toolkit that is Kali Linux. We'll work through core network hacking concepts and advanced Windows exploitation techniques, such as stack and heap overflows, precision heap spraying, and kernel exploitation, using coding principles that allow you to leverage powerful Python scripts and shellcode.

We'll wrap up with post-exploitation strategies that enable you to go deeper and keep your access. Finally, we'll introduce kernel hacking fundamentals and fuzzing testing, so you can discover vulnerabilities and write custom exploits.

By the end of this book, you'll be well-versed in identifying vulnerabilities within the Windows OS and developing the desired solutions for them.

What you will learn

  • Get to know advanced pen testing techniques with Kali Linux
  • Gain an understanding of Kali Linux tools and methods from behind the scenes
  • See how to use Kali Linux at an advanced level
  • Understand the exploitation of Windows kernel drivers
  • Understand advanced Windows concepts and protections, and how to bypass them using Kali Linux
  • Discover Windows exploitation techniques, such as stack and heap overflows and kernel exploitation, through coding principles

Who this book is for

This book is for penetration testers, ethical hackers, and individuals breaking into the pentesting role after demonstrating an advanced skill in boot camps. Prior experience with Windows exploitation, Kali Linux, and some Windows debugging tools is necessary

Table of Contents

  1. Bypassing Network Access Control
  2. Sniffing and Spoofing
  3. Windows Passwords on the Network
  4. Advanced Network Attacks
  5. Cryptography and the Penetration Tester
  6. Advanced Exploitation with Metasploit
  7. Stack and Heap: Memory Management
  8. Windows Kernel Security
  9. Weaponizing Python
  10. Windows Shellcoding
  11. Bypassing Protections with ROP
  12. Fuzzing Techniques
  13. Going beyond the Foothold
  14. Taking PowerShell to the Next Level
  15. Escalating Privileges
  16. Maintaining Access
  17. Tips and Tricks
  18. Assessment


精通在Windows操作系統中識別漏洞並使用Kali Linux開發相應解決方案的藝術。


- 使用Kali Linux 2018.02識別系統中的漏洞
- 探索利用Windows內核驅動程序的技巧
- 了解多種繞過技術,以掌控Windows環境



在本書中,您將學習使用不可或缺的Kali Linux工具包從事Windows環境攻擊的高級技術。我們將介紹核心網絡入侵概念和高級Windows利用技術,如堆棧和堆溢出、精確堆噴射和內核利用,並使用編碼原則來利用強大的Python腳本和shellcode。




- 了解使用Kali Linux的高級測試技術
- 從幕後了解Kali Linux工具和方法
- 看到如何在高級水平上使用Kali Linux
- 理解Windows內核驅動程序的利用
- 理解高級Windows概念和保護措施,以及如何使用Kali Linux繞過它們
- 通過編碼原則發現Windows利用技術,如堆棧和堆溢出以及內核利用


本書適合滲透測試人員、道德黑客以及在展示高級技能後進入滲透測試角色的人士。需要具備Windows利用、Kali Linux和一些Windows調試工具的先前經驗。


1. 繞過網絡訪問控制
2. 嗅探和欺騙
3. 網絡上的Windows密碼
4. 高級網絡攻擊
5. 密碼學和滲透測試人員
6. 使用Metasploit進行高級利用
7. 堆棧和堆:內存管理
8. Windows內核安全
9. Python武器化
10. Windows Shell編碼
11. 使用ROP繞過保護
12. 模糊測試技術
13. 超越立足點
14. 將PowerShell提升到更高級別
15. 提升特權
16. 維持訪問權限
17. 提示和技巧
18. 評估