Kali Linux

8.

The Kali Linux Toolkit: Database Assessment

8.1.

Database Discovery and Enumeration

8.1.1.

Network-Based Discovery

8.1.1.1.

Port Scanning for Database Services

8.1.1.2.

Service Banner Analysis

8.1.1.3.

Default Port Identification

8.1.2.

Database Service Enumeration

8.1.2.1.

MySQL Enumeration

8.1.2.2.

PostgreSQL Enumeration

8.1.2.3.

Microsoft SQL Server Enumeration

8.1.2.4.

Oracle Database Enumeration

8.1.2.5.

MongoDB Enumeration

8.2.

SQL Injection Assessment

8.2.1.

Automated SQL Injection Testing

8.2.1.1.

8.2.1.1.1.

Database Management System Detection

8.2.1.1.2.

Injection Technique Selection

8.2.1.1.3.

Data Extraction Methods

8.2.1.1.4.

Advanced Exploitation Features

8.2.1.1.5.

8.2.1.1.6.

Custom Payloads

8.2.2.

Manual SQL Injection Testing

8.2.2.1.

Union-Based Injection

8.2.2.2.

Boolean-Based Blind Injection

8.2.2.3.

Time-Based Blind Injection

8.2.2.4.

Error-Based Injection

8.2.2.5.

Second-Order Injection

8.3.

Database-Specific Assessment Tools

8.3.1.

MySQL Assessment

8.3.1.1.

8.3.1.2.

MySQL Configuration Analysis

8.3.1.3.

Privilege Escalation Testing

8.3.2.

PostgreSQL Assessment

8.3.2.1.

postgresql-audit

8.3.2.2.

PostgreSQL Security Configuration

8.3.3.

Oracle Database Assessment

8.3.3.1.

8.3.3.2.

8.3.3.3.

Oracle TNS Listener Testing

8.3.3.4.

Oracle SID Discovery

8.3.4.

Microsoft SQL Server Assessment

8.3.4.1.

SQL Server Configuration Review

8.3.4.2.

xp_cmdshell Testing

8.3.5.

NoSQL Database Assessment

8.3.5.1.

MongoDB Assessment

8.3.5.1.1.

8.3.5.1.2.

MongoDB Configuration Review

8.3.5.2.

CouchDB Assessment

8.3.5.3.

Redis Assessment

8.4.

Database Configuration Analysis

8.4.1.

Default Credentials Testing

8.4.2.

Privilege Analysis

8.4.3.

Configuration Hardening Assessment

8.4.4.

Backup and Recovery Analysis

8.5.

Database Attack Techniques

8.5.1.

Privilege Escalation

8.5.2.

Data Exfiltration

8.5.3.

Database Backdoors

8.5.4.

Stored Procedure Abuse

Previous

7. The Kali Linux Toolkit: Web Application Analysis

Go to top

Next

9. The Kali Linux Toolkit: Password Attacks