Web Penetration Testing with Kali Linux(Second Edition)
Juned Ahmed Ansari更新时间:2021-07-30 10:26:52
最新章节:Index封面
版权页
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files eBooks discount offers and more
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Chapter 1. Introduction to Penetration Testing and Web Applications
Proactive security testing
Rules of engagement
The limitations of penetration testing
The need for testing web applications
Social engineering attacks
A web application overview for penetration testers
Summary
Chapter 2. Setting up Your Lab with Kali Linux
Kali Linux
Important tools in Kali Linux
Using Tor for penetration testing
Summary
Chapter 3. Reconnaissance and Profiling the Web Server
Reconnaissance
Scanning – probing the target
Summary
Chapter 4. Major Flaws in Web Applications
Information leakage
Authentication issues
Path traversal
Injection-based flaws
Cross-site scripting
Cross-site request forgery
Session-based flaws
File inclusion vulnerability
HTTP parameter pollution
HTTP response splitting
Summary
Chapter 5. Attacking the Server Using Injection-based Flaws
Command injection
SQL injection
Summary
Chapter 6. Exploiting Clients Using XSS and CSRF Flaws
The origin of cross-site scripting
An overview of cross-site scripting
Types of cross-site scripting
XSS and JavaScript – a deadly combination
Scanning for XSS flaws
Cross-site request forgery
Summary
Chapter 7. Attacking SSL-based Websites
Secure socket layer
Summary
Chapter 8. Exploiting the Client Using Attack Frameworks
Social engineering attacks
Social engineering toolkit
Spear-phishing attack
Website attack
Browser exploitation framework
Summary
Chapter 9. AJAX and Web Services – Security Issues
Introduction to AJAX
Web services
Summary
Chapter 10. Fuzzing Web Applications
Fuzzing basics
Types of fuzzing techniques
Summary
Index
更新时间:2021-07-30 10:26:52