Mastering Kali Linux for Web Penetration Testing (eBook)

(Autor)

eBook Download: EPUB
2017
338 Seiten
Packt Publishing (Verlag)
978-1-78439-621-3 (ISBN)

Lese- und Medienproben

Mastering Kali Linux for Web Penetration Testing - Michael McPhee
Systemvoraussetzungen
45,59 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Master the art of exploiting advanced web penetration techniques with Kali Linux 2016.2

About This Book

  • Make the most out of advanced web pen-testing techniques using Kali Linux 2016.2
  • Explore how Stored (a.k.a. Persistent) XSS attacks work and how to take advantage of them
  • Learn to secure your application by performing advanced web based attacks.
  • Bypass internet security to traverse from the web to a private network.

Who This Book Is For

This book targets IT pen testers, security consultants, and ethical hackers who want to expand their knowledge and gain expertise on advanced web penetration techniques. Prior knowledge of penetration testing would be beneficial.

What You Will Learn

  • Establish a fully-featured sandbox for test rehearsal and risk-free investigation of applications
  • Enlist open-source information to get a head-start on enumerating account credentials, mapping potential dependencies, and discovering unintended backdoors and exposed information
  • Map, scan, and spider web applications using nmap/zenmap, nikto, arachni, webscarab, w3af, and NetCat for more accurate characterization
  • Proxy web transactions through tools such as Burp Suite, OWASP's ZAP tool, and Vega to uncover application weaknesses and manipulate responses
  • Deploy SQL injection, cross-site scripting, Java vulnerabilities, and overflow attacks using Burp Suite, websploit, and SQLMap to test application robustness
  • Evaluate and test identity, authentication, and authorization schemes and sniff out weak cryptography before the black hats do

In Detail

You will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess.

By the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.

Style and approach

An advanced-level guide filled with real-world examples that will help you take your web application's security to the next level by using Kali Linux 2016.2.


Master the art of exploiting advanced web penetration techniques with Kali Linux 2016.2About This BookMake the most out of advanced web pen-testing techniques using Kali Linux 2016.2Explore how Stored (a.k.a. Persistent) XSS attacks work and how to take advantage of themLearn to secure your application by performing advanced web based attacks.Bypass internet security to traverse from the web to a private network. Who This Book Is ForThis book targets IT pen testers, security consultants, and ethical hackers who want to expand their knowledge and gain expertise on advanced web penetration techniques. Prior knowledge of penetration testing would be beneficial.What You Will LearnEstablish a fully-featured sandbox for test rehearsal and risk-free investigation of applicationsEnlist open-source information to get a head-start on enumerating account credentials, mapping potential dependencies, and discovering unintended backdoors and exposed informationMap, scan, and spider web applications using nmap/zenmap, nikto, arachni, webscarab, w3af, and NetCat for more accurate characterizationProxy web transactions through tools such as Burp Suite, OWASP's ZAP tool, and Vega to uncover application weaknesses and manipulate responsesDeploy SQL injection, cross-site scripting, Java vulnerabilities, and overflow attacks using Burp Suite, websploit, and SQLMap to test application robustnessEvaluate and test identity, authentication, and authorization schemes and sniff out weak cryptography before the black hats doIn DetailYou will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess.By the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.Style and approachAn advanced-level guide filled with real-world examples that will help you take your web application's security to the next level by using Kali Linux 2016.2.
Erscheint lt. Verlag 28.6.2017
Sprache englisch
Themenwelt Mathematik / Informatik Informatik Web / Internet
ISBN-10 1-78439-621-4 / 1784396214
ISBN-13 978-1-78439-621-3 / 9781784396213
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Adobe DRM)
Größe: 33,8 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Handbuch für Ausbildung und Beruf

von Vivian Pein

eBook Download (2024)
Rheinwerk Computing (Verlag)
27,93