-
Kali Linux web penetration testing cookbook:over 80 recipes on how to identify, exploit, and test web application security with Kali Linux 2
- 點閱:10
- 作者: Gilberto Nájera-Gutiérrez
- 出版社:Packt Publishing Ltd.
- 出版年:2016
- ISBN:9781784392918; 9781784390853
- 格式:EPUB 流式,PDF,JPG
Nowadays, information security is a hot topic all over the news and the Internet; we hear almost every day about web page defacements, data leaks of millions of user accounts and passwords or credit card numbers from websites, and identity theft on social networks;
terms such as cyber attack, cybercrime, hacker, and even cyberwar are becoming a part of the daily lexicon in the media.
All this exposition to information security subjects and the real need to protect sensitive data and their reputation have made organizations more aware of the need to know where their systems are vulnerable; especially, for the ones that are accessible to the world through
the Internet, how could they be attacked, and what will be the consequences, in terms of information lost or system compromise if an attack was successful. And more importantly, how to fix those vulnerabilities and minimize the risk.
This task of detecting vulnerabilities and discovering their impact on organizations is the one that is addressed through penetration testing. A penetration test is an attack or attacks made by a trained security professional who is using the same techniques and tools that real hackers use in order to discover all the possible weak spots in the organization's systems.
These weak spots are exploited and their impact is measured. When the test is finished, the penetration tester informs all their findings and tells how they can be fixed to prevent future damage.
In this book, we follow the whole path of a web application penetration test and, in the form of easy-to-follow, step-by-step recipes, show how the ulnerabilities in web applications and web servers can be discovered, exploited, and fixed.
- Preface
- Chapter 1: Setting Up Kali Linux
- Introduction
- Updating and upgrading Kali Linux
- Installing and running OWASP Mantra
- Setting up the Iceweasel browser
- Installing VirtualBox
- Creating a vulnerable virtual machine
- Creating a client virtual machine
- Configuring virtual machines for correct communication
- Getting to know web applications on a vulnerable VM
- Chapter 2: Reconnaissance
- Introduction
- Scanning and identifying services with Nmap
- Identifying a web application firewall
- Watching the source code
- Using Firebug to analyze and alter basic behavior
- Obtaining and modifying cookies
- Taking advantage of robots.txt
- Finding files and folders with DirBuster
- Password profiling with CeWL
- Using John the Ripper to generate a dictionary
- Finding files and folders with ZAP
- Chapter 3: Crawlers and Spiders
- Introduction
- Downloading a page for offline analysis with Wget
- Downloading the page for offline analysis with HTTrack
- Using ZAP's spider
- Using Burp Suite to crawl a website
- Repeating requests with Burp's repeater
- Using WebScarab
- Identifying relevant files and directories from crawling results
- Chapter 4: Finding Vulnerabilities
- Introduction
- Using Hackbar add-on to ease parameter probing
- Using Tamper Data add-on to intercept and modify requests
- Using ZAP to view and alter requests
- Using Burp Suite to view and alter requests
- Identifying cross-site scripting (XSS) vulnerabilities
- Identifying error based SQL injection
- Identifying a blind SQL Injection
- Identifying vulnerabilities in cookies
- Obtaining SSL and TLS information with SSLScan
- Looking for file inclusions
- Identifying POODLE vulnerability
- Chapter 5: Automated Scanners
- Introduction
- Scanning with Nikto
- Finding vulnerabilities with Wapiti
- Using OWASP ZAP to scan for vulnerabilities
- Scanning with w3af
- Using Vega scanner
- Finding Web vulnerabilities with Metasploit's Wmap
- Chapter 6: Exploitation – Low Hanging Fruits
- Introduction
- Abusing file inclusions and uploads
- Exploiting OS Command Injections
- Exploiting an XML External Entity Injection
- Brute-forcing passwords with THC-Hydra
- Dictionary attacks on login pages with Burp Suite
- Obtaining session cookies through XSS
- Step by step basic SQL Injection
- Finding and exploiting SQL Injections with SQLMap
- Attacking Tomcat's passwords with Metasploit
- Using Tomcat Manager to execute code
- Chapter 7: Advanced Exploitation
- Introduction
- Searching Exploit-DB for a web server's vulnerabilities
- Exploiting Heartbleed vulnerability
- Exploiting XSS with BeEF
- Exploiting a Blind SQLi
- Using SQLMap to get database information
- Performing a cross-site request forgery attack
- Executing commands with Shellshock
- Cracking password hashes with John the Ripper by using a dictionary
- Cracking password hashes by brute force using oclHashcat/cudaHashcat
- Chapter 8: Man in the Middle Attacks
- Introduction
- Setting up a spoofing attack with Ettercap
- Being the MITM and capturing traffic with Wireshark
- Modifying data between the server and the client
- Setting up an SSL MITM attack
- Obtaining SSL data with SSLsplit
- Performing DNS spoofing and redirecting traffic
- Chapter 9: Client-Side Attacks and Social Engineering
- Introduction
- Creating a password harvester with SET
- Using previously saved pages to create a phishing site
- Creating a reverse shell with Metasploit and capturing its connections
- Using Metasploit's browser_autpwn2 to attack a client
- Attacking with BeEF
- Tricking the user to go to our fake site
- Chapter 10: Mitigation of OWASP Top 10
- Introduction
- A1 – Preventing injection attacks
- A2 – Building proper authentication and session management
- A3 – Preventing cross-site scripting
- A4 – Preventing Insecure Direct Object References
- A5 – Basic security configuration guide
- A6 – Protecting sensitive data
- A7 – Ensuring function level access control
- A8 – Preventing CSRF
- A9 – Where to look for known vulnerabilities on third-party components
- A10 – Redirect validation
- Index