Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kali Linux Web Penetration Testing Cookbook

You're reading from   Kali Linux Web Penetration Testing Cookbook Identify, exploit, and prevent web application vulnerabilities with Kali Linux 2018.x

Arrow left icon
Product type Paperback
Published in Aug 2018
Publisher Packt
ISBN-13 9781788991513
Length 404 pages
Edition 2nd Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Gilberto Najera-Gutierrez Gilberto Najera-Gutierrez
Author Profile Icon Gilberto Najera-Gutierrez
Gilberto Najera-Gutierrez
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Setting Up Kali Linux and the Testing Lab FREE CHAPTER 2. Reconnaissance 3. Using Proxies, Crawlers, and Spiders 4. Testing Authentication and Session Management 5. Cross-Site Scripting and Client-Side Attacks 6. Exploiting Injection Vulnerabilities 7. Exploiting Platform Vulnerabilities 8. Using Automated Scanners 9. Bypassing Basic Security Controls 10. Mitigation of OWASP Top 10 Vulnerabilities 11. Other Books You May Enjoy

What this book covers

Chapter 1, Setting up Kali Linux and the Testing Lab, takes the reader through the process of configuring and updating the system. The installation of virtualization software is also covered, including the configuration of the virtual machines that will compose our penetration testing lab.

Chapter 2, Reconnaissance, allows the reader to put into practice some information-gathering techniques in order to gain intelligence about the system to be tested, the software installed on it, and how the target web application is built.

Chapter 3, Using Proxies, Crawlers, and Spiders, guides the reader on how to use these tools, which are a must in every analysis of a web application, be it a functional one or a more security-focused one, such as a penetration test.

Chapter 4, Testing Authentication and Session Management, focuses on identifying and exploiting vulnerabilities commonly found in the mechanisms used by web applications to verify the identity of users and the authenticity of their actions.

Chapter 5, Cross-Site Scripting and Client-Side Attacks, introduces the reader to one of the most common and severe security flaws in web applications, Cross-Site Scripting, and other attacks that have other users as targets instead of the application itself.

Chapter 6, Exploiting Injection Vulnerabilities, covers several ways in which applications' functionalities may be abused to execute arbitrary code of different languages and systems, such as SQL and XML, among others, on the server side.

Chapter 7, Exploiting Platform Vulnerabilities, goes one step further in the analysis and exploitation of vulnerabilities by looking into the platform that supports the application. Vulnerabilities in the web server, operating systems, and development frameworks are covered in this chapter.

Chapter 8, Using Automated Scanners, covers a very important aspect of the discovery of vulnerabilities, the use of tools specially designed to automatically find security flaws in web applications: automated vulnerability scanners.

Chapter 9, Bypassing Basic Security Controls, moves on to the advanced topic of evasion and bypassing measures that are not properly implemented by developers when attempting to mitigate or fix vulnerabilities, leaving the application still open to attacks, although more complex ones.

Chapter 10, Mitigation of OWASP Top 10 Vulnerabilities, covers the topic of organizations hiring penetration testers to attack their servers and applications with the goal of knowing what's wrong in order to know what they should fix and how. The chapter covers that area of penetration testing by giving simple and direct guidelines on what to do to fix and prevent the most critical web application vulnerabilities according to Open Web Application Security Project (OWASP).

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image