Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Kali Linux for Advanced Penetration Testing, Second Edition Secure your network with Kali Linux – the ultimate white hat hackers' toolkit

Product type Paperback

Published in Jun 2017

Publisher Packt

ISBN-13 9781787120235

Length 510 pages

Edition 2nd Edition

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Vijay Kumar Velu

View More author details

Table of Contents (15) Chapters

Preface

1. Goal-Based Penetration Testing FREE CHAPTER

2. Open Source Intelligence and Passive Reconnaissance

3. Active Reconnaissance of External and Internal Networks

4. Vulnerability Assessment

5. Physical Security and Social Engineering

6. Wireless Attacks

7. Reconnaissance and Exploitation of Web-Based Applications

8. Attacking Remote Access

9. Client-Side Exploitation

10. Bypassing Security Controls

11. Exploitation

12. Action on the Objective

13. Privilege Escalation

14. Command and Control

The Cross-Site Scripting Framework (XSSF)

Cross-Site Scripting (XSS) vulnerabilities are the most reportedly exploitable vulnerabilities found in websites. It is estimated that they are caused due to lack of input data sanitization.

An XSS attack involves three parties: an attacker, a victim, and a vulnerable website or web application. The attack hinges on the fact that the vulnerable website has a script that returns user input in an HTML page without first sanitizing that input. This allows the attacker to input JavaScript code, which is executed by the victim's browser. As a result, it is possible to form links to the vulnerable site where one of the parameters consists of malicious JavaScript code. The JavaScript code will be executed by the victim's browser in the vulnerable website's context, granting the attacker access to the victim's cookies for the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Vijay Kumar Velu

Vijay Kumar Velu is a passionate information security practitioner, author, speaker, investor, and blogger. He has 16+ years of IT industry experience, is a licensed penetration tester and is specialized in providing technical solutions to diverse cyber problems, ranging from simple security configuration reviews to cyber threat intelligence. Vijay holds multiple security qualifications, including CEH, ECSA, and CHFI. He has authored a few books on penetration testing: Mastering Kali Linux for Advanced Penetration Testing – Second & Third Editions, and Mobile Application Penetration Testing. For the community, Vijay serves as the chair member of NCDRC, India. When not working, he enjoys playing music and doing charity work.

See other products by Vijay Kumar Velu