Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kali Linux Web Penetration Testing Cookbook

You're reading from   Kali Linux Web Penetration Testing Cookbook Over 80 recipes on how to identify, exploit, and test web application security with Kali Linux 2

Arrow left icon
Product type Paperback
Published in Feb 2016
Publisher
ISBN-13 9781784392918
Length 296 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Gilberto Najera-Gutierrez Gilberto Najera-Gutierrez
Author Profile Icon Gilberto Najera-Gutierrez
Gilberto Najera-Gutierrez
Arrow right icon
View More author details
Toc

Table of Contents (12) Chapters Close

Preface 1. Setting Up Kali Linux FREE CHAPTER 2. Reconnaissance 3. Crawlers and Spiders 4. Finding Vulnerabilities 5. Automated Scanners 6. Exploitation – Low Hanging Fruits 7. Advanced Exploitation 8. Man in the Middle Attacks 9. Client-Side Attacks and Social Engineering 10. Mitigation of OWASP Top 10 Index

Creating a client virtual machine

When we get to the man in the middle (MITM) and client-side attacks, we will need another machine to make requests to the already set up server. In this recipe, we will download a Microsoft Windows virtual machine and import it to VirtualBox.

How to do it...

  1. First we need to go to the download site http://dev.modern.ie/tools/vms/#downloads.
  2. Through this book we will use the IE8 on Win7 virtual machine.
    How to do it...
  3. After the file is downloaded, we need to unzip it. Go to where it was downloaded.
  4. Right-click on it and then click on Extract Here.
  5. Once extracted, open the .ova file and import it in VirtualBox.
    How to do it...
  6. Now, start the virtual machine (named IE8 - Win7) and we will have our client ready:
    How to do it...

How it works...

Microsoft provides these virtual machines for developers to test their applications with the help of different versions of Windows and Internet Explorer with a free license limited to 30 days, which is enough for us to practice.

As penetration testers, it is important to be aware that real-world applications can be multiplatform and that users of those applications may have a lot of different systems and web browsers to communicate with them; knowing this, we should be prepared to perform successful tests with any of the client-server infrastructure combinations.

See also

As for server and client virtual machines, if you are not comfortable using an already built configuration, you can always build and configure your own virtual machines. Here is some information about how to do it: https://www.virtualbox.org/manual/.

You have been reading a chapter from
Kali Linux Web Penetration Testing Cookbook
Published in: Feb 2016
Publisher:
ISBN-13: 9781784392918
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at R$50/month. Cancel anytime