Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Kali Linux Web Penetration Testing Cookbook Identify, exploit, and prevent web application vulnerabilities with Kali Linux 2018.x

Product type Paperback

Published in Aug 2018

Publisher Packt

ISBN-13 9781788991513

Length 404 pages

Edition 2nd Edition

Languages

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Gilberto Najera-Gutierrez

View More author details

Table of Contents (12) Chapters

Preface

1. Setting Up Kali Linux and the Testing Lab FREE CHAPTER

2. Reconnaissance

3. Using Proxies, Crawlers, and Spiders

4. Testing Authentication and Session Management

5. Cross-Site Scripting and Client-Side Attacks

6. Exploiting Injection Vulnerabilities

7. Exploiting Platform Vulnerabilities

8. Using Automated Scanners

9. Bypassing Basic Security Controls

10. Mitigation of OWASP Top 10 Vulnerabilities

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Scanning with Skipfish

Skipfish (https://code.google.com/archive/p/skipfish/) was created by Google and released to the public in 2010; it is described by its creators as an active web application security reconnaissance tool, is included by default in Kali Linux, and it does more than pure reconnaissance. It is a complete vulnerability scanner. Some of its highlights are:

High speed: It can reach more than 400 requests per second and claims to be able to reach more than 2000 in high speed LAN
Its command-line options are straightforward and easy to use
It can detect a wide range of issues, from directory listing and other information disclosure vulnerabilities to different types of SQL and XML injection

In this recipe, we will look at a simple example of how to use Skipfish and check its results.

...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Gilberto Najera-Gutierrez

Gilberto Najera-Gutierrez is an experienced penetration tester currently working for one of the top security testing service providers in Australia. He obtained leading security and penetration testing certifications, namely Offensive Security Certified Professional (OSCP), EC-Council Certified Security Administrator (ECSA), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN).

See other products by Gilberto Najera-Gutierrez