Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Web Penetration Testing with Kali Linux

You're reading from   Web Penetration Testing with Kali Linux Explore the methods and tools of ethical hacking with Kali Linux

Arrow left icon
Product type Paperback
Published in Feb 2018
Publisher
ISBN-13 9781788623377
Length 426 pages
Edition 3rd Edition
Arrow right icon
Authors (3):
Arrow left icon
Juned Ahmed Ansari Juned Ahmed Ansari
Author Profile Icon Juned Ahmed Ansari
Juned Ahmed Ansari
Daniel W. Dieterle Daniel W. Dieterle
Author Profile Icon Daniel W. Dieterle
Daniel W. Dieterle
Gilberto Najera-Gutierrez Gilberto Najera-Gutierrez
Author Profile Icon Gilberto Najera-Gutierrez
Gilberto Najera-Gutierrez
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Introduction to Penetration Testing and Web Applications FREE CHAPTER 2. Setting Up Your Lab with Kali Linux 3. Reconnaissance and Profiling the Web Server 4. Authentication and Session Management Flaws 5. Detecting and Exploiting Injection-Based Flaws 6. Finding and Exploiting Cross-Site Scripting (XSS) Vulnerabilities 7. Cross-Site Request Forgery, Identification, and Exploitation 8. Attacking Flaws in Cryptographic Implementations 9. AJAX, HTML5, and Client-Side Attacks 10. Other Common Security Flaws in Web Applications 11. Using Automated Scanners on Web Applications 12. Other Books You May Enjoy

To get the most out of this book

To successfully take advantage of this book, the reader is recommended to have a basic understanding of the following topics:

  • Linux OS installation
  • Unix/Linux command-line usage
  • The HTML language
  • PHP web application programming
  • Python programming

The only hardware necessary is a personal computer, with an operation system capable of running VirtualBox or other virtualization software. As for specifications, the recommended setup is as follows:

  • Intel i5, i7, or a similar CPU
  • 500 GB on hard drive
  • 8 GB on RAM
  • An internet connection

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

  1. Log in or register at www.packtpub.com.
  2. Select the SUPPORT tab.
  3. Click on Code Downloads & Errata.
  4. Enter the name of the book in the Search box and follow the onscreen instructions.

Once the file is downloaded, make sure that you unzip or extract the folder using the latest version of:

  • WinRAR/7-Zip for Windows
  • Zipeg/iZip/UnRarX for Mac
  • 7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Web-Penetration-Testing-with-Kali-Linux-Third-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Many organizations might have applications that will be listening on a port that is not part of the nmap-services file."

A block of code is set as follows:

<?php 
  if(!empty($_GET['k'])) { 
    $file = fopen('keys.txt', 'a'); 
    fwrite($file, $_GET['k']); 
    fclose($file); 
  } 
?> 

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

<?php 
  if(!empty($_GET['k'])) { 
    $file = fopen('keys.txt', 'a'); 
    fwrite($file, $_GET['k']); 
    fclose($file); 
  } 
?> 

Any command-line input or output is written as follows:

python -m SimpleHttpServer 8000  

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "If you go to the Logs tab inside Current Browser, you will see that the hook registers everything the user does in the browser, from clicks and keystrokes to changes of windows or tabs."

Warnings or important notes appear like this.
Tips and tricks appear like this.
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime