0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Kali Linux Web Penetration Testing Cookbook

You're reading from Kali Linux Web Penetration Testing Cookbook Identify, exploit, and prevent web application vulnerabilities with Kali Linux 2018.x

Product type Paperback

Published in Aug 2018

Publisher Packt

ISBN-13 9781788991513

Length 404 pages

Edition 2nd Edition

Languages

C

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Gilberto Najera-Gutierrez

View More author details

Table of Contents (12) Chapters

Preface

1. Setting Up Kali Linux and the Testing Lab FREE CHAPTER

2. Reconnaissance

3. Using Proxies, Crawlers, and Spiders

4. Testing Authentication and Session Management

5. Cross-Site Scripting and Client-Side Attacks

6. Exploiting Injection Vulnerabilities

7. Exploiting Platform Vulnerabilities

8. Using Automated Scanners

9. Bypassing Basic Security Controls

10. Mitigation of OWASP Top 10 Vulnerabilities

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using WebScarab

WebScarab is another web proxy full of features that may be interesting to penetration testers. In this recipe, we will use it to spider a website.

Getting ready

In its default configuration, WebScarab uses port 8008 to capture HTTP requests, so we need to configure our browser to use that port in the localhost as a proxy. We follow steps similar to those of the OWASP ZAP and Burp Suite configurations in the browser; in this case the port must be 8008.

How to do it...

WebScarab can be found in Kali's Applications menu; go to 03 - Web Application Analysis...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Gilberto Najera-Gutierrez

Gilberto Najera-Gutierrez

Gilberto Najera-Gutierrez is an experienced penetration tester currently working for one of the top security testing service providers in Australia. He obtained leading security and penetration testing certifications, namely Offensive Security Certified Professional (OSCP), EC-Council Certified Security Administrator (ECSA), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN).

See other products by Gilberto Najera-Gutierrez

Other recommended products

Related to this chapter

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

This book covers everything you need to set up a Kali Linux lab, the latest generation of the BackTrack Linux penetration testing and security auditing Linux distribution. Learn how to use the hundred tools Kali Linux has so you can manage security tasks such as penetration testing, forensics, and reverse engineering.

Feb 2018 14h 12m

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

This book covers everything you need to set up a Kali Linux lab, the latest generation of the BackTrack Linux penetration testing and security auditing Linux distribution. Learn how to use the hundred tools Kali Linux has so you can manage security tasks such as penetration testing, forensics, and reverse engineering.

Feb 2018 14h 12m

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

This book covers everything you need to set up a Kali Linux lab, the latest generation of the BackTrack Linux penetration testing and security auditing Linux distribution. Learn how to use the hundred tools Kali Linux has so you can manage security tasks such as penetration testing, forensics, and reverse engineering.

Feb 2018 14h 12m

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

This book covers everything you need to set up a Kali Linux lab, the latest generation of the BackTrack Linux penetration testing and security auditing Linux distribution. Learn how to use the hundred tools Kali Linux has so you can manage security tasks such as penetration testing, forensics, and reverse engineering.

Feb 2018 14h 12m

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

This book covers everything you need to set up a Kali Linux lab, the latest generation of the BackTrack Linux penetration testing and security auditing Linux distribution. Learn how to use the hundred tools Kali Linux has so you can manage security tasks such as penetration testing, forensics, and reverse engineering.

Feb 2018 14h 12m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Burp Suite Cookbook

Burp Suite Cookbook

The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.

Sep 2018 11h 56m

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m