Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Mastering Kali Linux for Web Penetration Testing The ultimate defense against complex organized threats and attacks

Product type Paperback

Published in Jun 2017

Publisher Packt

ISBN-13 9781784395070

Length 338 pages

Edition 1st Edition

Languages

Java

Tools

Kali Linux

Concepts

Penetration Testing

Author (1):

Michael McPhee

View More author details

Table of Contents (13) Chapters

Preface

1. Common Web Applications and Architectures FREE CHAPTER

2. Guidelines for Preparation and Testing

3. Stalking Prey Through Target Recon

4. Scanning for Vulnerabilities with Arachni

5. Proxy Operations with OWASP ZAP and Burp Suite

6. Infiltrating Sessions via Cross-Site Scripting

7. Injection and Overflow Testing

8. Exploiting Trust Through Cryptography Testing

9. Stress Testing Authentication and Session Management

10. Launching Client-Side Attacks

11. Breaking the Application Logic

12. Educating the Customer and Finishing Up

Bringing best practices

One of the best parts of being involved in cyber security, offensive in particular, is that we get to bring experience and know-how from our training and past body of work. All the blood, sweat, and tears aren't for naught; those scars actually will come in handy. Our test's sponsors are in a tough spot. Working in the target environment, they don't often have the perspective that comes with seeing environments across verticals, architecture types, and sizes. Their staff, in many cases, will not have current training in application security that can help them keep up with the trends and upcoming threats.

So now, for the fun part, we need to maintain our certifications, continually refresh our knowledge base, and find ways to bring lessons learned from earlier engagements. Conferences through SANS, ISSA, OWASP, and others are well worth attending...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

McPhee

Michael McPhee is a systems engineer at Cisco in New York, where he has worked for the last 4 years and has focused on cyber security, switching, and routing. Mikes current role sees him consulting on security and network infrastructures, and he frequently runs clinics and delivers training to help get his customers up to speed. Suffering from a learning addiction, Mike has obtained the following certifications along the way: CEH, CCIE R&S, CCIE Security, CCIP, CCDP, ITILv3, and the Cisco Security White Belt. He is currently working on his VCP6-DV certification, following his kids to soccer games and tournaments, traveling with his wife and kids to as many places as possible, and scouting out his future all-grain beer home brewing rig. He also spends considerable time breaking his home network (for science!), much to the family's dismay. Prior to joining Cisco, Mike spent 6 years in the U.S. Navy and another 10 working on communications systems as a systems engineer and architect for defense contractors, where he helped propose, design, and develop secure command and control networks and electronic warfare systems for the US DoD and NATO allies. Prior publication: Penetration Testing with the Raspberry Pi Second Edition (with Jason Beltrame), Packt Publishing, November 2016.

See other products by McPhee