Chapter 1, Common Web Applications and Architectures, reviews some common web application architectures and hosting paradigms to help us identify the potential weaknesses and select the appropriate test plan.
Chapter 2, Guidelines for Preparation and Testing, helps us understand the many sources of requirements for our testing (ethical, legal, and regulatory) and how to select the appropriate testing methodology for a scenario or customer.
Chapter 3, Stalking Prey Through Target Recon, introduces open source intelligence gathering and passive recon methods to help map out a target and its attack surface.
Chapter 4, Scanning for Vulnerabilities with Arachni, discusses one of the purpose-built vulnerability scanners included in Kali that can help us conduct scans of even the largest applications and build fantastic reports.
Chapter 5, Proxy Operations with OWASP ZAP and Burp Suite, dives into proxy-based tools to show how they can not only actively scan, but passively intercept and manipulate messages to exploit many vulnerabilities.
Chapter 6, Infiltrating Sessions via Cross-Site Scripting, explores how we can test and implement Cross Site Scripting (XSS) to both compromise the client and manipulate the information flows for other attacks. Tools such as BeEF, XSSer, Websploit, and Metasploit are discussed in this chapter.
Chapter 7, Injection and Overflow Testing, looks into how we can test for various forms of unvalidated input (for example, SQL, XML, LDAP, and HTTP) that have the potential to reveal inappropriate information, escalate privileges, or otherwise damage an application's servers or modules. We'll see how Commix, BBQSQL, SQLMap, SQLninja, and SQLsus can help.
Chapter 8, Exploiting Trust Through Cryptography Testing, helps us see how we can tackle testing the strength that encryption applications may be using to protect the integrity and privacy of their communications with clients. Our tools of interest will be SSLstrip, SSLScan, SSLsplit, SSLyze, and SSLsniff.
Chapter 9, Stress Testing Authentication and Session Management, tackles the testing of various vulnerabilities and schemes focused on how web apps determine who is who and what they are entitled to see or access. Burp will be the primary tool of interest.
Chapter 10, Launching Client-Side Attacks, focuses on how to test for vulnerabilities (CSRF, DOM-XSS, and so on) that allow attackers to actually compromise a client and either steal its information or alter its behavior, as the earlier chapters dealt with how to test the servers and applications themselves. JavaScript and other forms of implant will be the focus.
Chapter 11, Breaking the Application Logic, explains how to test for a variety of flaws in the business logic of an application. Important as it is, it requires significant understanding of what the app is intending and how it is implemented.
Chapter 12, Educating the Customer and Finishing Up, wraps up the book with a look at providing useful and well-organized guidance and insights to the customer. This chapter also looks at complementary or alternate toolsets worth a look.
