Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Learn Kali Linux 2019 Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark

Product type Paperback

Published in Nov 2019

Publisher

ISBN-13 9781789611809

Length 550 pages

Edition 1st Edition

Languages

C++

Tools

Kali Linux

Concepts

Penetration Testing

Authors (2):

Glen D. Singh

Joshua Crumbaugh

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Kali Linux Basics FREE CHAPTER

2. Introduction to Hacking

3. Setting Up Kali - Part 1

4. Setting Up Kali - Part 2

5. Getting Comfortable with Kali Linux 2019

6. Section 2: Reconnaissance

7. Passive Information Gathering

8. Active Information Gathering

9. Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019

10. Working with Vulnerability Scanners

11. Understanding Network Penetration Testing

12. Network Penetration Testing - Pre-Connection Attacks

13. Network Penetration Testing - Gaining Access

14. Network Penetration Testing - Post-Connection Attacks

15. Network Penetration Testing - Detection and Security

16. Client-Side Attacks - Social Engineering

17. Performing Website Penetration Testing

18. Website Penetration Testing - Gaining Access

19. Best Practices

20. Assessments

21. Other Books You May Enjoy

Leave a review - let other readers know what you think

Cross-Site Scripting vulnerabilities

As mentioned in the previous chapter, XSS allows an attacker to inject client-side scripts into web pages viewed by other users. Therefore, when an unsuspecting user visits a web page that contains the malicious scripts, the victim's browser will automatically execute these malicious scripts in the background.

In this section, we will cover how to discover various XSS vulnerabilities by looking at the following topics:

Understanding XSS
Discovering reflected XSS
Discovering stored XSS
Exploiting XSS – hooking vulnerable page visitors to BeEF

In the following section, we will learn what XSS is.

Understanding XSS

As mentioned in the previous chapter, XSS attacks are done by...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Joshua Crumbaugh

Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better ""human solution"" -- This led him to a passion in social engineering and better understanding ways to stop social engineering attacks

See other products by Joshua Crumbaugh

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh