Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Hands-On Penetration Testing with Python Enhance your ethical hacking skills to build automated and intelligent systems

Product type Paperback

Published in Jan 2019

Publisher Packt

ISBN-13 9781788990820

Length 502 pages

Edition 1st Edition

Languages

Python

Concepts

Ethical Hacking

Author (1):

Furqan Khan

View More author details

Table of Contents (18) Chapters

Preface

1. Introduction to Python

2. Building Python Scripts FREE CHAPTER

3. Concept Handling

4. Advanced Python Modules

5. Vulnerability Scanner Python - Part 1

6. Vulnerability Scanner Python - Part 2

7. Machine Learning and Cybersecurity

8. Automating Web Application Scanning - Part 1

9. Automated Web Application Scanning - Part 2

10. Building a Custom Crawler

11. Reverse Engineering Linux Applications

12. Reverse Engineering Windows Applications

13. Exploit Development

14. Cyber Threat Intelligence

15. Other Wonders of Python

16. Assessments

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

CSRF

CSRF is an attack with the help of which an attacker exploits a valid user session in a manner that allows certain actions to be performed on the behalf of currently logged-in user. For example, let's say an admin user is logged into the application and has a valid session cookie set at the browser. There is an option for the admin to delete all users from website by clicking the delete all button, which internally invokes the HTTP request http://www.mysite.com/delete?users=all. One of the properties of the web browser to send the session parameters/cookies to the server for every subsequent request after the user has logged in to the application. This can be exploited by the attacker by crafting a fake page that has an HTML image, such as <img src"http://www.mysite.com/delete?users=all" style="display:hidden">. The attacker can send the link...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Furqan Khan

Furqan Khan is a security researcher who loves to innovate in Python, pentesting, ML, AI, and big data ecosystems. With a gold medal at both M.Tech and B.Tech, he started off as a research scientist at NITK, where he developed a web app scanner for the Ministry of IT (India). He then worked as a security researcher with Paladion Networks and Wipro Dubai exploring pentesting/exploitation space where he developed tools such as vulnerability scanner and a threat intelligence platform. Currently, he is working with Du-Telecom Dubai as a pentesting manager. He has published and co-authored white papers and journals with Springer and Elsevier, and has also presented his research and development work at international conferences, including CoCon.

See other products by Furqan Khan