You're reading from Hands-On Ethical Hacking Tactics Strategies, tools, and techniques for effective cyber defense

Product type Paperback

Published in May 2024

Publisher Packt

ISBN-13 9781801810081

Length 464 pages

Edition 1st Edition

Concepts

Ethical Hacking

Author (1):

Shane Hartman

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1:Information Gathering and Reconnaissance

2. Chapter 1: Ethical Hacking Concepts FREE CHAPTER

3. Chapter 2: Ethical Hacking Footprinting and Reconnaissance

4. Chapter 3: Ethical Hacking Scanning and Enumeration

5. Chapter 4: Ethical Hacking Vulnerability Assessments and Threat Modeling

6. Part 2:Hacking Tools and Techniques

7. Chapter 5: Hacking the Windows Operating System

8. Chapter 6: Hacking the Linux Operating System

9. Chapter 7: Ethical Hacking of Web Servers

10. Chapter 8: Hacking Databases

11. Chapter 9: Ethical Hacking Protocol Review

12. Chapter 10: Ethical Hacking for Malware Analysis

13. Part 3:Defense, Social Engineering, IoT, and Cloud

14. Chapter 11: Incident Response and Threat Hunting

15. Chapter 12: Social Engineering

16. Chapter 13: Ethical Hacking of the Internet of Things

17. Chapter 14: Ethical Hacking in the Cloud

18. Index

Why subscribe?

19. Other Books You May Enjoy

Web server authentication

There are many ways to authenticate web services, and the failure of some of them has presented some painful lessons on how not to implement authentication, such as the Yahoo breach in 2017 where usernames and passwords were stored on servers in clear text. There was also the Twitter breach of 2018, where a misconfiguration stored unmasked passwords in an internal log, making all user passwords accessible and viewable on their network. Or the Ashley Madison breach of 2015, where account passwords on the live site were hashed using a weak algorithm, and a security researcher used the Hashcat password recovery tool with a dictionary based on RockYou passwords, finding approximately 4,000 passwords. These are just a couple of stories of data breaches related to bad password management and security. Now, let’s take a look at some of the most common authentication methods currently in use for web services.