Book Image

Penetration Testing with Perl

By : Douglas Berdeaux
Book Image

Penetration Testing with Perl

By: Douglas Berdeaux

Overview of this book

<p>This guide will teach you the fundamentals of penetration testing with Perl, providing an understanding of the mindset of a hacker. In the first few chapters, you will study how to utilize Perl with Linux and the regular expression syntax. After that, you will learn how to use Perl for WAN target analysis, and Internet and external footprinting. You will learn to use Perl for automated web application and site penetration testing. We also cover intelligence gathering techniques from data obtained from footprinting and simple file forensics with file metadata.</p> <p>By the end of this book, you will bring all of your code together into a simple graphical user interface penetration testing framework. Through this guide, you will have acquired the knowledge to apply Perl programming to any penetration testing phase and learn the importance of applying our technique in the methodology and context of the Penetration Testing Execution Standard.</p>

Related Content you might be interested in

Current Title:

Small book image
Penetration Testing with Perl
Douglas Berdeaux
Dec, 2014 | 332 pages
No titles found
Table of Contents (20 chapters)
Penetration Testing with Perl
Penetration Testing with Perl
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Perl Programming
Perl Programming
Files
Regular expressions
Perl string functions and operators
CPAN Perl modules
CPAN minus
Summary
2
Linux Terminal Output
Linux Terminal Output
Built-in bash commands
Input/output streams
Killing runaway forked processes
Summary
3
IEEE 802.3 Wired Network Mapping with Perl
IEEE 802.3 Wired Network Mapping with Perl
Footprinting
Internet footprinting
Common tools for scanning
Designing our own live host scanner
Summary
4
IEEE 802.3 Wired Network Manipulation with Perl
IEEE 802.3 Wired Network Manipulation with Perl
Packet capturing
MitM
Enabling packet forwarding
Network remapping with packet capture
Summary
5
IEEE 802.11 Wireless Protocol and Perl
IEEE 802.11 Wireless Protocol and Perl
802.11 terminologies and packet analysis
Linux wireless utilities
802.11 packet capturing with Perl
Writing an 802.11 protocol analyzer in Perl
Perl and Aircrack-ng
Summary
6
Open Source Intelligence
Open Source Intelligence
What's covered
Google dorks
E-mail address gathering
Domain Name Services
More intelligence
Summary
7
SQL Injection with Perl
SQL Injection with Perl
Web service discovery
SQL injection
MySQL post exploitation
Data-driven blind SQL injection
Time-based blind SQL injection
Summary
8
Other Web-based Attacks
Other Web-based Attacks
Cross-site scripting
File inclusion vulnerability discovery
Content management systems
Summary
9
Password Cracking
Password Cracking
Digital credential analysis
Cracking SHA1 and MD5
WPA2 passphrase cracking with Perl
Cracking ZIP file passwords
Summary
10
Metadata Forensics
Metadata Forensics
Metadata and Exif
Metadata extractor
Summary
11
Social Engineering with Perl
Social Engineering with Perl
Psychology
Perl Linux/Unix viruses
Spear phishing
Summary
12
Reporting
Reporting
Who is this for?
Documenting with Perl
Logging data to MySQL
HTML reporting
Summary
13
Perl/Tk
Perl/Tk
Event-driven programming
Explaining the Perl/Tk widgets
Widgets and the grid
The GUI host discovery tool
A tabbed GUI environment
Summary
Index
Index

About the Reviewers

Michael Scovetta is a senior program manager at Microsoft, where he advises engineering teams on secure software design and development practices. With nearly 20 years of professional experience in the field of information technology, Michael has held related positions at CBS, CA Technologies, UBS Financial Services, and Cigital. He created the open source static analyzer Yasca and is a Certified Information Systems Security Professional (CISSP).

Michael has a Bachelor of Science degree in Computer Science and Mathematics from Hofstra University and a Master of Science degree from Cornell University.

Michael can be contacted on LinkedIn at linkedin.com/in/scovetta.

Juan Miguel Vigo currently heads the IT operations for a nonprofit organization. Having been in the IT industry for 16 years, he has been employed in many small-sized companies, which were mainly related to B2B and also IBM. He has experience in diverse functions ranging from helpdesk to management.

In his initial years as a developer, he wrote two articles for a Spanish programming journal about webmail systems and web spiders. As an open source advocate, he has contributed to a few projects, including NetBeans (Java) and TWiki (Perl).

Juan became interested in security a few years ago and recently got his GIAC Web Application Penetration Tester certification. He is about to start pursuing the OSCP certification.

First, I would like to thank my family for their support (I love you!). I would also like to thank all the colleagues I met at each workplace I've been in (you made the work more fun!). Next, I would like to thank everybody at Packt Publishing (you're so charming!). Finally, I would like to thank all the open source community and nonprofit organizations who work to improve the Internet and the world we live in.

Previous Section
Next Chapter