Penetration Testing with BackBox

Book Image

Penetration Testing with BackBox

By : Stefan Umit Uygur

Book Image

Penetration Testing with BackBox

By: Stefan Umit Uygur

Overview of this book

Penetration Testing with BackBox

Penetration Testing with BackBox

Credits

About the Author

About the Author

About the Reviewers

About the Reviewers

www.PacktPub.com

www.PacktPub.com

Preface

Free Chapter

Starting Out with BackBox Linux

Starting Out with BackBox Linux

A flexible penetration testing distribution

The organization of tools in BackBox

Completeness, accuracy, and support

Links and contacts

Information Gathering

Information Gathering

Starting with an unknown system

Proceeding with a known system

Vulnerability Assessment and Management

Vulnerability Assessment and Management

Vulnerability scanning

False positives

Exploitations

Exploitation of a SQL injection on a database

Exploiting web applications with W3af

Eavesdropping and Privilege Escalation

Eavesdropping and Privilege Escalation

Sniffing encrypted SSL/TLS traffic

Password cracking

Maintaining Access

Maintaining Access

Backdoor Weevely

Penetration Testing Methodologies with BackBox

Penetration Testing Methodologies with BackBox

Information gathering

Documentation and Reporting

Documentation and Reporting

MagicTree – the auditing productivity tool

Index

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Summary

We have tried to explore the amazing tool named Weevely in this chapter by using it practically in a real web server environment. By just listing the modules/options offered by Weevely, we can only imagine what this tool is capable of. We will leave it to the users to try/test and perform the full functionality of this tool (knowing now how easy the usage is). Well, this is all for now; let's go to the next chapter where we will run a full penetration test case by going through all the previous chapters.