Index
A
- AJAX
- about / Introduction to AJAX
- benefits / Introduction to AJAX
- building blocks / Building blocks of AJAX
- JavaScript / Building blocks of AJAX
- Dynamic HTML (DHTML) / Building blocks of AJAX
- Document Object Model (DOM) / Building blocks of AJAX
- workflow / The AJAX workflow
- security issues / AJAX security issues
- client-side code, analyzing / Analyzing client-side code – Firebug
- AJAX applications
- challenges of pentesting / Challenges of pentesting AJAX applications
- crawling / Crawling AJAX applications
- AJAX crawling tool (ACT)
- about / AJAX crawling tool
- download link / AJAX crawling tool
- starting / AJAX crawling tool
- AJAX engine / The AJAX workflow
- AJAX spider
- about / AJAX spider – OWASP ZAP
- Amap version scan
- about / The Amap version scan
- Amazon cloud
- Kali Linux, installing on / Kali Linux on Amazon cloud
- API key for Bing
- applications of fuzzing
- about / Applications of fuzzing
- network protocol fuzzing / Network protocol fuzzing
- file fuzzing / File fuzzing
- user interface fuzzing / User interface fuzzing
- web application fuzzing / Web application fuzzing
- web browser fuzzing / Web browser fuzzing
- application version fingerprinting
- about / Application version fingerprinting
- Nmap version scan / The Nmap version scan
- Amap version scan / The Amap version scan
- arbitrary code execution (ACE)
- about / Exploiting shellshock
- ARMEL / VMware and ARM images of Kali Linux
- ARMHF / VMware and ARM images of Kali Linux
- ARM images
- of Kali Linux / VMware and ARM images of Kali Linux
- asymmetric encryption
- asymmetric encryption algorithms
- Diffie-Hellman key exchange / Asymmetric encryption algorithms
- Rivest Shamir Adleman (RSA) / Asymmetric encryption algorithms
- Elliptic Curve Cryptography (ECC) / Asymmetric encryption algorithms
- attack potentials, of cross-site scripting attacks / Attack potential of cross-site scripting attacks
- attack types, Burp intruder
- Sniper / Fuzzing using Burp intruder
- Battering ram / Fuzzing using Burp intruder
- Pitchfork / Fuzzing using Burp intruder
- Cluster bomb / Fuzzing using Burp intruder
- authentication
- basic authentication / Basic authentication
- digest authentication / Digest authentication
- integrated authentication / Integrated authentication
- form-based authentication / Form-based authentication
- authentication flaws
- authentication issues
- about / Authentication issues
- authentication protocols
- auxiliary modules
- Dir_listing / Testing web servers using auxiliary modules in Metasploit
- Dir_scanner / Testing web servers using auxiliary modules in Metasploit
- Enum_wayback / Testing web servers using auxiliary modules in Metasploit
- Files_dir / Testing web servers using auxiliary modules in Metasploit
- http_login / Testing web servers using auxiliary modules in Metasploit
- robots_txt / Testing web servers using auxiliary modules in Metasploit
- webdav_scanner / Testing web servers using auxiliary modules in Metasploit
B
- basic authentication
- about / Basic authentication
- BBQSQL
- BeEF hook
- injecting, MITM used / Injecting the BeEF hook using MITM
- BeEF hook injection
- about / BeEF hook injection
- browser reconnaissance / Browser reconnaissance
- exploit modules / Exploit modules
- host information gathering / Host information gathering
- persistence module / Persistence module
- network recon / Network recon
- Inter-protocol exploitation and communication (IPEC) node / Inter-protocol exploitation and communication
- browser exploitation framework
- about / Browser exploitation framework
- browser exploitation framework (BeEF)
- about / Browser exploitation framework, Introducing BeEF
- hook injection / BeEF hook injection
- mutillidae XSS flaw, exploiting with / Exploiting the mutillidae XSS flaw using BeEF
- brute forcing credentials
- about / Brute forcing credentials
- building blocks, AJAX
- about / Building blocks of AJAX
- Burp intruder
- about / Fuzzing using Burp intruder
- used, for fuzzing / Fuzzing using Burp intruder
- setting up / Fuzzing using Burp intruder
- attack types / Fuzzing using Burp intruder
- burp proxy
- used, for attacking path traversal / Attacking path traversal using Burp proxy
- Burp proxy
- about / Burp proxy
- client interception, customizing / Customizing client interception
- requests, modifying / Modifying requests on the fly
- with SSL-based websites / Burp proxy with SSL-based websites
- Burp spider / The Burp spider
- Burp suite / Tools to analyze tokens
C
- CAPTCHA / Cross-site request forgery
- certificate authority (CA) / SSL encryption process
- CIA triad
- confidentiality / SSL in web applications
- message integrity / SSL in web applications
- availability / SSL in web applications
- CMS identification tools
- about / CMS identification tools
- Plecost / CMS identification tools
- Joomscan / CMS identification tools
- command injection
- about / Command injection, Command injection
- parameters, identifying to inject data / Identifying parameters to inject data
- error-based and blind command injection / Error-based and blind command injection
- metacharacters, for command separator / Metacharacters for command separator
- scanning / Scanning for command injection
- exploiting, Metasploit used / Exploiting command injection using Metasploit
- PHP shell and Metasploit / PHP shell and Metasploit
- shellshock, exploiting / Exploiting shellshock
- command injection, scanning for
- about / Scanning for command injection
- cookie file, creating for authentication / Creating a cookie file for authentication
- Wapiti, executing / Executing Wapiti
- commands, for meterpreter
- getsystem / Exploitation – Metasploit
- download / Exploitation – Metasploit
- hashdump / Exploitation – Metasploit
- sysinfo / Exploitation – Metasploit
- help / Exploitation – Metasploit
- cookie stealing / Cookie stealing
- credential harvester attack
- about / Credential harvester attack
- cross-site faxing (XSF) module / Inter-protocol exploitation and communication
- cross-site request forgery (CSRF)
- about / Cross-site request forgery
- attack dependencies / Attack dependencies
- attack methodology / Attack methodology
- mitigation techniques / CSRF mitigation techniques
- cross-site request forgery attack (CSRF)
- about / Cross-site request forgery
- cross-site scripting
- about / Cross-site scripting
- origin / The origin of cross-site scripting
- overview / An overview of cross-site scripting
- types / Types of cross-site scripting
- cross-site scripting (XSS) / The TRACE method
- cross-site scripting attacks
- attack potentials / Attack potential of cross-site scripting attacks
- Cross-site tracing (XST) attack / The TRACE method
- CSRF flaw
- testing for / Testing for CSRF flaws
- CVE-2014-6271
- about / Command injection
D
- damn vulnerable web application (DVWA)
- about / Scanning for command injection
- database exploitation / Database exploitation
- defence against, DOM-based XSS / Defence against DOM-based XSS
- different testing methodology
- about / Different testing methodologies
- ethical hacking / Ethical hacking
- penetration testing / Penetration testing
- vulnerability assessment / Vulnerability assessment
- security audit / Security audits
- digest authentication
- about / Digest authentication
- dirb
- about / Scanning – dirb
- DirBuster
- used, in directory browsing / Directory browsing using DirBuster
- directory browsing
- about / Directory browsing
- with DirBuster / Directory browsing using DirBuster
- comments, in HTML code / Comments in HTML code
- mitigation / Mitigation
- Document Object Model (DOM)
- about / Introduction to JavaScript
- DOM-based XSS
- about / DOM-based XSS
- example / DOM-based XSS
- defence against / Defence against DOM-based XSS
- Domain Internet Groper (dig) / Zone transfer using dig
- domain registration details, reconnaissance
- about / Domain registration details
- Whois / Whois – extracting domain information
- domain information, extracting / Whois – extracting domain information
E
- ethical hacking
- about / Ethical hacking
- evilattacker
F
- file fuzzing
- about / File fuzzing
- file inclusion vulnerability
- about / File inclusion vulnerability
- remote file include / Remote file include
- local file include / Local file include
- mitigation / Mitigation for file inclusion attacks
- Firebug
- about / Analyzing client-side code – Firebug
- URL / Analyzing client-side code – Firebug
- Script panel / The Script panel
- Console panel / The Console panel
- Network panel / The Network panel
- firewalls and IPS, evading with Nmap
- ACK scan / Evading firewalls and IPS using Nmap
- hardcoded source port, in firewall rules / Evading firewalls and IPS using Nmap
- custom packet size / Evading firewalls and IPS using Nmap
- custom MTU / Evading firewalls and IPS using Nmap
- MAC address spoofing / Evading firewalls and IPS using Nmap
- form-based authentication
- about / Form-based authentication
- fuzzdb
- reference / Fuzzing using Burp intruder
- fuzzer frameworks
- about / Fuzzer frameworks
- SPIKE / Fuzzer frameworks
- Peach / Fuzzer frameworks
- Sulley / Fuzzer frameworks
- fuzzing
- about / Fuzzing basics
- basics / Fuzzing basics
- advantages / Fuzzing basics
- disadvantages / Fuzzing basics
- types / Types of fuzzing techniques
- mutation fuzzing / Mutation fuzzing
- generation fuzzing / Generation fuzzing
- applications of fuzzing / Applications of fuzzing
- fuzzing input, in web applications
- about / Fuzzing input in web applications
- request URI / Request URI
- headers / Headers
- form fields / Form fields
- fuzzing steps
- about / Fuzzing steps
G
- generation-based fuzzers
- about / Generation fuzzing
- Geocoder and reverse geocoder / Reporting modules
- Gramm-Leach-Bliley Act (GLBA) / Sensitive data handling
H
- hacker
- about / Who is a hacker?
- hacking
- about / Who is a hacker?
- hard drive
- Kali Linux, installing on / Installing Kali Linux on a hard drive
- hashing functions
- about / Hashing for message integrity
- Health Insurance Portability and Accountability Act (HIPAA) / Sensitive data handling
- Hip Hop Virtual machine (HHVM) / The HTTP header
- hosts, identifying with DNS
- about / Identifying hosts using DNS
- zone transfer, using dig / Zone transfer using dig
- brute force DNS records, using Nmap / Brute force DNS records using Nmap
- HTTP error codes
- reference / Detecting result of fuzzing
- HTTP methods, for penetration testing
- GET method / The GET/POST method
- POST method / The GET/POST method
- HEAD method / The HEAD method
- TRACE method / The TRACE method
- PUT method / The PUT and DELETE methods
- DELETE method / The PUT and DELETE methods
- OPTIONS method / The OPTIONS method
- HTTP parameter pollution
- about / HTTP parameter pollution
- mitigation / Mitigation
- HTTP response splitting
- about / HTTP response splitting
- mitigation / Mitigation
- HTTP Strict Transport Security (HSTS) / SSL stripping limitations
- Hydra
I
- improvements, in Kali Linux 2.0
- continuous rolling updates / Improvements in Kali Linux 2.0
- frequent tool updates / Improvements in Kali Linux 2.0
- revamped desktop environment / Improvements in Kali Linux 2.0
- support, for various hardware platforms / Improvements in Kali Linux 2.0
- major tool changes / Improvements in Kali Linux 2.0
- information gathering, reconnaissance
- about / Reconnaissance – information gathering
- domain registration details / Domain registration details
- hosts, identifying with DNS / Identifying hosts using DNS
- Recon-ng tool / The Recon-ng tool – a framework for information gathering
- information leakage
- about / Information leakage
- injection-based flaws
- about / Injection-based flaws
- command injection / Command injection
- SQL injection / SQL injection
- installation, Kali Linux
- about / Installing Kali Linux
- on USB drive / USB mode
- on Amazon cloud / Kali Linux on Amazon cloud
- on hard drive / Installing Kali Linux on a hard drive
- integrated authentication
- about / Integrated authentication
- Internet Assigned Numbers Authority (IANA) / Application version fingerprinting
- IPInfoDB GeoIP / Reporting modules
J
- Java applet attack
- about / Java applet attack
- JavaScript
- about / Introduction to JavaScript
- JavaScript, in HTML code
- script tag / Introduction to JavaScript
- body tag / Introduction to JavaScript
- image tag / Introduction to JavaScript
- Joomscan
- about / CMS identification tools
K
- Kali Linux
- about / Kali Linux
- installing / Installing Kali Linux
- installing, on USB drive / USB mode
- URL, for downloading / USB mode
- installing, on Amazon cloud / Kali Linux on Amazon cloud
- installing, on hard drive / Installing Kali Linux on a hard drive
- virtualization, versus installation on physical hardware / Kali Linux-virtualizing versus installing on physical hardware
- tools / Important tools in Kali Linux
- Kali Linux 2.0
- improvements / Improvements in Kali Linux 2.0
- Kali Linux image, Amazon marketplace
- reference link / Kali Linux on Amazon cloud
- key logger / Key logger
L
- LinkedIn authenticated contact enumerator / Reporting modules
- Linux Unified Key Setup (LUKS)
- about / USB mode
- load balancers
- identifying / Identifying load balancers, Other ways of identifying load balancers
- cookie-based load balancer / Cookie-based load balancer
- load balancers, identifying
- SSL differences between servers, analyzing / Other ways of identifying load balancers
- different URL, redirecting to / Other ways of identifying load balancers
- DNS records, for load balancers / Other ways of identifying load balancers
- load balancer detector / Other ways of identifying load balancers
- web application firewall (WAF) / Other ways of identifying load balancers
- local file include / Local file include
M
- Mail exchanger (MX) / Zone transfer using dig
- man-in-the-middle attack (MITM) / Sniffing tokens and man-in-the-middle attacks
- man in the middle attack (MITM)
- about / SSL man-in-the-middle attack
- metasploit browser exploit
- about / Metasploit browser exploit
- meterpreter
- commands / Exploitation – Metasploit
- about / Exploitation – Metasploit
- modes, Zed Attack Proxy (ZAP)
- safe mode / Modes of operation
- protected mode / Modes of operation
- standard mode / Modes of operation
- multi-tier web application
- about / Multi-tier web application
- presentation layer / Multi-tier web application
- application layer / Multi-tier web application
- data access layer / Multi-tier web application
- mutation fuzzers
- about / Mutation fuzzing
- mutation fuzzing
- about / Mutation fuzzing
- Mutillidae
- reference link / Attacking path traversal using Burp proxy
- mutillidae
N
- netcat (nc) utility / The OPTIONS method
- Netcraft hostname enumerator / Reporting modules
- network protocol fuzzing
- about / Network protocol fuzzing
- Nikto
- Nmap version scan
- about / The Nmap version scan
O
- open source intelligence (OSINT) gathering / Reconnaissance – information gathering
- OpenSSL command-line tool
- about / OpenSSL command-line tool
- OpenVAS
- about / OpenVAS
- Open Web Application Security Project (OWASP)
- about / WebScarab and Zed Attack Proxy
- OWASP
- URL / Testing for CSRF flaws
- OWASP broken web applications
- reference link / Attacking path traversal using Burp proxy
- OWASP ZAP
- about / AJAX spider – OWASP ZAP
P
- passive reconnaissance
- versus active reconnaissance / Passive reconnaissance versus active reconnaissance
- path traversal
- about / Path traversal
- attacking, burp proxy used / Attacking path traversal using Burp proxy
- mitigation / Mitigation
- Payment Card Industry (PCI) / The need for testing web applications
- penetration testing / Proactive security testing
- about / Penetration testing
- limitations / The limitations of penetration testing
- Tor, using for / Using Tor for penetration testing
- persistent XSS
- about / Persistent XSS
- PHP shell
- about / PHP shell and Metasploit
- pinata-csrf-tool
- URL / Testing for CSRF flaws
- Plecost
- about / CMS identification tools
- plugins, w3af
- port scanning, using Nmap
- about / Port scanning using Nmap
- different options for port scan / Different options for port scan
- firewalls and IPS, evading with Nmap / Evading firewalls and IPS using Nmap
- firewall, spotting with back checksum option / Spotting a firewall using back checksum option in Nmap
- POST method
- used, for executing XSS / XSS using the POST Method
- PowerFuzzer
- about / PowerFuzzer tool
- prerequisites, for brute forcing login page
- host / Hydra – a brute force password cracker
- method / Hydra – a brute force password cracker
- URL / Hydra – a brute force password cracker
- form parameters / Hydra – a brute force password cracker
- failure response / Hydra – a brute force password cracker
- list of username / Hydra – a brute force password cracker
- password dictionary / Hydra – a brute force password cracker
- threads / Hydra – a brute force password cracker
- timeout period / Hydra – a brute force password cracker
- output file / Hydra – a brute force password cracker
- Privoxy
- setting up / Steps to set up Tor and connect anonymously
- proactive security testing
- about / Proactive security testing
- hacker / Who is a hacker?
- different testing methodology / Different testing methodologies
- ProxyStrike
- about / ProxyStrike
- Pushin modules
- about / Reporting modules
- Twitter geolocation search / Reporting modules
- Flickr geolocation search / Reporting modules
R
- Recon-ng tool
- about / The Recon-ng tool – a framework for information gathering
- domain enumeration / Domain enumeration using recon-ng
- top-level domain enumeration / Sub-level and top-level domain enumeration
- sub-level domain enumeration / Sub-level and top-level domain enumeration
- modules, reporting / Reporting modules
- reconnaissance
- about / Reconnaissance
- aim / Reconnaissance
- passive reconnaissance, versus active reconnaissance / Passive reconnaissance versus active reconnaissance
- information gathering / Reconnaissance – information gathering
- reconnaissance modules, in Recon-ng
- Netcraft hostname enumerator / Reporting modules
- SSL SAN lookup / Reporting modules
- LinkedIn authenticated contact enumerator / Reporting modules
- IPInfoDB GeoIP / Reporting modules
- Yahoo! hostname enumerator / Reporting modules
- Geocoder and reverse geocoder / Reporting modules
- Pushin modules / Reporting modules
- reflected XSS
- about / Reflected XSS
- reflected XSS flaw / Cross-site scripting
- Regional Internet Registrars (RIR) / Whois – extracting domain information
- remote file include / Remote file include
- request header / The request header
- response header / The response header
- REST
- about / Web services
- RESTful web services
- rules of engagement (RoE)
- about / Rules of engagement
- black box testing / Black box testing or Gray box testing
- gray box testing / Black box testing or Gray box testing
- client contact details / Client contact details
- client IT team notifications / Client IT team notifications
- sensitive data handling / Sensitive data handling
- status meeting / Status meeting
S
- scanning
- about / Scanning – probing the target
- target, probing / Scanning – probing the target
- port scanning, using Nmap / Port scanning using Nmap
- operating system, identifying with Nmap / Identifying the operating system using Nmap
- server, profiling / Profiling the server
- scanning, for XSS flaws
- about / Scanning for XSS flaws
- Zed Attack Proxy (ZAP) / Zed Attack Proxy
- xsser / Xsser, Features
- w3af / W3af
- second-level domains (SLDs) / Sub-level and top-level domain enumeration
- secure hashing algorithm (SHA)
- about / Hashing for message integrity
- secure socket layer (SSL)
- about / Secure socket layer
- in web applications / SSL in web applications
- encryption process / SSL encryption process
- asymmetric encryption, versus symmetric encryption / Asymmetric encryption versus symmetric encryption
- hashing, for message integrity / Hashing for message integrity
- weak SSL implementations, identifying / Identifying weak SSL implementations
- man in the middle attack (MITM) / SSL man-in-the-middle attack
- security audit
- about / Security audits
- security issues, AJAX
- about / AJAX security issues
- increase in attack surface / Increase in attack surface
- exposed programming logic of application / Exposed programming logic of the application
- insufficient access control / Insufficient access control
- sequencer / Tools to analyze tokens
- server, profiling
- about / Profiling the server
- application version fingerprinting / Application version fingerprinting
- web application framework, fingerprinting / Fingerprinting the web application framework
- virtual hosts, identifying / Identifying virtual hosts
- load balancers, identifying / Identifying load balancers
- web servers, scanning for vulnerabilities / Scanning web servers for vulnerabilities and misconfigurations
- web applications, spidering / Spidering web applications
- session-based flaws
- about / Session-based flaws
- session fixation attack
- about / Session fixation attack
- mitigation / Mitigation for session fixation
- session tokens
- sharing, between application and browser / Session token sharing between application and browser
- session tracking, using cookies
- about / Session tracking using cookies
- cookie / Cookie
- cookie flow between server and client / Cookie flow between server and client
- non-persistent cookies / Persistent and non-persistent cookies
- persistent cookies / Persistent and non-persistent cookies
- cookie parameters / Cookie parameters
- shellshock
- exploiting / Exploiting shellshock
- about / Exploiting shellshock
- overview / Overview of shellshock
- scanning, with dirb / Scanning – dirb
- exploiting, with Metasploit / Exploitation – Metasploit
- shellshock bug
- about / Command injection
- Skipfish
- about / Skipfish
- Skipfish web application scanner / Vulnerability scanning and graphical reports – the Skipfish web application scanner
- SOAP
- about / Introducing SOAP and RESTful web services
- advantages / Introducing SOAP and RESTful web services
- social engineering attacks
- about / Social engineering attacks, Social engineering attacks
- e-mail spoofing / Social engineering attacks
- telephone attacks / Social engineering attacks
- dumpster diving / Social engineering attacks
- malicious USB drives / Social engineering attacks
- employees, training to defeat / Training employees to defeat social engineering attacks
- phishing e-mails / Social engineering attacks
- adware and malware / Social engineering attacks
- phishing websites / Social engineering attacks
- social engineering toolkit (SET)
- about / Social engineering toolkit
- spear-phishing attack
- about / Spear-phishing attack
- Sprajax
- SQL injection
- about / SQL injection, SQL injection
- SQL statements / SQL statements
- flaw, manipulating / Attack potential of the SQL injection flaw
- error-handling / Blind SQL injection
- testing methodology / SQL injection testing methodology
- scanning for / Scanning for SQL injection
- information gathering / Information gathering
- exploitation, automating with sqlmap / Sqlmap – automating exploitation
- BBQSQL / BBQSQL – the blind SQL injection framework
- sqlsus / Sqlsus – MySQL injection
- sqlninja / Sqlninja – MS SQL injection
- sqlmap
- about / Sqlmap – automating exploitation
- features / Sqlmap – automating exploitation
- sqlninja
- about / Sqlninja – MS SQL injection
- features / Sqlninja – MS SQL injection
- SQL statements
- about / SQL statements
- UNION operator / The UNION operator
- SQL query example / The SQL query example
- sqlsus
- about / Sqlsus – MySQL injection
- SSL configuration
- testing, with Nmap / Testing SSL configuration using Nmap
- SSL MITM tools
- about / SSL MITM tools in Kali Linux
- SSLsplit / SSLsplit
- SSLstrip / SSLstrip
- SSL SAN lookup / Reporting modules
- SSLScan
- about / SSLScan
- SSL Server Test
- SSLsplit
- about / SSLsplit
- SSLstrip
- about / SSLstrip
- limitations / SSL stripping limitations
- SSLyze
- about / SSLyze
- stored XSS flaws / Cross-site scripting
- structured query language (SQL) / Multi-tier web application
- Sulley framework
- reference / Fuzzer frameworks
- symmetric encryption
- symmetric encryption algorithm
- about / Symmetric encryption algorithm
- block cipher / Symmetric encryption algorithm
- stream cipher / Symmetric encryption algorithm
- Data encryption Standard (DES) / Symmetric encryption algorithm
- Advance Encryption standard (AES) / Symmetric encryption algorithm
- International Data Encryption Algorithm (IDEA) / Symmetric encryption algorithm
- Rivest Cipher 4 (RC4) / Symmetric encryption algorithm
T
- tabnabbing attack
- about / Tabnabbing attack
- The Hacker's Choice (THC)
- about / The Amap version scan
- tokens, stealing
- ways / Different ways to steal tokens
- brute forcing tokens / Brute forcing tokens
- sniffing / Sniffing tokens and man-in-the-middle attacks
- man-in-the-middle attack (MITM) / Sniffing tokens and man-in-the-middle attacks
- XSS attack used / Stealing session tokens using XSS attack
- tools, for analyzing tokens / Tools to analyze tokens
- tools, Kali Linux
- about / Important tools in Kali Linux
- web application proxies / Web application proxies
- web vulnerability scanner / Web vulnerability scanner
- CMS identification tools / CMS identification tools
- web application fuzzers / Web application fuzzers
- top-level domains (TLDs) / Sub-level and top-level domain enumeration
- Tor
- using, for penetration testing / Using Tor for penetration testing
- setting up / Steps to set up Tor and connect anonymously
- used, for visualizing web request / Visualization of a web request through Tor
- overview / Final words for Tor
- types, cross-site scripting
- about / Types of cross-site scripting
- persistent XSS / Persistent XSS
- reflected XSS / Reflected XSS
- DOM-based XSS / DOM-based XSS
U
- USB drive
- Kali Linux, installing on / USB mode
- user interface fuzzing
- about / User interface fuzzing
V
- virtual hosts
- identifying / Identifying virtual hosts
- locating, with search engines / Locating virtual hosts using search engines
- lookup module, in Recon-ng / The virtual host lookup module in Recon-ng
- virtual private network (VPN) / Secure socket layer
- VMware images
- of Kali Linux / VMware and ARM images of Kali Linux
- vulnerability assessment
- about / Vulnerability assessment
- vulnerable bank application
- reference link / Cross-site request forgery
W
- w3af
- about / W3af
- plugins / Plugins
- graphical interface / Graphical interface
- weak SSL implementations
- identifying / Identifying weak SSL implementations
- identifying, with OpenSSL command-line tool / OpenSSL command-line tool
- identifying, with SSLScan / SSLScan
- identifying, with SSLyze / SSLyze
- Web application firewall (WAF) / Status meeting
- web application framework, fingerprinting
- about / Fingerprinting the web application framework
- HTTP header / The HTTP header
- Whatweb scanner / The Whatweb scanner
- web application fuzzers
- about / Web application fuzzers
- web application fuzzers, in Kali Linux
- web application fuzzing
- about / Web application fuzzing
- web application overview, for penetration testers
- about / A web application overview for penetration testers
- HTTP protocol / HTTP protocol
- response header / Request and response header, The response header
- request header / The request header
- HTTP methods / Important HTTP methods for penetration testing
- session tracking, using cookies / Session tracking using cookies
- HTML data, in HTTP response / HTML data in HTTP response
- multi-tier web application / Multi-tier web application
- web application proxies
- about / Web application proxies
- Burp proxy / Burp proxy
- WebScarab / WebScarab and Zed Attack Proxy
- Zed Access Proxy (ZAP) / WebScarab and Zed Attack Proxy
- ProxyStrike / ProxyStrike
- web applications
- testing / The need for testing web applications
- testing, fuzzing used / Testing web applications using fuzzing
- fuzzing input / Fuzzing input in web applications
- result of fuzzing, detecting / Detecting result of fuzzing
- web applications, spidering
- about / Spidering web applications
- Burp spider / The Burp spider
- application login / Application login
- web browser fuzzing
- about / Web browser fuzzing
- Web Crawler / Web Crawler – Dirbuster
- web jacking attack
- about / Web jacking attack
- web request
- visualizing, through Tor / Visualization of a web request through Tor
- WebScarab
- about / WebScarab and Zed Attack Proxy
- Webscarab / Tools to analyze tokens
- web servers, scanning
- about / Scanning web servers for vulnerabilities and misconfigurations
- HTTP methods, identifying with Nmap / Identifying HTTP methods using Nmap
- web servers, testing with auxiliary modules / Testing web servers using auxiliary modules in Metasploit
- scan, automating with WMAP web scanner plugin / Automating scanning using the WMAP web scanner plugin
- vulnerability scanning / Vulnerability scanning and graphical reports – the Skipfish web application scanner
- web services
- about / Web services
- SOAP / Introducing SOAP and RESTful web services
- RESTful web services / Introducing SOAP and RESTful web services
- securing / Securing web services
- insecure direct object reference vulnerability / Insecure direct object reference vulnerability
- website attack
- about / Website attack
- Java applet attack / Java applet attack
- credential harvester attack / Credential harvester attack
- web jacking attack / Web jacking attack
- metasploit browser exploit / Metasploit browser exploit
- tabnabbing attack / Tabnabbing attack
- website defacing / Website defacing
- web vulnerability scanner
- about / Web vulnerability scanner
- Nikto / Nikto
- Skipfish / Skipfish
- Web Crawler / Web Crawler – Dirbuster
- OpenVAS / OpenVAS
- database exploitation / Database exploitation
- Whois
X
- XSS
- executing, POST method used / XSS using the POST Method
- XSS, combining with JavaScript
- about / XSS and JavaScript – a deadly combination
- cookie stealing / Cookie stealing
- key logger / Key logger
- website defacing / Website defacing
- XSS attack
- about / An overview of cross-site scripting
- example / An overview of cross-site scripting
- xsser
- XSS vulnerabilities
- stored XSS flaws / Cross-site scripting
- reflected XSS flaw / Cross-site scripting
Y
- Yahoo! hostname enumerator / Reporting modules
Z
- Zed Access Proxy (ZAP)
- about / WebScarab and Zed Attack Proxy
- Zed Attack Proxy (ZAP)
- about / Tools to analyze tokens, Zed Attack Proxy
- nodes, scoping / Scoping and selecting modes
- nodes, selecting / Scoping and selecting modes
- modes / Modes of operation
- scan policy, defining / Scan policy and attack