Index

A

• AJAX
  • about / Introduction to AJAX
  • benefits / Introduction to AJAX
  • building blocks / Building blocks of AJAX
  • JavaScript / Building blocks of AJAX
  • Dynamic HTML (DHTML) / Building blocks of AJAX
  • Document Object Model (DOM) / Building blocks of AJAX
  • workflow / The AJAX workflow
  • security issues / AJAX security issues
  • client-side code, analyzing / Analyzing client-side code – Firebug
• AJAX applications
  • challenges of pentesting / Challenges of pentesting AJAX applications
  • crawling / Crawling AJAX applications
• AJAX crawling tool (ACT)
  • about / AJAX crawling tool
  • download link / AJAX crawling tool
  • starting / AJAX crawling tool
• AJAX engine / The AJAX workflow
• AJAX spider
  • about / AJAX spider – OWASP ZAP
• Amap version scan
  • about / The Amap version scan
• Amazon cloud
  • Kali Linux, installing on / Kali Linux on Amazon cloud
• API key for Bing
  • URL / The Recon-ng tool – a framework for information gathering
• applications of fuzzing
  • about / Applications of fuzzing
  • network protocol fuzzing / Network protocol fuzzing
  • file fuzzing / File fuzzing
  • user interface fuzzing / User interface fuzzing
  • web application fuzzing / Web application fuzzing
  • web browser fuzzing / Web browser fuzzing
• application version fingerprinting
  • about / Application version fingerprinting
  • Nmap version scan / The Nmap version scan
  • Amap version scan / The Amap version scan
• arbitrary code execution (ACE)
  • about / Exploiting shellshock
• ARMEL / VMware and ARM images of Kali Linux
• ARMHF / VMware and ARM images of Kali Linux
• ARM images
  • of Kali Linux / VMware and ARM images of Kali Linux
• asymmetric encryption
  • about / Asymmetric encryption versus symmetric encryption
• asymmetric encryption algorithms
  • Diffie-Hellman key exchange / Asymmetric encryption algorithms
  • Rivest Shamir Adleman (RSA) / Asymmetric encryption algorithms
  • Elliptic Curve Cryptography (ECC) / Asymmetric encryption algorithms
• attack potentials, of cross-site scripting attacks / Attack potential of cross-site scripting attacks
• attack types, Burp intruder
  • Sniper / Fuzzing using Burp intruder
  • Battering ram / Fuzzing using Burp intruder
  • Pitchfork / Fuzzing using Burp intruder
  • Cluster bomb / Fuzzing using Burp intruder
• authentication
  • basic authentication / Basic authentication
  • digest authentication / Digest authentication
  • integrated authentication / Integrated authentication
  • form-based authentication / Form-based authentication
• authentication flaws
  • about / Authentication protocols and flaws
• authentication issues
  • about / Authentication issues
• authentication protocols
  • about / Authentication protocols and flaws
• auxiliary modules
  • Dir_listing / Testing web servers using auxiliary modules in Metasploit
  • Dir_scanner / Testing web servers using auxiliary modules in Metasploit
  • Enum_wayback / Testing web servers using auxiliary modules in Metasploit
  • Files_dir / Testing web servers using auxiliary modules in Metasploit
  • http_login / Testing web servers using auxiliary modules in Metasploit
  • robots_txt / Testing web servers using auxiliary modules in Metasploit
  • webdav_scanner / Testing web servers using auxiliary modules in Metasploit

B

• basic authentication
  • about / Basic authentication
• BBQSQL
  • about / BBQSQL – the blind SQL injection framework
• BeEF hook
  • injecting, MITM used / Injecting the BeEF hook using MITM
• BeEF hook injection
  • about / BeEF hook injection
  • browser reconnaissance / Browser reconnaissance
  • exploit modules / Exploit modules
  • host information gathering / Host information gathering
  • persistence module / Persistence module
  • network recon / Network recon
  • Inter-protocol exploitation and communication (IPEC) node / Inter-protocol exploitation and communication
• browser exploitation framework
  • about / Browser exploitation framework
• browser exploitation framework (BeEF)
  • about / Browser exploitation framework, Introducing BeEF
  • hook injection / BeEF hook injection
  • mutillidae XSS flaw, exploiting with / Exploiting the mutillidae XSS flaw using BeEF
• brute forcing credentials
  • about / Brute forcing credentials
• building blocks, AJAX
  • about / Building blocks of AJAX
• Burp intruder
  • about / Fuzzing using Burp intruder
  • used, for fuzzing / Fuzzing using Burp intruder
  • setting up / Fuzzing using Burp intruder
  • attack types / Fuzzing using Burp intruder
• burp proxy
  • used, for attacking path traversal / Attacking path traversal using Burp proxy
• Burp proxy
  • about / Burp proxy
  • client interception, customizing / Customizing client interception
  • requests, modifying / Modifying requests on the fly
  • with SSL-based websites / Burp proxy with SSL-based websites
  / Tools to analyze tokens
• Burp spider / The Burp spider
• Burp suite / Tools to analyze tokens

C

• CAPTCHA / Cross-site request forgery
• certificate authority (CA) / SSL encryption process
• CIA triad
  • confidentiality / SSL in web applications
  • message integrity / SSL in web applications
  • availability / SSL in web applications
• CMS identification tools
  • about / CMS identification tools
  • Plecost / CMS identification tools
  • Joomscan / CMS identification tools
• command injection
  • about / Command injection, Command injection
  • parameters, identifying to inject data / Identifying parameters to inject data
  • error-based and blind command injection / Error-based and blind command injection
  • metacharacters, for command separator / Metacharacters for command separator
  • scanning / Scanning for command injection
  • exploiting, Metasploit used / Exploiting command injection using Metasploit
  • PHP shell and Metasploit / PHP shell and Metasploit
  • shellshock, exploiting / Exploiting shellshock
• command injection, scanning for
  • about / Scanning for command injection
  • cookie file, creating for authentication / Creating a cookie file for authentication
  • Wapiti, executing / Executing Wapiti
• commands, for meterpreter
  • getsystem / Exploitation – Metasploit
  • download / Exploitation – Metasploit
  • hashdump / Exploitation – Metasploit
  • sysinfo / Exploitation – Metasploit
  • help / Exploitation – Metasploit
• cookie stealing / Cookie stealing
• credential harvester attack
  • about / Credential harvester attack
• cross-site faxing (XSF) module / Inter-protocol exploitation and communication
• cross-site request forgery (CSRF)
  • about / Cross-site request forgery
  • attack dependencies / Attack dependencies
  • attack methodology / Attack methodology
  • mitigation techniques / CSRF mitigation techniques
• cross-site request forgery attack (CSRF)
  • about / Cross-site request forgery
• cross-site scripting
  • about / Cross-site scripting
  • origin / The origin of cross-site scripting
  • overview / An overview of cross-site scripting
  • types / Types of cross-site scripting
• cross-site scripting (XSS) / The TRACE method
• cross-site scripting attacks
  • attack potentials / Attack potential of cross-site scripting attacks
• Cross-site tracing (XST) attack / The TRACE method
• CSRF flaw
  • testing for / Testing for CSRF flaws
• CVE-2014-6271
  • about / Command injection

D

• damn vulnerable web application (DVWA)
  • about / Scanning for command injection
• database exploitation / Database exploitation
• defence against, DOM-based XSS / Defence against DOM-based XSS
• different testing methodology
  • about / Different testing methodologies
  • ethical hacking / Ethical hacking
  • penetration testing / Penetration testing
  • vulnerability assessment / Vulnerability assessment
  • security audit / Security audits
• digest authentication
  • about / Digest authentication
• dirb
  • about / Scanning – dirb
• DirBuster
  • used, in directory browsing / Directory browsing using DirBuster
• directory browsing
  • about / Directory browsing
  • with DirBuster / Directory browsing using DirBuster
  • comments, in HTML code / Comments in HTML code
  • mitigation / Mitigation
• Document Object Model (DOM)
  • about / Introduction to JavaScript
• DOM-based XSS
  • about / DOM-based XSS
  • example / DOM-based XSS
  • defence against / Defence against DOM-based XSS
• Domain Internet Groper (dig) / Zone transfer using dig
• domain registration details, reconnaissance
  • about / Domain registration details
  • Whois / Whois – extracting domain information
  • domain information, extracting / Whois – extracting domain information

E

• ethical hacking
  • about / Ethical hacking
• evilattacker
  • URL / XSS using the POST Method

F

• file fuzzing
  • about / File fuzzing
• file inclusion vulnerability
  • about / File inclusion vulnerability
  • remote file include / Remote file include
  • local file include / Local file include
  • mitigation / Mitigation for file inclusion attacks
• Firebug
  • about / Analyzing client-side code – Firebug
  • URL / Analyzing client-side code – Firebug
  • Script panel / The Script panel
  • Console panel / The Console panel
  • Network panel / The Network panel
• firewalls and IPS, evading with Nmap
  • ACK scan / Evading firewalls and IPS using Nmap
  • hardcoded source port, in firewall rules / Evading firewalls and IPS using Nmap
  • custom packet size / Evading firewalls and IPS using Nmap
  • custom MTU / Evading firewalls and IPS using Nmap
  • MAC address spoofing / Evading firewalls and IPS using Nmap
• form-based authentication
  • about / Form-based authentication
• fuzzdb
  • reference / Fuzzing using Burp intruder
• fuzzer frameworks
  • about / Fuzzer frameworks
  • SPIKE / Fuzzer frameworks
  • Peach / Fuzzer frameworks
  • Sulley / Fuzzer frameworks
• fuzzing
  • about / Fuzzing basics
  • basics / Fuzzing basics
  • advantages / Fuzzing basics
  • disadvantages / Fuzzing basics
  • types / Types of fuzzing techniques
  • mutation fuzzing / Mutation fuzzing
  • generation fuzzing / Generation fuzzing
  • applications of fuzzing / Applications of fuzzing
• fuzzing input, in web applications
  • about / Fuzzing input in web applications
  • request URI / Request URI
  • headers / Headers
  • form fields / Form fields
• fuzzing steps
  • about / Fuzzing steps

G

• generation-based fuzzers
  • about / Generation fuzzing
• Geocoder and reverse geocoder / Reporting modules
• Gramm-Leach-Bliley Act (GLBA) / Sensitive data handling

H

• hacker
  • about / Who is a hacker?
• hacking
  • about / Who is a hacker?
• hard drive
  • Kali Linux, installing on / Installing Kali Linux on a hard drive
• hashing functions
  • about / Hashing for message integrity
• Health Insurance Portability and Accountability Act (HIPAA) / Sensitive data handling
• Hip Hop Virtual machine (HHVM) / The HTTP header
• hosts, identifying with DNS
  • about / Identifying hosts using DNS
  • zone transfer, using dig / Zone transfer using dig
  • brute force DNS records, using Nmap / Brute force DNS records using Nmap
• HTTP error codes
  • reference / Detecting result of fuzzing
• HTTP methods, for penetration testing
  • GET method / The GET/POST method
  • POST method / The GET/POST method
  • HEAD method / The HEAD method
  • TRACE method / The TRACE method
  • PUT method / The PUT and DELETE methods
  • DELETE method / The PUT and DELETE methods
  • OPTIONS method / The OPTIONS method
• HTTP parameter pollution
  • about / HTTP parameter pollution
  • mitigation / Mitigation
• HTTP response splitting
  • about / HTTP response splitting
  • mitigation / Mitigation
• HTTP Strict Transport Security (HSTS) / SSL stripping limitations
• Hydra
  • about / Hydra – a brute force password cracker

I

• improvements, in Kali Linux 2.0
  • continuous rolling updates / Improvements in Kali Linux 2.0
  • frequent tool updates / Improvements in Kali Linux 2.0
  • revamped desktop environment / Improvements in Kali Linux 2.0
  • support, for various hardware platforms / Improvements in Kali Linux 2.0
  • major tool changes / Improvements in Kali Linux 2.0
• information gathering, reconnaissance
  • about / Reconnaissance – information gathering
  • domain registration details / Domain registration details
  • hosts, identifying with DNS / Identifying hosts using DNS
  • Recon-ng tool / The Recon-ng tool – a framework for information gathering
• information leakage
  • about / Information leakage
• injection-based flaws
  • about / Injection-based flaws
  • command injection / Command injection
  • SQL injection / SQL injection
• installation, Kali Linux
  • about / Installing Kali Linux
  • on USB drive / USB mode
  • on Amazon cloud / Kali Linux on Amazon cloud
  • on hard drive / Installing Kali Linux on a hard drive
• integrated authentication
  • about / Integrated authentication
• Internet Assigned Numbers Authority (IANA) / Application version fingerprinting
• IPInfoDB GeoIP / Reporting modules

J

• Java applet attack
  • about / Java applet attack
• JavaScript
  • about / Introduction to JavaScript
• JavaScript, in HTML code
  • script tag / Introduction to JavaScript
  • body tag / Introduction to JavaScript
  • image tag / Introduction to JavaScript
• Joomscan
  • about / CMS identification tools

K

• Kali Linux
  • about / Kali Linux
  • installing / Installing Kali Linux
  • installing, on USB drive / USB mode
  • URL, for downloading / USB mode
  • installing, on Amazon cloud / Kali Linux on Amazon cloud
  • installing, on hard drive / Installing Kali Linux on a hard drive
  • virtualization, versus installation on physical hardware / Kali Linux-virtualizing versus installing on physical hardware
  • tools / Important tools in Kali Linux
• Kali Linux 2.0
  • improvements / Improvements in Kali Linux 2.0
• Kali Linux image, Amazon marketplace
  • reference link / Kali Linux on Amazon cloud
• key logger / Key logger

L

• LinkedIn authenticated contact enumerator / Reporting modules
• Linux Unified Key Setup (LUKS)
  • about / USB mode
• load balancers
  • identifying / Identifying load balancers, Other ways of identifying load balancers
  • cookie-based load balancer / Cookie-based load balancer
• load balancers, identifying
  • SSL differences between servers, analyzing / Other ways of identifying load balancers
  • different URL, redirecting to / Other ways of identifying load balancers
  • DNS records, for load balancers / Other ways of identifying load balancers
  • load balancer detector / Other ways of identifying load balancers
  • web application firewall (WAF) / Other ways of identifying load balancers
• local file include / Local file include

M

• Mail exchanger (MX) / Zone transfer using dig
• man-in-the-middle attack (MITM) / Sniffing tokens and man-in-the-middle attacks
• man in the middle attack (MITM)
  • about / SSL man-in-the-middle attack
• metasploit browser exploit
  • about / Metasploit browser exploit
• meterpreter
  • commands / Exploitation – Metasploit
  • about / Exploitation – Metasploit
• modes, Zed Attack Proxy (ZAP)
  • safe mode / Modes of operation
  • protected mode / Modes of operation
  • standard mode / Modes of operation
• multi-tier web application
  • about / Multi-tier web application
  • presentation layer / Multi-tier web application
  • application layer / Multi-tier web application
  • data access layer / Multi-tier web application
• mutation fuzzers
  • about / Mutation fuzzing
• mutation fuzzing
  • about / Mutation fuzzing
• Mutillidae
  • reference link / Attacking path traversal using Burp proxy
• mutillidae
  • about / Exploiting the mutillidae XSS flaw using BeEF

N

• netcat (nc) utility / The OPTIONS method
• Netcraft hostname enumerator / Reporting modules
• network protocol fuzzing
  • about / Network protocol fuzzing
• Nikto
  • about / Nikto
  • features / Nikto
• Nmap version scan
  • about / The Nmap version scan

O

• open source intelligence (OSINT) gathering / Reconnaissance – information gathering
• OpenSSL command-line tool
  • about / OpenSSL command-line tool
• OpenVAS
  • about / OpenVAS
• Open Web Application Security Project (OWASP)
  • about / WebScarab and Zed Attack Proxy
• OWASP
  • URL / Testing for CSRF flaws
• OWASP broken web applications
  • reference link / Attacking path traversal using Burp proxy
• OWASP ZAP
  • about / AJAX spider – OWASP ZAP

P

• passive reconnaissance
  • versus active reconnaissance / Passive reconnaissance versus active reconnaissance
• path traversal
  • about / Path traversal
  • attacking, burp proxy used / Attacking path traversal using Burp proxy
  • mitigation / Mitigation
• Payment Card Industry (PCI) / The need for testing web applications
• penetration testing / Proactive security testing
  • about / Penetration testing
  • limitations / The limitations of penetration testing
  • Tor, using for / Using Tor for penetration testing
• persistent XSS
  • about / Persistent XSS
• PHP shell
  • about / PHP shell and Metasploit
• pinata-csrf-tool
  • URL / Testing for CSRF flaws
• Plecost
  • about / CMS identification tools
• plugins, w3af
  • crawl / Plugins
  • audit / Plugins
  • grep / Plugins
  • infrastructure / Plugins
  • output / Plugins
  • auth / Plugins
• port scanning, using Nmap
  • about / Port scanning using Nmap
  • different options for port scan / Different options for port scan
  • firewalls and IPS, evading with Nmap / Evading firewalls and IPS using Nmap
  • firewall, spotting with back checksum option / Spotting a firewall using back checksum option in Nmap
• POST method
  • used, for executing XSS / XSS using the POST Method
• PowerFuzzer
  • about / PowerFuzzer tool
• prerequisites, for brute forcing login page
  • host / Hydra – a brute force password cracker
  • method / Hydra – a brute force password cracker
  • URL / Hydra – a brute force password cracker
  • form parameters / Hydra – a brute force password cracker
  • failure response / Hydra – a brute force password cracker
  • list of username / Hydra – a brute force password cracker
  • password dictionary / Hydra – a brute force password cracker
  • threads / Hydra – a brute force password cracker
  • timeout period / Hydra – a brute force password cracker
  • output file / Hydra – a brute force password cracker
• Privoxy
  • setting up / Steps to set up Tor and connect anonymously
• proactive security testing
  • about / Proactive security testing
  • hacker / Who is a hacker?
  • different testing methodology / Different testing methodologies
• ProxyStrike
  • about / ProxyStrike
• Pushin modules
  • about / Reporting modules
  • Twitter geolocation search / Reporting modules
  • Flickr geolocation search / Reporting modules

R

• Recon-ng tool
  • about / The Recon-ng tool – a framework for information gathering
  • domain enumeration / Domain enumeration using recon-ng
  • top-level domain enumeration / Sub-level and top-level domain enumeration
  • sub-level domain enumeration / Sub-level and top-level domain enumeration
  • modules, reporting / Reporting modules
• reconnaissance
  • about / Reconnaissance
  • aim / Reconnaissance
  • passive reconnaissance, versus active reconnaissance / Passive reconnaissance versus active reconnaissance
  • information gathering / Reconnaissance – information gathering
• reconnaissance modules, in Recon-ng
  • Netcraft hostname enumerator / Reporting modules
  • SSL SAN lookup / Reporting modules
  • LinkedIn authenticated contact enumerator / Reporting modules
  • IPInfoDB GeoIP / Reporting modules
  • Yahoo! hostname enumerator / Reporting modules
  • Geocoder and reverse geocoder / Reporting modules
  • Pushin modules / Reporting modules
• reflected XSS
  • about / Reflected XSS
• reflected XSS flaw / Cross-site scripting
• Regional Internet Registrars (RIR) / Whois – extracting domain information
• remote file include / Remote file include
• request header / The request header
• response header / The response header
• REST
  • about / Web services
• RESTful web services
  • about / Introducing SOAP and RESTful web services
  • features / Introducing SOAP and RESTful web services
• rules of engagement (RoE)
  • about / Rules of engagement
  • black box testing / Black box testing or Gray box testing
  • gray box testing / Black box testing or Gray box testing
  • client contact details / Client contact details
  • client IT team notifications / Client IT team notifications
  • sensitive data handling / Sensitive data handling
  • status meeting / Status meeting

S

• scanning
  • about / Scanning – probing the target
  • target, probing / Scanning – probing the target
  • port scanning, using Nmap / Port scanning using Nmap
  • operating system, identifying with Nmap / Identifying the operating system using Nmap
  • server, profiling / Profiling the server
• scanning, for XSS flaws
  • about / Scanning for XSS flaws
  • Zed Attack Proxy (ZAP) / Zed Attack Proxy
  • xsser / Xsser, Features
  • w3af / W3af
• second-level domains (SLDs) / Sub-level and top-level domain enumeration
• secure hashing algorithm (SHA)
  • about / Hashing for message integrity
• secure socket layer (SSL)
  • about / Secure socket layer
  • in web applications / SSL in web applications
  • encryption process / SSL encryption process
  • asymmetric encryption, versus symmetric encryption / Asymmetric encryption versus symmetric encryption
  • hashing, for message integrity / Hashing for message integrity
  • weak SSL implementations, identifying / Identifying weak SSL implementations
  • man in the middle attack (MITM) / SSL man-in-the-middle attack
• security audit
  • about / Security audits
• security issues, AJAX
  • about / AJAX security issues
  • increase in attack surface / Increase in attack surface
  • exposed programming logic of application / Exposed programming logic of the application
  • insufficient access control / Insufficient access control
• sequencer / Tools to analyze tokens
• server, profiling
  • about / Profiling the server
  • application version fingerprinting / Application version fingerprinting
  • web application framework, fingerprinting / Fingerprinting the web application framework
  • virtual hosts, identifying / Identifying virtual hosts
  • load balancers, identifying / Identifying load balancers
  • web servers, scanning for vulnerabilities / Scanning web servers for vulnerabilities and misconfigurations
  • web applications, spidering / Spidering web applications
• session-based flaws
  • about / Session-based flaws
• session fixation attack
  • about / Session fixation attack
  • mitigation / Mitigation for session fixation
• session tokens
  • sharing, between application and browser / Session token sharing between application and browser
• session tracking, using cookies
  • about / Session tracking using cookies
  • cookie / Cookie
  • cookie flow between server and client / Cookie flow between server and client
  • non-persistent cookies / Persistent and non-persistent cookies
  • persistent cookies / Persistent and non-persistent cookies
  • cookie parameters / Cookie parameters
• shellshock
  • exploiting / Exploiting shellshock
  • about / Exploiting shellshock
  • overview / Overview of shellshock
  • scanning, with dirb / Scanning – dirb
  • exploiting, with Metasploit / Exploitation – Metasploit
• shellshock bug
  • about / Command injection
• Skipfish
  • about / Skipfish
• Skipfish web application scanner / Vulnerability scanning and graphical reports – the Skipfish web application scanner
• SOAP
  • about / Introducing SOAP and RESTful web services
  • advantages / Introducing SOAP and RESTful web services
• social engineering attacks
  • about / Social engineering attacks, Social engineering attacks
  • e-mail spoofing / Social engineering attacks
  • telephone attacks / Social engineering attacks
  • dumpster diving / Social engineering attacks
  • malicious USB drives / Social engineering attacks
  • employees, training to defeat / Training employees to defeat social engineering attacks
  • phishing e-mails / Social engineering attacks
  • adware and malware / Social engineering attacks
  • phishing websites / Social engineering attacks
• social engineering toolkit (SET)
  • about / Social engineering toolkit
• spear-phishing attack
  • about / Spear-phishing attack
• Sprajax
  • about / Sprajax
  • reference / Sprajax
• SQL injection
  • about / SQL injection, SQL injection
  • SQL statements / SQL statements
  • flaw, manipulating / Attack potential of the SQL injection flaw
  • error-handling / Blind SQL injection
  • testing methodology / SQL injection testing methodology
  • scanning for / Scanning for SQL injection
  • information gathering / Information gathering
  • exploitation, automating with sqlmap / Sqlmap – automating exploitation
  • BBQSQL / BBQSQL – the blind SQL injection framework
  • sqlsus / Sqlsus – MySQL injection
  • sqlninja / Sqlninja – MS SQL injection
• sqlmap
  • about / Sqlmap – automating exploitation
  • features / Sqlmap – automating exploitation
• sqlninja
  • about / Sqlninja – MS SQL injection
  • features / Sqlninja – MS SQL injection
• SQL statements
  • about / SQL statements
  • UNION operator / The UNION operator
  • SQL query example / The SQL query example
• sqlsus
  • about / Sqlsus – MySQL injection
• SSL configuration
  • testing, with Nmap / Testing SSL configuration using Nmap
• SSL MITM tools
  • about / SSL MITM tools in Kali Linux
  • SSLsplit / SSLsplit
  • SSLstrip / SSLstrip
• SSL SAN lookup / Reporting modules
• SSLScan
  • about / SSLScan
• SSL Server Test
  • about / Testing SSL configuration using Nmap
  • URL / Testing SSL configuration using Nmap
• SSLsplit
  • about / SSLsplit
• SSLstrip
  • about / SSLstrip
  • limitations / SSL stripping limitations
• SSLyze
  • about / SSLyze
• stored XSS flaws / Cross-site scripting
• structured query language (SQL) / Multi-tier web application
• Sulley framework
  • reference / Fuzzer frameworks
• symmetric encryption
  • about / Asymmetric encryption versus symmetric encryption
• symmetric encryption algorithm
  • about / Symmetric encryption algorithm
  • block cipher / Symmetric encryption algorithm
  • stream cipher / Symmetric encryption algorithm
  • Data encryption Standard (DES) / Symmetric encryption algorithm
  • Advance Encryption standard (AES) / Symmetric encryption algorithm
  • International Data Encryption Algorithm (IDEA) / Symmetric encryption algorithm
  • Rivest Cipher 4 (RC4) / Symmetric encryption algorithm

T

• tabnabbing attack
  • about / Tabnabbing attack
• The Hacker's Choice (THC)
  • about / The Amap version scan
• tokens, stealing
  • ways / Different ways to steal tokens
  • brute forcing tokens / Brute forcing tokens
  • sniffing / Sniffing tokens and man-in-the-middle attacks
  • man-in-the-middle attack (MITM) / Sniffing tokens and man-in-the-middle attacks
  • XSS attack used / Stealing session tokens using XSS attack
• tools, for analyzing tokens / Tools to analyze tokens
• tools, Kali Linux
  • about / Important tools in Kali Linux
  • web application proxies / Web application proxies
  • web vulnerability scanner / Web vulnerability scanner
  • CMS identification tools / CMS identification tools
  • web application fuzzers / Web application fuzzers
• top-level domains (TLDs) / Sub-level and top-level domain enumeration
• Tor
  • using, for penetration testing / Using Tor for penetration testing
  • setting up / Steps to set up Tor and connect anonymously
  • used, for visualizing web request / Visualization of a web request through Tor
  • overview / Final words for Tor
• types, cross-site scripting
  • about / Types of cross-site scripting
  • persistent XSS / Persistent XSS
  • reflected XSS / Reflected XSS
  • DOM-based XSS / DOM-based XSS

U

• USB drive
  • Kali Linux, installing on / USB mode
• user interface fuzzing
  • about / User interface fuzzing

V

• virtual hosts
  • identifying / Identifying virtual hosts
  • locating, with search engines / Locating virtual hosts using search engines
  • lookup module, in Recon-ng / The virtual host lookup module in Recon-ng
• virtual private network (VPN) / Secure socket layer
• VMware images
  • of Kali Linux / VMware and ARM images of Kali Linux
• vulnerability assessment
  • about / Vulnerability assessment
• vulnerable bank application
  • reference link / Cross-site request forgery

W

• w3af
  • about / W3af
  • plugins / Plugins
  • graphical interface / Graphical interface
• weak SSL implementations
  • identifying / Identifying weak SSL implementations
  • identifying, with OpenSSL command-line tool / OpenSSL command-line tool
  • identifying, with SSLScan / SSLScan
  • identifying, with SSLyze / SSLyze
• Web application firewall (WAF) / Status meeting
• web application framework, fingerprinting
  • about / Fingerprinting the web application framework
  • HTTP header / The HTTP header
  • Whatweb scanner / The Whatweb scanner
• web application fuzzers
  • about / Web application fuzzers
• web application fuzzers, in Kali Linux
  • about / Web application fuzzers in Kali Linux
• web application fuzzing
  • about / Web application fuzzing
• web application overview, for penetration testers
  • about / A web application overview for penetration testers
  • HTTP protocol / HTTP protocol
  • response header / Request and response header, The response header
  • request header / The request header
  • HTTP methods / Important HTTP methods for penetration testing
  • session tracking, using cookies / Session tracking using cookies
  • HTML data, in HTTP response / HTML data in HTTP response
  • multi-tier web application / Multi-tier web application
• web application proxies
  • about / Web application proxies
  • Burp proxy / Burp proxy
  • WebScarab / WebScarab and Zed Attack Proxy
  • Zed Access Proxy (ZAP) / WebScarab and Zed Attack Proxy
  • ProxyStrike / ProxyStrike
• web applications
  • testing / The need for testing web applications
  • testing, fuzzing used / Testing web applications using fuzzing
  • fuzzing input / Fuzzing input in web applications
  • result of fuzzing, detecting / Detecting result of fuzzing
• web applications, spidering
  • about / Spidering web applications
  • Burp spider / The Burp spider
  • application login / Application login
• web browser fuzzing
  • about / Web browser fuzzing
• Web Crawler / Web Crawler – Dirbuster
• web jacking attack
  • about / Web jacking attack
• web request
  • visualizing, through Tor / Visualization of a web request through Tor
• WebScarab
  • about / WebScarab and Zed Attack Proxy
• Webscarab / Tools to analyze tokens
• web servers, scanning
  • about / Scanning web servers for vulnerabilities and misconfigurations
  • HTTP methods, identifying with Nmap / Identifying HTTP methods using Nmap
  • web servers, testing with auxiliary modules / Testing web servers using auxiliary modules in Metasploit
  • scan, automating with WMAP web scanner plugin / Automating scanning using the WMAP web scanner plugin
  • vulnerability scanning / Vulnerability scanning and graphical reports – the Skipfish web application scanner
• web services
  • about / Web services
  • SOAP / Introducing SOAP and RESTful web services
  • RESTful web services / Introducing SOAP and RESTful web services
  • securing / Securing web services
  • insecure direct object reference vulnerability / Insecure direct object reference vulnerability
• website attack
  • about / Website attack
  • Java applet attack / Java applet attack
  • credential harvester attack / Credential harvester attack
  • web jacking attack / Web jacking attack
  • metasploit browser exploit / Metasploit browser exploit
  • tabnabbing attack / Tabnabbing attack
• website defacing / Website defacing
• web vulnerability scanner
  • about / Web vulnerability scanner
  • Nikto / Nikto
  • Skipfish / Skipfish
  • Web Crawler / Web Crawler – Dirbuster
  • OpenVAS / OpenVAS
  • database exploitation / Database exploitation
• Whois
  • about / Whois – extracting domain information

X

• XSS
  • executing, POST method used / XSS using the POST Method
• XSS, combining with JavaScript
  • about / XSS and JavaScript – a deadly combination
  • cookie stealing / Cookie stealing
  • key logger / Key logger
  • website defacing / Website defacing
• XSS attack
  • about / An overview of cross-site scripting
  • example / An overview of cross-site scripting
• xsser
  • about / Xsser
  • features / Features
  • graphical interface / Features
• XSS vulnerabilities
  • stored XSS flaws / Cross-site scripting
  • reflected XSS flaw / Cross-site scripting

Y

• Yahoo! hostname enumerator / Reporting modules

Z

• Zed Access Proxy (ZAP)
  • about / WebScarab and Zed Attack Proxy
• Zed Attack Proxy (ZAP)
  • about / Tools to analyze tokens, Zed Attack Proxy
  • nodes, scoping / Scoping and selecting modes
  • nodes, selecting / Scoping and selecting modes
  • modes / Modes of operation
  • scan policy, defining / Scan policy and attack