Book Image

Mastering Kali Linux for Web Penetration Testing

By : Michael McPhee
Book Image

Mastering Kali Linux for Web Penetration Testing

By: Michael McPhee

Overview of this book

You will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess. By the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.

Related Content you might be interested in

Current Title:

Small book image
Mastering Kali Linux for Web Penetration Testing
Michael McPhee
Jun, 2017 | 338 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Small book image
Web Penetration Testing with Kali Linux
Gilberto NajeraGutierrez | Juned Ahmed Ansari
Feb, 2018 | 426 pages
Small book image
Bug Bounty Hunting Essentials
Carlos A Lozano | M Shahmeer Amir
Nov, 2018 | 270 pages
Table of Contents (13 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Common Web Applications and Architectures
Common Web Applications and Architectures
Common architectures
Web application hosting
Application development cycles
Common weaknesses – where to start
Web application defenses
Summary
2
Guidelines for Preparation and Testing
Guidelines for Preparation and Testing
Picking your favorite testing framework
Keeping it legal and ethical
Labbing - practicing what we learn
Summary
3
Stalking Prey Through Target Recon
Stalking Prey Through Target Recon
The imitation game
Open source awesomeness
Being social with your target
Summary
4
Scanning for Vulnerabilities with Arachni
Scanning for Vulnerabilities with Arachni
Walking into spider webs
An encore for stacks and frameworks
The Arachni test scenario
Summary
5
Proxy Operations with OWASP ZAP and Burp Suite
Proxy Operations with OWASP ZAP and Burp Suite
Pulling back the curtain with ZAP
Taking it to a new level with Burp Suite
Summary
6
Infiltrating Sessions via Cross-Site Scripting
Infiltrating Sessions via Cross-Site Scripting
The low-down on XSS types
Seeing is believing
Summary
7
Injection and Overflow Testing
Injection and Overflow Testing
Injecting some fun into your testing
Is SQL any good?
The X-factor - XML and XPath injections
Credential Jedi mind tricks
Going beyond persuasion – Injecting for execution
Down with HTTP?
Summary
8
Exploiting Trust Through Cryptography Testing
Exploiting Trust Through Cryptography Testing
How secret is your secret?
Assessing encryption like a pro
Exploiting the flaws
Hanging out as the Man-in-the-Middle
Summary
9
Stress Testing Authentication and Session Management
Stress Testing Authentication and Session Management
Knock knock, who's there?
This is the session you are looking for
Functional access level control
Refining a brute's vocabulary
Summary
10
Launching Client-Side Attacks
Launching Client-Side Attacks
Why are clients so weak?
Picking on the little guys
I don't need your validation
Trendy hacks come and go
Summary
11
Breaking the Application Logic
Breaking the Application Logic
Speed-dating your target
Functional Feng Shui
Summary
12
Educating the Customer and Finishing Up
Educating the Customer and Finishing Up
Finishing up
Bringing best practices
Assessing the competition
Summary

Summary

Since this is a book on mastering Kali Linux for the purposes of conducting web application penetration tests, it may have come as a surprise that we started with foundational topics such as the architecture, security elements, and so on. It is my hope that covering these topics will help set us apart from the script-kiddies that often engage in pen testing but offer minimal value. Anyone can fire up Kali Linux or some other distribution and begin hacking away, but without this foundation, our tests run the risk of being incomplete or inaccurate. Our gainful employment is dependent on actually helping the customer push their network to their (agreed upon) limits and helping them see their weaknesses. Likewise, we should also be showing them what they are doing right. John Strand, owner and analyst at Black Hills Information Security, is fond of saying that we should strive to get caught after being awesome.

While the knowledge of the tools and underlying protocols is often what sets a serious hacker apart from a newbie, it is also the knowledge of their quarry and the depth of the service they provide. If we are merely running scripts for the customer and reporting glaring issues, we are missing the point of being a hired penetration tester. Yes, critical flaws need to be addressed, but so do the seemingly smaller ones. It takes an expert to detect a latent defect that isn't impacting the performance now but will result in a major catastrophe some time later. This not only holds true for power plants, but for our web applications. We need to not just show them what they can see on their own, but take it further to help them insulate against tomorrow's attacks.

In this chapter, we discussed some architectural concepts that may help us gain better insight into our targets. We also discussed the various security measures our customers can put into place that we will need to be aware of, both to plan our attacks and to test for efficacy. Our discussion also covered the importance of testing throughout the lifecycle of the application. Doing this saves both time and money, and can certainly save the reputation and minimize risk once the application is in production. These considerations should merit having penetration testers as a vital and permanent member of any development team.

In our next chapter, we will talk briefly about how to prepare a fully featured sandbox environment that can help us practice the test concepts. We'll also discuss the leading test frameworks that can help us provide comprehensive test coverage. Lastly, we'll discuss contracts and the ethical and legal aspects of our job; staying out of jail is a key objective.

Previous Section
End of Chapter 1
Next Chapter