Book Image

Python Penetration Testing Essentials

By : Mohit Raj
Book Image

Python Penetration Testing Essentials

By: Mohit Raj

Overview of this book

Table of Contents (14 chapters)
Python Penetration Testing Essentials
About the Author
About the Reviewers

Chapter 7. Pentesting of SQLI and XSS

In this chapter, we will discuss some serious attacks on a web application. You must have heard about incidents such as data theft, the cracking of usernames and passwords, the defacement of websites, and so on, that are known to occur mainly due to the vulnerabilities that exist in web applications, such as SQL injection and XSS attacks. In Chapter 5, Foot Printing of a Web Server and a Web Application, you learned how to see which database software is being used and which OS is running on the web server. Now we will proceed with our attacks one by one. In this chapter, we will cover the following topics:

  • The SQL injection attack

  • Types of SQL injection attacks

  • An SQL injection attack by Python script

  • A Cross-site scripting attack

  • Types of XSS

  • An XSS attack by Python script