Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By : Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali
Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By: Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.
Table of Contents (24 chapters)
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Credits
Disclaimer
About the Authors
About the Reviewer
www.PacktPub.com
Preface
Index

Fuzz analysis


Fuzz analysis is a software-testing technique used by auditors and developers to test their applications against unexpected, invalid, and random sets of data input. The response will then be noticed in terms of an exception or a crash thrown by these applications. This activity uncovers some of the major vulnerabilities in the software, which are not possible to discover otherwise. These include buffer overflows, format strings, code injections, dangling pointers, race conditions, denial of service conditions, and many other types of vulnerabilities.

There are different classes of fuzzers available in Kali Linux, which can be used to test the file formats, network protocols, command-line inputs, environmental variables, and web applications. Any untrusted source of data input is considered to be insecure and inconsistent. For instance, a trust boundary between the application and the Internet user is unpredictable. Thus, all the data inputs should be fuzzed and verified against...