Index
A
- Acunetix's SecurityTweets
- reference link / Other resources
- AJAX applications, crawling
- about / Crawling AJAX applications
- AJAX Crawling Tool (ACT) / AJAX Crawling Tool
- Sprajax / Sprajax
- AJAX Spider / The AJAX Spider – OWASP ZAP
- AJAX Crawling Tool (ACT)
- setting up / AJAX Crawling Tool
- about / AJAX Crawling Tool
- using / AJAX Crawling Tool
- Amazon Machine Image (AMI) / Installing Kali Linux
- application, version fingerprinting
- about / Application version fingerprinting
- Nmap version scan / The Nmap version scan
- Amap version scan / The Amap version scan
- Application Programming Interface (API) / HTTP methods in web services
- app protection
- authorization / Direct object references in web services
- Arbitrary Code Execution (ACE) / Exploiting shellshock
- asymmetric encryption algorithm
- Asynchronous JavaScript and XML (AJAX)
- about / AJAX
- benefits / AJAX
- increased speed / AJAX
- user friendly / AJAX
- asynchronous calls / AJAX
- reduced network utilization / AJAX
- building blocks / Building blocks of AJAX
- JavaScript / Building blocks of AJAX
- dynamic HTML (DHTML) / Building blocks of AJAX
- Document Object Model (DOM) / Building blocks of AJAX
- workflow / The AJAX workflow
- mitigating / Mitigating AJAX, HTML5, and client-side vulnerabilities
- attacks, on web applications
- reasons to guard / Reasons to guard against attacks on web applications
- auditing / Security audits
- authentication
- preventing / Preventing authentication and session attacks
- guidelines / Authentication guidelines
- authentication schemes, web applications
- about / Authentication schemes in web applications
- platform authentication / Platform authentication
- form-based authentication / Form-based authentication
- Two-factor Authentication (2FA) / Two-factor Authentication
- OAuth / OAuth
- Authentication Server (AS) / Kerberos
- automated scanner
- considerations / Considerations before using an automated scanner
B
- basic authentication
- attacking with THC Hydra / Attacking basic authentication with THC Hydra
- black box testing / The type and scope of testing
- block cipher modes
- Electronic Code Book (ECB) / Block cipher modes
- Cipher Block Chaining (CBC) / Block cipher modes
- Counter (CTR) / Block cipher modes
- Bourne Again Shell (bash) / Exploiting shellshock
- Broken Web Applications (BWA) / OWASP Broken Web Applications, Username enumeration
- browser developer tools
- about / Browser developer tools
- Inspector panel / The Inspector panel
- Debugger panel / The Debugger panel
- Console panel / The Console panel
- Network panel / The Network panel
- Storage panel / The Storage panel
- DOM panel / The DOM panel
- Browser Exploitation Framework (BeEF) / Taking control of the user's browser with BeEF-XSS
- brute force / Discovering passwords by brute force and dictionary attacks
- Burp Intruder
- about / Burp Intruder
- using / Burp Intruder
- Burp Proxy
- about / Burp Proxy
- client interception, customizing / Customizing client interception
- requests, modifying on fly / Modifying requests on the fly
- working, with HTTPS websites / Burp Proxy with HTTPS websites
- Burp Sequencer
- about / Using Burp Sequencer to evaluate the quality of session IDs
- used, for evaluating quality of session IDs / Using Burp Sequencer to evaluate the quality of session IDs
- Burp Spider
- about / Burp Spider
- application login / Application login
- Burp Suite / OWASP-ZAP scanner
C
- Capture The Flag (CTF) / Other resources
- Certificate Authority (CA) / Burp Proxy with HTTPS websites
- chroot jail / Insecure direct object references
- client-side code
- analyzing / Analyzing the client-side code and storage
- client-side controls
- bypassing / Bypassing client-side controls
- client-side storage
- analyzing / Analyzing the client-side code and storage
- client-side vulnerabilities
- client databases
- about / Local storage and client databases
- IndexedDB / IndexedDB
- CMSmap / CMSmap, CMSmap
- CMS scanners
- about / Content Management Systems scanners
- WPScan / WPScan
- JoomScan / JoomScan
- CMSmap / CMSmap
- Command and Control (C2) server / Taking control of the user's browser with BeEF-XSS
- command injection flaw
- about / Command injection
- parameters, identifying to inject data / Identifying parameters to inject data
- error-based command injection / Error-based and blind command injection
- blind command injection / Error-based and blind command injection
- metacharacters, for command separator / Metacharacters for command separator
- shellshock, exploiting / Exploiting shellshock
- common authentication flaws, in web applications
- lack of authentication / Lack of authentication or incorrect authorization verification
- incorrect authorization verification / Lack of authentication or incorrect authorization verification
- username enumeration / Username enumeration
- common flaws, sensitive data storage and transmission
- about / Common flaws in sensitive data storage and transmission
- offline cracking tools, using / Using offline cracking tools
- considerations, vulnerability assessment
- Rules of Engagement (RoE) / Rules of Engagement
- Content Management System (CMS) / , Content Management Systems scanners
- cookie / The request header, Cookies
- cookie parameters
- domain / Cookie parameters
- path / Cookie parameters
- HttpOnly / Cookie parameters
- secure / Cookie parameters
- expires / Cookie parameters
- Cross-Origin Resource Sharing (CORS) / CSRF on web services
- Cross-Site Scripting (XSS)
- overview / An overview of Cross-Site Scripting
- exploiting / Exploiting Cross-Site Scripting
- preventing / Preventing and mitigating Cross-Site Scripting
- mitigating / Preventing and mitigating Cross-Site Scripting
- Cross-Site Scripting (XSS) attacks / Session management guidelines
- Cross-Site Scripting (XSS) vulnerabilities
- persistent XSS / Persistent XSS
- reflected XSS / Reflected XSS
- DOM-based XSS / DOM-based XSS
- XSS, with POST method / XSS using the POST method
- cryptographic algorithm
- about / Algorithms and modes
- asymmetric encryption, versus symmetric encryption / Asymmetric encryption versus symmetric encryption
- stream ciphers / Stream and block ciphers
- block ciphers / Stream and block ciphers
- Initialization Vectors (IVs) / Initialization Vectors
- block cipher modes / Block cipher modes
- cryptographic implementation flaws
- preventing / Preventing flaws in cryptographic implementations
- cryptography primer
- about / A cryptography primer
- encryption / A cryptography primer
- encoding / A cryptography primer
- obfuscation / A cryptography primer
- hashing / A cryptography primer
- hashing functions / Hashing functions
- CSRF flaws
- testing for / Testing for CSRF flaws
- exploiting / Exploiting a CSRF flaw
- exploiting, in POST request / Exploiting CSRF in a POST request
- exploiting, on web services / CSRF on web services
- preventing / Preventing CSRF
- CSRF protections
- bypassing, XSS used / Using Cross-Site Scripting to bypass CSRF protections
- custom encryption protocols
- about / Custom encryption protocols
- encrypted and hashed information, identifying / Identifying encrypted and hashed information
D
- Damn Vulnerable Web Application (DVWA) / SQL injection testing methodology
- data access layer / Three-layer web application design
- database exploitation / Database exploitation
- Database Management Systems (DBMS) / An SQL primer
- data extraction, with SQL injection
- basic environment information, obtaining / Getting basic environment information
- blind SQL injection / Blind SQL injection
- DELETE method / The PUT and DELETE methods
- Denial-of-Service (DoS) attack / Client contact details
- digest authentication / Digest
- DIRB / DIRB
- DirBuster / DirBuster
- directory brute forcing
- about / Directory brute forcing
- DIRB / DIRB
- ZAP's forced browse / ZAP's forced browse
- DNS enumeration
- about / DNS enumeration
- DNSEnum / DNSEnum
- Fierce / Fierce
- DNSRecon / DNSRecon
- Brute force DNS records, using Nmap / Brute force DNS records using Nmap
- Document Object Model (DOM) / DOM-based XSS
- DOM-based XSS
- about / DOM-based XSS
- example / DOM-based XSS
- domain enumeration, Recon-ng
- sub-level domain enumeration / Sub-level and top-level domain enumeration
- top-level domain enumeration / Sub-level and top-level domain enumeration
- Domain Internet Groper (dig) command-line tool / Zone transfer using dig
- domain registration details
E
- encrypted and hashed information, custom cryptographic implementation
- identifying / Identifying encrypted and hashed information
- hashing algorithms / Hashing algorithms
- frequency analysis / Frequency analysis
- entropy analysis / Entropy analysis
- encryption algorithm, identifying / Identifying the encryption algorithm
- Entity Expansion attack / The Entity Expansion attack
- entropy / Using Burp Sequencer to evaluate the quality of session IDs, Entropy analysis
- ethical hacking / Proactive security testing, Ethical hacking
- Exploit Database
- URL / CMSmap
- eXtensible Markup Language (XML) data / HTML data in HTTP response
F
- factor / Two-factor Authentication
- Fierce / Fierce
- file inclusion vulnerabilities
- about / File inclusion vulnerabilities
- Local File Inclusion (LFI) vulnerability / Local File Inclusion
- Remote File Inclusion (RFI) / Remote File Inclusion
- form-based authentication
- about / Form-based authentication
- attacking / Attacking form-based authentication
- Burp Suite Intruder, using / Using Burp Suite Intruder
- THC Hydra, using / Using THC Hydra
- fuzzer / Web application fuzzers
- fuzzing
- about / Sprajax, Fuzzing web applications
- with OWASP-ZAP fuzzer / Using the OWASP-ZAP fuzzer
- with Burp Intruder / Burp Intruder
G
- GET method / The GET method
- Google dorks / Google dorks
- Google Web Toolkit (GWT) / The AJAX workflow
- Gramm-Leach-Bliley Act (GLBA) / Sensitive data handling
- gray box testing / The type and scope of testing
H
- Hackazon
- hash-identifier / hash-identifier
- Hashcat
- about / Using Hashcat
- using / Using Hashcat
- hashing functions / Hashing functions
- HEAD method / The HEAD method
- Health Insurance Portability and Accountability Act (HIPAA) / Sensitive data handling
- HTML5
- HTML5, for penetration testers
- about / HTML5 for penetration testers
- new XSS vectors / New XSS vectors
- local storage / Local storage and client databases
- client databases / Local storage and client databases
- Web Messaging / Web Messaging
- WebSockets / WebSockets
- Cross-Origin Resource Sharing (CORS) / Cross-Origin Resource Sharing (CORS)
- Geolocation / Geolocation
- Web Workers / Web Workers
- HTML data, HTTP response
- server-side code / The server-side code
- HTTP header
- host / The request header
- user-agent / The request header
- content-type / The request header
- authorization / The request header
- HTTP methods
- GET / The GET method
- POST / The POST method
- HEAD / The HEAD method
- TRACE / The TRACE method
- PUT / The PUT and DELETE methods
- DELETE / The PUT and DELETE methods
- OPTIONS / The OPTIONS method
- HTTP Negotiate / HTTP Negotiate
- HTTP parameter pollution / HTTP parameter pollution
- HTTP proxy / Web Application Proxies
- HTTP request
- about / Knowing an HTTP request and response
- request header / The request header
- HTTP response header
- about / The response header
- status code / The response header
- set-cookie / The response header
- cache-control / The response header
- server / The response header
- content-length / The response header
- HTTP Strict-Transport-Security (HSTS) / Preventing flaws in cryptographic implementations
- Hypertext Markup Language (HTML) / HTML data in HTTP response
- Hypertext Transport Protocol (HTTP) / HTTP protocol
I
- improper session management
- IndexedDB / IndexedDB
- Industrial Control Systems (ICS) / Shodan
- information disclosure / Information disclosure
- injection vulnerabilities
- insecure direct object reference
- about / Insecure direct object references
- path traversal / Path traversal
- Internet Assigned Numbers Authority (IANA) / Application version fingerprinting
- Internet Engineering Task Force (IETF) / HTTP protocol, Secure communication over SSL/TLS
J
- JavaScript Object Notation (JSON) / HTML data in HTTP response, XML and JSON
- John the Ripper
- using / Using John the Ripper
- JoomScan / JoomScan, JoomScan
K
- Kali Linux
- about / Kali Linux, Kali Linux
- web application overview, for penetration testers / A web application overview for penetration testers
- HTTP request / Knowing an HTTP request and response
- HTTP response / Knowing an HTTP request and response
- HTTP methods / HTTP methods
- sessions, keeping in HTTP / Keeping sessions in HTTP
- HTML data, in HTTP response / HTML data in HTTP response
- multilayer web application / Multilayer web application
- improvements / Latest improvements in Kali Linux
- installing / Installing Kali Linux
- URL / Installing Kali Linux
- installation ways / Installing Kali Linux
- virtualizing, versus installing on physical hardware / Virtualizing Kali Linux versus installing it on physical hardware
- installing, on VirtualBox / Installing on VirtualBox
- tools / Important tools in Kali Linux
- web application vulnerability scanners / Web application vulnerability scanners in Kali Linux
- Kerberos protocol / Kerberos
L
- Local File Inclusion (LFI) / Local File Inclusion
- local storage
- about / Local storage and client databases
- Web Storage / Web Storage
M
- Mail Exchanger (MX) / Zone transfer using dig
- Maltego / Maltego
- Man-in-the-Browser (MITB) / Taking control of the user's browser with BeEF-XSS
- man-in-the-middle (MITM) attacks / WebSockets
- masking / WebSockets
- mitigation
- about / Mitigation
- insecure direct object references / Insecure direct object references
- file inclusion attacks / File inclusion attacks
- HTTP parameter pollution / HTTP parameter pollution
- information disclosure / Information disclosure
- Multi-factor Authentication (MFA) / Two-factor Authentication
- multilayer web application
- three-layer web application design / Three-layer web application design
- web services / Web services
- SOAP web service / Introducing SOAP and REST web services
- REST web service / Introducing SOAP and REST web services
- HTTP methods, in web services / HTTP methods in web services
- XML and JSON / XML and JSON
- AJAX / AJAX
- HTML5 / HTML5
- WebSockets / WebSockets
N
- new XSS vectors
- about / New XSS vectors
- new elements / New elements
- new properties / New properties
- Nikto
- Nmap / Brute force DNS records using Nmap, Testing TLS/SSL configuration using Nmap
- nonce / Digest
- nonpersistent cookie / Persistent and nonpersistent cookies
- NoSQL injection
- about / NoSQL injection
- testing for / Testing for NoSQL injection
- exploiting / Exploiting NoSQL injection
- Not only SQL (NoSQL) / NoSQL injection
O
- OAuth / OAuth
- offline cracking tools
- about / Using offline cracking tools
- John the Ripper / Using John the Ripper
- Hashcat / Using Hashcat
- One-Time Password (OTP) / Two-factor Authentication
- Open Source Intelligence (OSINT) / Information gathering
- OpenSSL client / OpenSSL client
- Open Vulnerability Assessment Scanner (OpenVAS) / OpenVAS
- Open Web Application Security Project (OWASP) / Zed Attack Proxy
- OPTIONS method / The OPTIONS method
- OWASP's vulnerable web applications directory
- reference link / Other resources
- OWASP-ZAP fuzzer
- using / Using the OWASP-ZAP fuzzer
- OWASP-ZAP fuzzer, options
- Empty/Null / Using the OWASP-ZAP fuzzer
- Numberzz / Using the OWASP-ZAP fuzzer
- Regex / Using the OWASP-ZAP fuzzer
- Script / Using the OWASP-ZAP fuzzer
- Strings / Using the OWASP-ZAP fuzzer
- OWASP-ZAP scanner
- about / OWASP-ZAP scanner
- using / OWASP-ZAP scanner
- OWASP Broken Web Applications / OWASP Broken Web Applications
P
- Padding Oracle On Downgraded Legacy Encryption (POODLE) / OpenSSL client
- password reset functionality
- about / The password reset functionality
- recovery, instead of reset / Recovery instead of reset
- common password reset flaws / Common password reset flaws
- passwords
- discovering, by brute force and dictionary attacks / Discovering passwords by brute force and dictionary attacks
- Payment Card Industry (PCI) / Reasons to guard against attacks on web applications
- penetration testing
- about / Proactive security testing,
- considerations / Considerations when performing penetration testing
- limitations / The limitations of penetration testing
- web application overview / A web application overview for penetration testers
- resources / Other resources
- persistent cookies / Persistent and nonpersistent cookies
- persistent XSS / Persistent XSS
- platform authentication
- about / Platform authentication
- basic / Basic
- digest / Digest
- NTLM / NTLM
- Kerberos / Kerberos
- HTTP Negotiate / HTTP Negotiate
- drawbacks / Drawbacks of platform authentication
- port scanning, with Nmap
- about / Port scanning using Nmap
- options / Different options for port scan
- firewalls and IPS, evading with Nmap / Evading firewalls and IPS using Nmap
- operating system, identifying / Identifying the operating system
- POST method / The POST method
- proactive security testing
- about / Proactive security testing
- different testing methodologies / Different testing methodologies
- proof of concept (PoC) / Exploiting CSRF in a POST request
- ProxyStrike / ProxyStrike
- PUT method / The PUT and DELETE methods
R
- Recon-ng
- about / Recon-ng – a framework for information gathering
- used, for domain enumeration / Domain enumeration using Recon-ng
- reporting modules / Reporting modules
- reconnaissance
- about / Reconnaissance
- passive reconnaissance, versus active reconnaissance / Passive reconnaissance versus active reconnaissance
- information gathering / Information gathering
- domain registration details / Domain registration details
- related hosts, identifying with DNS / Identifying related hosts using DNS
- search engines, using for gathering information / Using search engines and public sites to gather information
- public sites, used for gathering information / Using search engines and public sites to gather information
- reconnaissance modules, in Recon-ng
- about / Reporting modules
- Netcraft hostname enumerator / Reporting modules
- SSL SAN lookup / Reporting modules
- LinkedIn authenticated contact enumerator / Reporting modules
- IPInfoDB GeoIP / Reporting modules
- Yahoo! hostname enumerator / Reporting modules
- geocoder and reverse geocoder / Reporting modules
- pushpin modules / Reporting modules
- reflected XSS / Reflected XSS
- Regional Internet Registrars (RIR) / Whois – extracting domain information
- Remote File Inclusion (RFI) / Remote File Inclusion
- REST web service
- about / Introducing SOAP and REST web services
- features / Introducing SOAP and REST web services
- rotation / Frequency analysis
- Rules of Engagement (RoE), penetration testing
- about / Rules of Engagement
- type and scope of testing / The type and scope of testing
- client contact details / Client contact details
- client IT team notifications / Client IT team notifications
- sensitive data handling / Sensitive data handling
- status meeting and reports / Status meeting and reports
S
- salt values / Salt values
- sanitization / Preventing and mitigating Cross-Site Scripting
- scanner
- post-scanning actions / Post-scanning actions
- scanning phase, penetration testing
- about / Scanning – probing the target
- port scanning, with Nmap / Port scanning using Nmap
- server, profiling / Profiling the server
- search engines
- Google dorks / Google dorks
- Shodan / Shodan
- theHarvester / theHarvester
- Maltego / Maltego
- Second-level Domains (SLDs) / Sub-level and top-level domain enumeration
- secure communication, over SSL/TLS
- about / Secure communication over SSL/TLS
- secure communication, in web applications / Secure communication in web applications
- TLS encryption process / TLS encryption process
- Secure Sockets Layer (SSL) / HTTP protocol, Identifying HTTPS configuration and issues, Secure communication over SSL/TLS
- sensitive data storage and transmission
- common flaws / Common flaws in sensitive data storage and transmission
- session attacks
- preventing / Preventing authentication and session attacks
- Session Fixation / Session Fixation
- session ID
- about / Keeping sessions in HTTP
- cookies / Cookies
- cookie flow, between server and client / Cookie flow between server and client
- persistent cookie / Persistent and nonpersistent cookies
- nonpersistent cookie / Persistent and nonpersistent cookies
- cookie parameters / Cookie parameters
- predicting / Predicting session IDs
- session identifiers / Session identifiers
- session management
- about / Session management mechanisms
- sessions based on platform authentication / Sessions based on platform authentication
- session identifiers / Session identifiers
- guidelines / Session management guidelines
- shellshock vulnerability
- about / Exploiting shellshock
- reverse shell / Getting a reverse shell
- exploitation, using Metasploit / Exploitation using Metasploit
- Shodan
- Skipfish
- Snyk
- SOAP web services / Introducing SOAP and REST web services
- Sprajax / Sprajax
- SQL injection
- testing methodology / SQL injection testing methodology
- data, extracting with / Extracting data with SQL injection
- SQL injection flaw
- about / SQL injection
- SQL primer / An SQL primer
- SELECT statement / The SELECT statement
- vulnerable code / Vulnerable code
- exploitation, automating / Automating exploitation
- manipulating / Attack potential of the SQL injection flaw
- sqlmap / Database exploitation
- sqlninja / Database exploitation
- SSL/TLS, weak implementations
- identifying / Identifying weak implementations of SSL/TLS
- OpenSSL command-line tool / The OpenSSL command-line tool
- SSLScan / SSLScan
- SSLyze / SSLyze
- SSL configuration, testing with Nmap / Testing SSL configuration using Nmap
- Heartbleed, exploiting / Exploiting Heartbleed
- Padding Oracle On Downgraded Legacy Encryption (POODLE) / POODLE
- SSLScan / Scanning TLS/SSL configuration with SSLScan
- SSLyze / Scanning TLS/SSL configuration with SSLyze
- Structured Query Language (SQL) / Three-layer web application design, SQL injection
- Subject Alternative Names (SAN) / Reporting modules
- symmetric encryption algorithm
- about / Asymmetric encryption versus symmetric encryption, Symmetric encryption algorithm
- examples / Symmetric encryption algorithm
- stream ciphers / Stream and block ciphers
- block ciphers / Stream and block ciphers
T
- TCP connect scan / Different options for port scan
- testing methodologies
- about / Different testing methodologies
- ethical hacking / Ethical hacking
- penetration testing /
- vulnerability assessment /
- security audits / Security audits
- THC Hydra / Attacking basic authentication with THC Hydra
- The Hacker's Choice (THC) group / The Amap version scan
- theHarvester / theHarvester
- three-layer web application design
- presentation layer / Three-layer web application design
- application layer / Three-layer web application design
- data access layer / Three-layer web application design
- tools, for exploiting SQL injection flaw
- tools, Kali Linux
- Content Management System (CMS) / Important tools in Kali Linux
- web application proxies / Web Application Proxies
- web crawlers and directory bruteforce / Web Crawlers and Directory Bruteforce
- web vulnerability scanners / Web Vulnerability Scanners
- Open Vulnerability Assessment Scanner (OpenVAS) / OpenVAS
- database exploitation / Database exploitation
- web application fuzzers / Web application fuzzers
- Tor, using for penetration testing / Using Tor for penetration testing
- Top-Level Domain (TLD) / theHarvester, Sub-level and top-level domain enumeration
- Tor
- using, for penetration testing / Using Tor for penetration testing
- reference link / Using Tor for penetration testing
- TRACE method / The TRACE method
- transform / Maltego
- Transport Layer Security (TLS) / HTTP protocol, Identifying HTTPS configuration and issues, Secure communication over SSL/TLS
- Two-factor Authentication (2FA) / Two-factor Authentication
U
- Uniscan-gui / Uniscan
V
- VirtualBox
- installing on / Installing on VirtualBox
- virtual machine, creating / Creating the virtual machine
- system, installing / Installing the system
- virtual hosts
- identifying / Identifying virtual hosts
- locating, search engines used / Locating virtual hosts using search engines
- load balancers, identifying / Identifying load balancers
- cookie-based load balancer / Cookie-based load balancer
- ways of identifying, load balancers / Other ways of identifying load balancers
- vulnerabilities, in 2FA implementations / Vulnerabilities in 2FA implementations
- vulnerability assessment /
- vulnerability scanner / Web Vulnerability Scanners
- vulnerable applications / Vulnerable applications and servers to practice on
- vulnerable servers / Vulnerable applications and servers to practice on
- VulnHub
- reference link / Other resources
W
- Wapiti
- Web Application Attack and Audit Framework (w3af) / w3af
- Web Application Firewall (WAF) / OWASP Broken Web Applications
- web application framework, fingerprinting
- about / Fingerprinting the web application framework
- HTTP header / The HTTP header
- WhatWeb scanner / The WhatWeb scanner
- web application fuzzers / Web application fuzzers
- web application overview, penetration testers
- about / A web application overview for penetration testers
- HTTP protocol / HTTP protocol
- web application proxies
- about / Web Application Proxies
- Burp Proxy / Burp Proxy
- Zed Attack Proxy (ZAP) / Zed Attack Proxy
- ProxyStrike / ProxyStrike
- web applications
- need for, for testing / The need for testing web applications
- common authentication flaws / Common authentication flaws in web applications
- fuzzing / Fuzzing web applications
- web applications, spidering
- about / Spidering web applications
- Burp Spider / Burp Spider
- directory brute forcing / Directory brute forcing
- web application vulnerability scanners
- about / Considerations before using an automated scanner
- in Kali Linux / Web application vulnerability scanners in Kali Linux
- usage / Web application vulnerability scanners in Kali Linux
- Nikto / Nikto
- Skipfish / Skipfish
- Wapiti / Wapiti
- OWASP-ZAP scanner / OWASP-ZAP scanner
- web crawlers
- Web Messaging / Web Messaging
- Web Security Dojo / Web Security Dojo
- web servers, scanning for vulnerabilities and misconfigurations
- about / Scanning web servers for vulnerabilities and misconfigurations
- HTTP methods, identifying with Nmap / Identifying HTTP methods using Nmap
- web servers, testing with auxiliary modules / Testing web servers using auxiliary modules in Metasploit
- HTTPS configuration and issues, identifying / Identifying HTTPS configuration and issues
- TLS/SSL configuration, scanning with SSLScan / Scanning TLS/SSL configuration with SSLScan
- TLS/SSL configuration, scanning with SSLyze / Scanning TLS/SSL configuration with SSLyze
- TLS/SSL configuration, testing with Nmap / Testing TLS/SSL configuration using Nmap
- Web Service Definition Language (WSDL) file / Introducing SOAP and REST web services
- web services
- Simple Object Access Protocol (SOAP) / Web services
- Representational State Transfer (REST) / Web services
- WebSockets
- about / WebSockets, WebSockets
- implementing / WebSockets
- intercepting / Intercepting and modifying WebSockets
- modifying / Intercepting and modifying WebSockets
- Web Storage / Web Storage
- web vulnerability scanners
- Web Workers / Web Workers
- white box testing / The type and scope of testing
- whois command / Whois – extracting domain information
- Whois records / Whois – extracting domain information
- Wired Equivalent Privacy (WEP) authentication / Initialization Vectors
- WPScan / WPScan, WPScan
X
- XCat / XPath injection with XCat
- XML / XML and JSON
- XML External Entity (XXE) injection / The XML External Entity injection
- XMLHttpRequest (XHR) API / Building blocks of AJAX
- XMLHttpRequest (XHR) objects / Analyzing the client-side code and storage
- XML injection flaw
- about / XML injection
- XPath injection / XPath injection
- XML External Entity (XXE) injection / The XML External Entity injection
- Entity Expansion attack / The Entity Expansion attack
- XPath / XPath injection
- XPath injection
- about / XPath injection
- with XCat / XPath injection with XCat
- XSS-Sniper / XSS-Sniper
- XSSer / XSSer
- XSS flaw, exploiting
- cookie, stealing / Cookie stealing
- website, defacing / Website defacing
- key loggers / Key loggers
- user's browser, controlling with BeEF-XSS / Taking control of the user's browser with BeEF-XSS
- XSS flaws, scanning for
- about / Scanning for XSS flaws
- XSSer used / XSSer
- XSS-Sniper used / XSS-Sniper
Z
- Zed Attack Proxy (ZAP) / Zed Attack Proxy
- ZeroBank
- reference link / Other resources
- zone transfer
- using dig / Zone transfer using dig
- dig, using / Zone transfer using dig