Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Becoming the Hacker
  • Table Of Contents Toc
Becoming the Hacker

Becoming the Hacker

By : Adrian Pruteanu
5 (1)
Buy this Book
close
close
Becoming the Hacker

Becoming the Hacker

5 (1)
By: Adrian Pruteanu
Buy this Book

Overview of this book

Becoming the Hacker will teach you how to approach web penetration testing with an attacker's mindset. While testing web applications for performance is common, the ever-changing threat landscape makes security testing much more difficult for the defender. There are many web application tools that claim to provide a complete survey and defense against potential threats, but they must be analyzed in line with the security needs of each web application or service. We must understand how an attacker approaches a web application and the implications of breaching its defenses. Through the first part of the book, Adrian Pruteanu walks you through commonly encountered vulnerabilities and how to take advantage of them to achieve your goal. The latter part of the book shifts gears and puts the newly learned techniques into practice, going over scenarios where the target may be a popular content management system or a containerized application and its network. Becoming the Hacker is a clear guide to web application security from an attacker's point of view, from which both sides can benefit.
Table of Contents (17 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
1. Introduction to Attacking Web Applications
Icon
1. Introduction to Attacking Web Applications
Icon
Rules of engagement
Icon
The tester's toolkit
Icon
The attack proxy
Icon
Cloud infrastructure
Icon
Resources
Icon
Exercises
Icon
Summary
2
2. Efficient Discovery
Icon
2. Efficient Discovery
Icon
Types of assessments
Icon
Target mapping
Icon
Efficient brute-forcing
Icon
Polyglot payloads
Icon
Resources
Icon
Exercises
Icon
Summary
3
3. Low-Hanging Fruit
Icon
3. Low-Hanging Fruit
Icon
Network assessment
Icon
A better way to shell
Icon
Cleaning up
Icon
Resources
Icon
Summary
4
4. Advanced Brute-forcing
Icon
4. Advanced Brute-forcing
Icon
Password spraying
Icon
Behind seven proxies
Icon
Summary
5
5. File Inclusion Attacks
Icon
5. File Inclusion Attacks
Icon
RFI
Icon
LFI
Icon
File inclusion to remote code execution
Icon
More file upload issues
Icon
Summary
6
6. Out-of-Band Exploitation
Icon
6. Out-of-Band Exploitation
Icon
A common scenario
Icon
Command and control
Icon
Let’s Encrypt Communication
Icon
INet simulation
Icon
The confirmation
Icon
Async data exfiltration
Icon
Data inference
Icon
Summary
7
7. Automated Testing
Icon
7. Automated Testing
Icon
Extending Burp
Icon
Obfuscating code
Icon
Burp Collaborator
Icon
Summary
8
8. Bad Serialization
Icon
8. Bad Serialization
Icon
Abusing deserialization
Icon
Attacking custom protocols
Icon
Summary
9
9. Practical Client-Side Attacks
Icon
9. Practical Client-Side Attacks
Icon
SOP
Icon
Cross-origin resource sharing
Icon
XSS
Icon
CSRF
Icon
BeEF
Icon
Summary
10
10. Practical Server-Side Attacks
Icon
10. Practical Server-Side Attacks
Icon
Internal and external references
Icon
XXE attacks
Icon
Summary
11
11. Attacking APIs
Icon
11. Attacking APIs
Icon
API communication protocols
Icon
API authentication
Icon
Postman
Icon
Attack considerations
Icon
Summary
12
12. Attacking CMS
chevron up
Icon
12. Attacking CMS
Icon
Application assessment
Icon
Backdooring the code
Icon
Summary
13
13. Breaking Containers
Icon
13. Breaking Containers
Icon
Vulnerable Docker scenario
Icon
Foothold
Icon
Situational awareness
Icon
Container breakout
Icon
Summary
14
Other Books You May Enjoy
Icon
Other Books You May Enjoy
15
Leave a review - let other readers know what you think
Icon
Leave a review - let other readers know what you think
16
Index
Icon
Index

Summary

In this chapter, we took a closer look at attacking CMSs, in particular WordPress. While we did pick on WordPress quite heavily, it's important to note that similar issues and vulnerabilities can be found in its competitors' software as well. Drupal and Joomla usually come up in the CMS conversation and they're no strangers to poorly written plugins or badly configured instances.

We were able to assess a target CMS using WPScan and Arachni, and even look at options for privilege escalation or lateral movement once some access was obtained. We also looked at backdooring code to persist our access and even modifying the CMS core source files to exfiltrate cleartext credentials to our C2 server.

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Becoming the Hacker
End of Section 12
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon