Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kali Linux Web Penetration Testing Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Kali Linux Web Penetration Testing Cookbook

Kali Linux Web Penetration Testing Cookbook - Second Edition

By : Gilberto Najera-Gutierrez
5 (2)
Buy this Book
close
close
Kali Linux Web Penetration Testing Cookbook

Kali Linux Web Penetration Testing Cookbook

5 (2)
By: Gilberto Najera-Gutierrez
Buy this Book

Overview of this book

Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test – from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security ?aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Sections
Icon
Get in touch
Icon
Disclaimer
Lock Free Chapter
1
Setting Up Kali Linux and the Testing Lab
Icon
Setting Up Kali Linux and the Testing Lab
Icon
Introduction
Icon
Installing VirtualBox on Windows and Linux
Icon
Creating a Kali Linux virtual machine
Icon
Updating and upgrading Kali Linux
Icon
Configuring the web browser for penetration testing
Icon
Creating a client virtual machine
Icon
Configuring virtual machines for correct communication
Icon
Getting to know web applications on a vulnerable virtual machine
2
Reconnaissance
Icon
Reconnaissance
Icon
Introduction
Icon
Passive reconnaissance
Icon
Using Recon-ng to gather information
Icon
Scanning and identifying services with Nmap
Icon
Identifying web application firewalls
Icon
Identifying HTTPS encryption parameters
Icon
Using the browser's developer tools to analyze and alter basic behavior
Icon
Obtaining and modifying cookies
Icon
Taking advantage of robots.txt
3
Using Proxies, Crawlers, and Spiders
Icon
Using Proxies, Crawlers, and Spiders
Icon
Introduction
Icon
Finding files and folders with DirBuster
Icon
Finding files and folders with ZAP
Icon
Using Burp Suite to view and alter requests
Icon
Using Burp Suite's Intruder to find files and folders
Icon
Using the ZAP proxy to view and alter requests
Icon
Using ZAP spider
Icon
Using Burp Suite to spider a website
Icon
Repeating requests with Burp Suite's repeater
Icon
Using WebScarab
Icon
Identifying relevant files and directories from crawling results
4
Testing Authentication and Session Management
chevron up
Icon
Testing Authentication and Session Management
Icon
Introduction
Icon
Username enumeration
Icon
Dictionary attack on login pages with Burp Suite
Icon
Brute forcing basic authentication with Hydra
Icon
Attacking Tomcat's passwords with Metasploit
Icon
Manually identifying vulnerabilities in cookies
Icon
Attacking a session fixation vulnerability
Icon
Evaluating the quality of session identifiers with Burp Sequencer
Icon
Abusing insecure direct object references
Icon
Performing a Cross-Site Request Forgery attack
5
Cross-Site Scripting and Client-Side Attacks
Icon
Cross-Site Scripting and Client-Side Attacks
Icon
Introduction
Icon
Bypassing client-side controls using the browser
Icon
Identifying Cross-Site Scripting vulnerabilities
Icon
Obtaining session cookies through XSS
Icon
Exploiting DOM XSS
Icon
Man-in-the-Browser attack with XSS and BeEF
Icon
Extracting information from web storage
Icon
Testing WebSockets with ZAP
Icon
Using XSS and Metasploit to get a remote shell
6
Exploiting Injection Vulnerabilities
Icon
Exploiting Injection Vulnerabilities
Icon
Introduction
Icon
Looking for file inclusions
Icon
Abusing file inclusions and uploads
Icon
Manually identifying SQL injection
Icon
Step-by-step error-based SQL injections
Icon
Identifying and exploiting blind SQL injections
Icon
Finding and exploiting SQL injections with SQLMap
Icon
Exploiting an XML External Entity injection
Icon
Detecting and exploiting command injection vulnerabilities
7
Exploiting Platform Vulnerabilities
Icon
Exploiting Platform Vulnerabilities
Icon
Introduction
Icon
Exploiting Heartbleed vulnerability using Exploit-DB
Icon
Executing commands by exploiting Shellshock
Icon
Creating and capturing a reverse shell with Metasploit
Icon
Privilege escalation on Linux
Icon
Privilege escalation on Windows
Icon
Using Tomcat Manager to execute code
Icon
Cracking password hashes with John the Ripper by using a dictionary
Icon
Cracking password hashes via Brute Force using Hashcat
8
Using Automated Scanners
Icon
Using Automated Scanners
Icon
Introduction
Icon
Scanning with Nikto
Icon
Considerations when doing automated scanning
Icon
Finding vulnerabilities with Wapiti
Icon
Using OWASP ZAP to scan for vulnerabilities
Icon
Scanning with Skipfish
Icon
Finding vulnerabilities in WordPress with WPScan
Icon
Finding vulnerabilities in Joomla with JoomScan
Icon
Scanning Drupal with CMSmap
9
Bypassing Basic Security Controls
Icon
Bypassing Basic Security Controls
Icon
Introduction
Icon
Basic input validation bypass in Cross-Site Scripting attacks
Icon
Exploiting Cross-Site Scripting using obfuscated code
Icon
Bypassing file upload restrictions
Icon
Avoiding CORS restrictions in web services
Icon
Using Cross-Site Scripting to bypass CSRF protection and CORS restrictions
Icon
Exploiting HTTP parameter pollution
Icon
Exploiting vulnerabilities through HTTP headers
10
Mitigation of OWASP Top 10 Vulnerabilities
Icon
Mitigation of OWASP Top 10 Vulnerabilities
Icon
Introduction
Icon
A1 – Preventing injection attacks
Icon
A2 – Building proper authentication and session management
Icon
A3 – Protecting sensitive data
Icon
A4 – Using XML external entities securely
Icon
A5 – Securing access control
Icon
A6 – Basic security configuration guide
Icon
A7 – Preventing Cross-Site Scripting
Icon
A8 – Implementing object serialization and deserialization
Icon
A9 – Where to look for known vulnerabilities on third-party components
Icon
A10 – Logging and monitoring for web applications' security
11
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Introduction

When the information managed by an application is not meant to be public, a mechanism is required to verify that a user is allowed to see certain data; this is called authentication. The most common authentication method in web applications nowadays is the use of a username or identifier and a secret password combination.

HTTP is a stateless protocol, which means it treats all requests as unique and doesn't have a way of relating two as belonging to the same user, so the application also requires a way of distinguishing requests from different users and allowing them to perform tasks that may require a series of requests performed by the same user and multiple users connected at the same time. This is called session management. Session identifiers in cookies are the most used session management method in modern web applications, although bearer tokens (values...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Kali Linux Web Penetration Testing Cookbook
End of Section 4
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon