Book Overview & Buying
Table Of Contents
Feedback & Rating

Kali Linux Web Penetration Testing Cookbook - Second Edition

By : Gilberto Najera-Gutierrez

5 (2)

Buy this Book

Kali Linux Web Penetration Testing Cookbook

5 (2)

By: Gilberto Najera-Gutierrez

Buy this Book

Overview of this book

Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test – from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security ?aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities.

Preface

Who this book is for

What this book covers

To get the most out of this book

Sections

Get in touch

Disclaimer

Free Chapter

Setting Up Kali Linux and the Testing Lab

Introduction

Installing VirtualBox on Windows and Linux

Creating a Kali Linux virtual machine

Updating and upgrading Kali Linux

Configuring the web browser for penetration testing

Creating a client virtual machine

Configuring virtual machines for correct communication

Getting to know web applications on a vulnerable virtual machine

Reconnaissance

Introduction

Passive reconnaissance

Using Recon-ng to gather information

Scanning and identifying services with Nmap

Identifying web application firewalls

Identifying HTTPS encryption parameters

Using the browser's developer tools to analyze and alter basic behavior

Obtaining and modifying cookies

Taking advantage of robots.txt

Using Proxies, Crawlers, and Spiders

Introduction

Finding files and folders with DirBuster

Finding files and folders with ZAP

Using Burp Suite to view and alter requests

Using Burp Suite's Intruder to find files and folders

Using the ZAP proxy to view and alter requests

Using ZAP spider

Using Burp Suite to spider a website

Repeating requests with Burp Suite's repeater

Using WebScarab

Identifying relevant files and directories from crawling results

Testing Authentication and Session Management

Introduction

Username enumeration

Dictionary attack on login pages with Burp Suite

Brute forcing basic authentication with Hydra

Attacking Tomcat's passwords with Metasploit

Manually identifying vulnerabilities in cookies

Attacking a session fixation vulnerability

Evaluating the quality of session identifiers with Burp Sequencer

Abusing insecure direct object references

Performing a Cross-Site Request Forgery attack

Cross-Site Scripting and Client-Side Attacks

Introduction

Bypassing client-side controls using the browser

Identifying Cross-Site Scripting vulnerabilities

Obtaining session cookies through XSS

Exploiting DOM XSS

Man-in-the-Browser attack with XSS and BeEF

Extracting information from web storage

Testing WebSockets with ZAP

Using XSS and Metasploit to get a remote shell

Exploiting Injection Vulnerabilities

Introduction

Looking for file inclusions

Abusing file inclusions and uploads

Manually identifying SQL injection

Step-by-step error-based SQL injections

Identifying and exploiting blind SQL injections

Finding and exploiting SQL injections with SQLMap

Exploiting an XML External Entity injection

Detecting and exploiting command injection vulnerabilities

Exploiting Platform Vulnerabilities

Introduction

Exploiting Heartbleed vulnerability using Exploit-DB

Executing commands by exploiting Shellshock

Creating and capturing a reverse shell with Metasploit

Privilege escalation on Linux

Privilege escalation on Windows

Using Tomcat Manager to execute code

Cracking password hashes with John the Ripper by using a dictionary

Cracking password hashes via Brute Force using Hashcat

Using Automated Scanners

Introduction

Scanning with Nikto

Considerations when doing automated scanning

Finding vulnerabilities with Wapiti

Using OWASP ZAP to scan for vulnerabilities

Scanning with Skipfish

Finding vulnerabilities in WordPress with WPScan

Finding vulnerabilities in Joomla with JoomScan

Scanning Drupal with CMSmap

Bypassing Basic Security Controls

Introduction

Basic input validation bypass in Cross-Site Scripting attacks

Exploiting Cross-Site Scripting using obfuscated code

Bypassing file upload restrictions

Avoiding CORS restrictions in web services

Using Cross-Site Scripting to bypass CSRF protection and CORS restrictions

Exploiting HTTP parameter pollution

Exploiting vulnerabilities through HTTP headers

Mitigation of OWASP Top 10 Vulnerabilities

Introduction

A1 – Preventing injection attacks

A2 – Building proper authentication and session management

A3 – Protecting sensitive data

A4 – Using XML external entities securely

A5 – Securing access control

A6 – Basic security configuration guide

A7 – Preventing Cross-Site Scripting

A8 – Implementing object serialization and deserialization

A9 – Where to look for known vulnerabilities on third-party components

A10 – Logging and monitoring for web applications' security

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 (2)

5 star

100%

4 star

3 star

2 star

1 star

Basic input validation bypass in Cross-Site Scripting attacks

One of the most common ways in which developers perform input validation is by blacklisting certain characters of words in information provided by users. The main drawback of this blacklisting approach is that elements that may be used in an attack are often missed because new vectors are found every day.

In this recipe, we will illustrate some methods for bypassing a weak implementation of a blacklisting validation.

How to do it...

We will start with DVWA in our vulnerable VM and set the security level to medium. Also, set Burp Suite as proxy for the browser:

First, let's take a look at how the vulnerable page behaves at this security level. As shown in the...

Tech Concepts

Programming languages

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Kali Linux Web Penetration Testing Cookbook

Your notes and bookmarks

Kali Linux Web Penetration Testing Cookbook - Second Edition

By : Gilberto Najera-Gutierrez

Kali Linux Web Penetration Testing Cookbook

By: Gilberto Najera-Gutierrez

Overview of this book

Confirmation

Buy this book with your credits?

Submit Your Feedback

Create a Free Account To Continue Reading

Sign in to activate your 7-day free access