Book Image

Kali Linux Web Penetration Testing Cookbook - Second Edition

By : Gilberto Najera-Gutierrez
Book Image

Kali Linux Web Penetration Testing Cookbook - Second Edition

By: Gilberto Najera-Gutierrez

Overview of this book

Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test – from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security ?aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities.

Related Content you might be interested in

Current Title:

Small book image
Kali Linux Web Penetration Testing Cookbook - Second Edition
Gilberto Najera-Gutierrez
Aug, 2018 | 404 pages
Small book image
Web Penetration Testing with Kali Linux
Gilberto NajeraGutierrez | Juned Ahmed Ansari
Feb, 2018 | 426 pages
Small book image
Hands-On Application Penetration Testing with Burp Suite
Carlos A Lozano | Riyaz Ahemed Walikar | Dhruv Shah
Feb, 2019 | 366 pages
Small book image
Burp Suite Cookbook.
Dr Sunny Wear
Sep, 2018 | 358 pages
Table of Contents (12 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Disclaimer
Free Chapter
1
Setting Up Kali Linux and the Testing Lab
Setting Up Kali Linux and the Testing Lab
Introduction
Installing VirtualBox on Windows and Linux
Creating a Kali Linux virtual machine
Updating and upgrading Kali Linux
Configuring the web browser for penetration testing
Creating a client virtual machine
Configuring virtual machines for correct communication
Getting to know web applications on a vulnerable virtual machine
2
Reconnaissance
Reconnaissance
Introduction
Passive reconnaissance
Using Recon-ng to gather information
Scanning and identifying services with Nmap
Identifying web application firewalls
Identifying HTTPS encryption parameters
Using the browser's developer tools to analyze and alter basic behavior
Obtaining and modifying cookies
Taking advantage of robots.txt
3
Using Proxies, Crawlers, and Spiders
Using Proxies, Crawlers, and Spiders
Introduction
Finding files and folders with DirBuster
Finding files and folders with ZAP
Using Burp Suite to view and alter requests
Using Burp Suite's Intruder to find files and folders
Using the ZAP proxy to view and alter requests
Using ZAP spider
Using Burp Suite to spider a website
Repeating requests with Burp Suite's repeater
Using WebScarab
Identifying relevant files and directories from crawling results
4
Testing Authentication and Session Management
Testing Authentication and Session Management
Introduction
Username enumeration
Dictionary attack on login pages with Burp Suite
Brute forcing basic authentication with Hydra
Attacking Tomcat's passwords with Metasploit
Manually identifying vulnerabilities in cookies
Attacking a session fixation vulnerability
Evaluating the quality of session identifiers with Burp Sequencer
Abusing insecure direct object references
Performing a Cross-Site Request Forgery attack
5
Cross-Site Scripting and Client-Side Attacks
Cross-Site Scripting and Client-Side Attacks
Introduction
Bypassing client-side controls using the browser
Identifying Cross-Site Scripting vulnerabilities
Obtaining session cookies through XSS
Exploiting DOM XSS
Man-in-the-Browser attack with XSS and BeEF
Extracting information from web storage
Testing WebSockets with ZAP
Using XSS and Metasploit to get a remote shell
6
Exploiting Injection Vulnerabilities
Exploiting Injection Vulnerabilities
Introduction
Looking for file inclusions
Abusing file inclusions and uploads
Manually identifying SQL injection
Step-by-step error-based SQL injections
Identifying and exploiting blind SQL injections
Finding and exploiting SQL injections with SQLMap
Exploiting an XML External Entity injection
Detecting and exploiting command injection vulnerabilities
7
Exploiting Platform Vulnerabilities
Exploiting Platform Vulnerabilities
Introduction
Exploiting Heartbleed vulnerability using Exploit-DB
Executing commands by exploiting Shellshock
Creating and capturing a reverse shell with Metasploit
Privilege escalation on Linux
Privilege escalation on Windows
Using Tomcat Manager to execute code
Cracking password hashes with John the Ripper by using a dictionary
Cracking password hashes via Brute Force using Hashcat
8
Using Automated Scanners
Using Automated Scanners
Introduction
Scanning with Nikto
Considerations when doing automated scanning
Finding vulnerabilities with Wapiti
Using OWASP ZAP to scan for vulnerabilities
Scanning with Skipfish
Finding vulnerabilities in WordPress with WPScan
Finding vulnerabilities in Joomla with JoomScan
Scanning Drupal with CMSmap
9
Bypassing Basic Security Controls
Bypassing Basic Security Controls
Introduction
Basic input validation bypass in Cross-Site Scripting attacks
Exploiting Cross-Site Scripting using obfuscated code
Bypassing file upload restrictions
Avoiding CORS restrictions in web services
Using Cross-Site Scripting to bypass CSRF protection and CORS restrictions
Exploiting HTTP parameter pollution
Exploiting vulnerabilities through HTTP headers
10
Mitigation of OWASP Top 10 Vulnerabilities
Mitigation of OWASP Top 10 Vulnerabilities
Introduction
A1 – Preventing injection attacks
A2 – Building proper authentication and session management
A3 – Protecting sensitive data
A4 – Using XML external entities securely
A5 – Securing access control
A6 – Basic security configuration guide
A7 – Preventing Cross-Site Scripting
A8 – Implementing object serialization and deserialization
A9 – Where to look for known vulnerabilities on third-party components
A10 – Logging and monitoring for web applications' security
11
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

To get the most out of this book

To successfully follow all of the recipes in this book, the reader is recommended to have a basic understanding of the following topics:

  • Linux OS installation
  • Unix/Linux command-line usage
  • HTML language
  • PHP web application programming

The only hardware necessary is a personal computer, preferably with Kali Linux 2.0 installed, although it may have any other operating system capable of running VirtualBox or other virtualization software. As for specifications, the recommended setup is:

  • Intel i5, i7, or a similar CPU
  • 500 GB on the hard drive
  • 8 GB on RAM
  • An internet connection

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

  1. Log in or register at www.packtpub.com.
  2. Select the SUPPORT tab.
  3. Click on Code Downloads & Errata.
  4. Enter the name of the book in the Search box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

  • WinRAR/7-Zip for Windows
  • Zipeg/iZip/UnRarX for Mac
  • 7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Kali-Linux-Web-Penetration-Testing-Cookbook-Second-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Let's test the communication; we are going to ping vm_ 1 from our Kali Linux."

A block of code is set as follows:

<html>
<script>
function submit_form()
{
 document.getElementById('form1').submit();
}
</script>

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

<html>
<script>
function submit_form()
{
 document.getElementById('form1').submit();
}
</script>

Any command-line input or output is written as follows:

# sudo apt-get update

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Select System info from the Administration panel."

Warnings or important notes appear like this.
Tips and tricks appear like this.
Previous Section
Next Section