Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning Python Web Penetration Testing
  • Table Of Contents Toc
  • Feedback & Rating feedback
Learning Python Web Penetration Testing

Learning Python Web Penetration Testing

By : Christian Martorella
4.3 (33)
Buy this Book
close
close
Learning Python Web Penetration Testing

Learning Python Web Penetration Testing

4.3 (33)
By: Christian Martorella
Buy this Book

Overview of this book

Web penetration testing is the use of tools and code to attack a website or web app in order to assess its vulnerability to external threats. While there are an increasing number of sophisticated, ready-made tools to scan systems for vulnerabilities, the use of Python allows you to write system-specific scripts, or alter and extend existing testing tools to find, exploit, and record as many security weaknesses as possible. Learning Python Web Penetration Testing will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for each activity throughout the process. The book begins by emphasizing the importance of knowing how to write your own tools with Python for web application penetration testing. You will then learn to interact with a web application using Python, understand the anatomy of an HTTP request, URL, headers and message body, and later create a script to perform a request, and interpret the response and its headers. As you make your way through the book, you will write a web crawler using Python and the Scrappy library. The book will also help you to develop a tool to perform brute force attacks in different parts of the web application. You will then discover more on detecting and exploiting SQL injection vulnerabilities. By the end of this book, you will have successfully created an HTTP proxy based on the mitmproxy tool.
Table of Contents (9 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Introduction to Web Application Penetration Testing
Icon
Introduction to Web Application Penetration Testing
Icon
Understanding the web application penetration testing process
Icon
Typical web application toolkit
Icon
Testing environment
Icon
Summary
2
Interacting with Web Applications
chevron up
Icon
Interacting with Web Applications
Icon
HTTP protocol basics
Icon
Anatomy of an HTTP request
Icon
Interacting with a web app using the requests library
Icon
Analyzing HTTP responses
Icon
Summary
3
Web Crawling with Scrapy – Mapping the Application
Icon
Web Crawling with Scrapy – Mapping the Application
Icon
Web application mapping
Icon
Creating our own crawler/spider with Scrapy
Icon
Making our crawler recursive
Icon
Scraping interesting stuff
Icon
Summary
4
Resources Discovery
Icon
Resources Discovery
Icon
What is resource discovery?
Icon
Building our first BruteForcer
Icon
Analysing the results
Icon
Adding more information
Icon
Taking screenshots of the findings
Icon
Summary
5
Password Testing
Icon
Password Testing
Icon
How password attacks work
Icon
Our first password BruteForcer
Icon
Adding support for digest authentication
Icon
Form-based authentication
Icon
Summary
6
Detecting and Exploiting SQL Injection Vulnerabilities
Icon
Detecting and Exploiting SQL Injection Vulnerabilities
Icon
Introduction to SQL injection
Icon
Detecting SQL injection issues
Icon
Exploiting a SQL injection to extract data
Icon
Advanced SQLi exploiting
Icon
Summary
7
Intercepting HTTP Requests
Icon
Intercepting HTTP Requests
Icon
HTTP proxy anatomy
Icon
Introduction to mitmproxy
Icon
Manipulating HTTP requests
Icon
Automating SQLi in mitmproxy
Icon
Summary
8
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Interacting with Web Applications

In the previous chapter, we learned about the web application security process and why it is important to test application security. In this chapter, we'll take a look at the following topics:

  • HTTP protocol basics
  • Anatomy of an HTTP request
  • Interacting with a web app using the requests library
  • Analyzing HTTP responses
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Learning Python Web Penetration Testing
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon