Book Image

Learn Penetration Testing

By : Rishalin Pillay
Book Image

Learn Penetration Testing

By: Rishalin Pillay

Overview of this book

Sending information via the internet is not entirely private, as evidenced by the rise in hacking, malware attacks, and security threats. With the help of this book, you'll learn crucial penetration testing techniques to help you evaluate enterprise defenses. You'll start by understanding each stage of pentesting and deploying target virtual machines, including Linux and Windows. Next, the book will guide you through performing intermediate penetration testing in a controlled environment. With the help of practical use cases, you'll also be able to implement your learning in real-world scenarios. By studying everything from setting up your lab, information gathering and password attacks, through to social engineering and post exploitation, you'll be able to successfully overcome security threats. The book will even help you leverage the best tools, such as Kali Linux, Metasploit, Burp Suite, and other open source pentesting tools to perform these techniques. Toward the later chapters, you'll focus on best practices to quickly resolve security threats. By the end of this book, you'll be well versed with various penetration testing techniques so as to be able to tackle security threats effectively
Table of Contents (21 chapters)
Free Chapter
1
Section 1: The Basics
4
Section 2: Exploitation
12
Section 3: Post Exploitation
16
Section 4: Putting It All Together

Common web application attacks

Web application attacks and vectors are progressing at a rapid pace. With the volume of people using the internet, businesses have to adapt and leverage complex web applications to provide services to customers or even employees. Having these on the internet obviously exposes them to risks. Most businesses take security seriously and, with the use of various software development life cycles, there are some really secure web applications out there.

Nevertheless, as security measures become stronger, so do the attacks. Over and above the attacks becoming more sophisticated, there is human error that comes into the equation. All it takes is a piece of poorly written code to exploit the web application.

In this section, we will consider a few of the common web application attacks that exist today.

...