Book Image

Becoming the Hacker

By : Adrian Pruteanu
Book Image

Becoming the Hacker

By: Adrian Pruteanu

Overview of this book

Becoming the Hacker will teach you how to approach web penetration testing with an attacker's mindset. While testing web applications for performance is common, the ever-changing threat landscape makes security testing much more difficult for the defender. There are many web application tools that claim to provide a complete survey and defense against potential threats, but they must be analyzed in line with the security needs of each web application or service. We must understand how an attacker approaches a web application and the implications of breaching its defenses. Through the first part of the book, Adrian Pruteanu walks you through commonly encountered vulnerabilities and how to take advantage of them to achieve your goal. The latter part of the book shifts gears and puts the newly learned techniques into practice, going over scenarios where the target may be a popular content management system or a containerized application and its network. Becoming the Hacker is a clear guide to web application security from an attacker's point of view, from which both sides can benefit.

Related Content you might be interested in

Current Title:

Small book image
Becoming the Hacker
Adrian Pruteanu
Jan, 2019 | 404 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Hands-On Application Penetration Testing with Burp Suite
Carlos A Lozano | Riyaz Ahemed Walikar | Dhruv Shah
Feb, 2019 | 366 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Table of Contents (18 chapters)
Becoming the Hacker
Becoming the Hacker
Contributors
Contributors
Preface
Preface
Free Chapter
1
Introduction to Attacking Web Applications
Introduction to Attacking Web Applications
Rules of engagement
The tester's toolkit
The attack proxy
Cloud infrastructure
Resources
Exercises
Summary
2
Efficient Discovery
Efficient Discovery
Types of assessments
Target mapping
Efficient brute-forcing
Polyglot payloads
Resources
Exercises
Summary
3
Low-Hanging Fruit
Low-Hanging Fruit
Network assessment
A better way to shell
Cleaning up
Resources
Summary
4
Advanced Brute-forcing
Advanced Brute-forcing
Password spraying
Behind seven proxies
Summary
5
File Inclusion Attacks
File Inclusion Attacks
RFI
LFI
File inclusion to remote code execution
More file upload issues
Summary
6
Out-of-Band Exploitation
Out-of-Band Exploitation
A common scenario
Command and control
Let’s Encrypt Communication
INet simulation
The confirmation
Async data exfiltration
Data inference
Summary
7
Automated Testing
Automated Testing
Extending Burp
Obfuscating code
Burp Collaborator
Summary
8
Bad Serialization
Bad Serialization
Abusing deserialization
Attacking custom protocols
Summary
9
Practical Client-Side Attacks
Practical Client-Side Attacks
SOP
Cross-origin resource sharing
XSS
CSRF
BeEF
Summary
10
Practical Server-Side Attacks
Practical Server-Side Attacks
Internal and external references
XXE attacks
Summary
11
Attacking APIs
Attacking APIs
API communication protocols
API authentication
Postman
Attack considerations
Summary
12
Attacking CMS
Attacking CMS
Application assessment
Backdooring the code
Summary
13
Breaking Containers
Breaking Containers
Vulnerable Docker scenario
Foothold
Situational awareness
Container breakout
Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

API authentication

Decoupling brings about a few more challenges when it comes to authentication and authorization. It's not uncommon to have an API that does not require authentication, but the chances are some web services you'll encounter will require their clients to authenticate in one way or another.

So, how do we achieve authentication with APIs? This process is not that different from a typical application. At its core, authentication requires that you provide something you know and, optionally, something you have, which corresponds to a record in the API's database. If that something you know and something you have is a secret and only the holder of this information, presumably, has access to it, the API can be reasonably sure that the client providing this information is given access. The API now only needs to track this particular client, since HTTP is stateless.

Traditional web applications will accept authentication data (something you know, along with a username and password...

Previous Section
End of Section 3
Next Section