Book Image

Becoming the Hacker

By : Adrian Pruteanu
Book Image

Becoming the Hacker

By: Adrian Pruteanu

Overview of this book

Becoming the Hacker will teach you how to approach web penetration testing with an attacker's mindset. While testing web applications for performance is common, the ever-changing threat landscape makes security testing much more difficult for the defender. There are many web application tools that claim to provide a complete survey and defense against potential threats, but they must be analyzed in line with the security needs of each web application or service. We must understand how an attacker approaches a web application and the implications of breaching its defenses. Through the first part of the book, Adrian Pruteanu walks you through commonly encountered vulnerabilities and how to take advantage of them to achieve your goal. The latter part of the book shifts gears and puts the newly learned techniques into practice, going over scenarios where the target may be a popular content management system or a containerized application and its network. Becoming the Hacker is a clear guide to web application security from an attacker's point of view, from which both sides can benefit.

Related Content you might be interested in

Current Title:

Small book image
Becoming the Hacker
Adrian Pruteanu
Jan, 2019 | 404 pages
Small book image
Metasploit Penetration Testing Cookbook
Monika Agarwal | Abhinav Singh | Nipun Jaswal | Daniel Teixeira
Feb, 2018 | 426 pages
Small book image
Hands-On Application Penetration Testing with Burp Suite
Carlos A Lozano | Riyaz Ahemed Walikar | Dhruv Shah
Feb, 2019 | 366 pages
Small book image
Kali Linux Web Penetration Testing Cookbook
Gilberto NajeraGutierrez
Aug, 2018 | 404 pages
Table of Contents (18 chapters)
Becoming the Hacker
Becoming the Hacker
Contributors
Contributors
Preface
Preface
Free Chapter
1
Introduction to Attacking Web Applications
Introduction to Attacking Web Applications
Rules of engagement
The tester's toolkit
The attack proxy
Cloud infrastructure
Resources
Exercises
Summary
2
Efficient Discovery
Efficient Discovery
Types of assessments
Target mapping
Efficient brute-forcing
Polyglot payloads
Resources
Exercises
Summary
3
Low-Hanging Fruit
Low-Hanging Fruit
Network assessment
A better way to shell
Cleaning up
Resources
Summary
4
Advanced Brute-forcing
Advanced Brute-forcing
Password spraying
Behind seven proxies
Summary
5
File Inclusion Attacks
File Inclusion Attacks
RFI
LFI
File inclusion to remote code execution
More file upload issues
Summary
6
Out-of-Band Exploitation
Out-of-Band Exploitation
A common scenario
Command and control
Let’s Encrypt Communication
INet simulation
The confirmation
Async data exfiltration
Data inference
Summary
7
Automated Testing
Automated Testing
Extending Burp
Obfuscating code
Burp Collaborator
Summary
8
Bad Serialization
Bad Serialization
Abusing deserialization
Attacking custom protocols
Summary
9
Practical Client-Side Attacks
Practical Client-Side Attacks
SOP
Cross-origin resource sharing
XSS
CSRF
BeEF
Summary
10
Practical Server-Side Attacks
Practical Server-Side Attacks
Internal and external references
XXE attacks
Summary
11
Attacking APIs
Attacking APIs
API communication protocols
API authentication
Postman
Attack considerations
Summary
12
Attacking CMS
Attacking CMS
Application assessment
Backdooring the code
Summary
13
Breaking Containers
Breaking Containers
Vulnerable Docker scenario
Foothold
Situational awareness
Container breakout
Summary
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think
Index
Index

INet simulation

To keep things simple, we will use INetSim to emulate a variety of network services. It quickly sets up listeners for a slew of known ports and even provides default responses using the appropriate protocol. For example, an FTP service can be started, which will accept any credentials and will allow the connectee to interact with the service: upload, download, list files, and so on.

Note

INetSim binaries, source, and documentation is available on http://www.inetsim.org/.

INetSim is frequently used on closed networks to fake C2 servers for malware, and to capture valuable data. We can leverage the same INetSim tool to quickly setup a simple infrastructure that will handle connections from our targets, with the added benefit of producing a report of each session.

On our Debian VM instance in the cloud, we can add the official package repository for a quick install using the following echo command:

root@spider-c2-1:~# echo "deb http://www.inetsim.org/debian/binary/" > /etc/apt...
Previous Section
End of Section 5
Next Section