第1页 / 共641页
第2页 / 共641页
第3页 / 共641页
第4页 / 共641页
第5页 / 共641页
第6页 / 共641页
第7页 / 共641页
第8页 / 共641页
Kali_Linux_Web_Penetration_Testing_Cookbook.pdf
Kali Linux Web Penetration Testing Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Setting Up Kali Linux
Introduction
Updating and upgrading Kali Linux
Getting ready
How to do it...
How it works...
There's more...
Installing and running OWASP Mantra
Getting ready
How to do it...
See also
Setting up the Iceweasel browser
How to do it...
How it works...
There's more...
Installing VirtualBox
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a vulnerable virtual machine
How to do it...
How it works...
See also
Creating a client virtual machine
How to do it...
How it works...
See also
Configuring virtual machines for correct communication
Getting ready
How to do it...
How it works...
Getting to know web applications on a vulnerable VM
Getting ready
How to do it...
How it works...
2. Reconnaissance
Introduction
Scanning and identifying services with Nmap
Getting ready
How to do it...
How it works...
There's more...
See also
Identifying a web application firewall
How to do it...
How it works...
Watching the source code
Getting ready
How to do it...
How it works...
Using Firebug to analyze and alter basic behavior
Getting ready
How to do it...
How it works...
There's more...
Obtaining and modifying cookies
Getting ready
How to do it...
How it works...
Taking advantage of robots.txt
How to do it...
How it works...
Finding files and folders with DirBuster
Getting ready
How to do it...
How it works...
Password profiling with CeWL
How to do it...
How it works...
See also
Using John the Ripper to generate a dictionary
Getting ready
How to do it...
How it works...
There's more...
Finding files and folders with ZAP
Getting ready
How to do it...
How it works...
See also
3. Crawlers and Spiders
Introduction
Downloading a page for offline analysis with Wget
Getting ready
How to do it...
How it works...
There's more...
Downloading the page for offline analysis with HTTrack
Getting ready
How to do it...
How it works...
There's more...
Using ZAP's spider
Getting ready
How to do it...
How it works...
There's more...
Using Burp Suite to crawl a website
Getting ready
How to do it...
How it works...
Repeating requests with Burp's repeater
Getting ready
How to do it...
How it works...
Using WebScarab
Getting ready
How to do it...
How it works...
Identifying relevant files and directories from crawling results
How to do it...
How it works...
4. Finding Vulnerabilities
Introduction
Using Hackbar add-on to ease parameter probing
Getting ready
How to do it...
How it works...
Using Tamper Data add-on to intercept and modify requests
How to do it...
How it works...
Using ZAP to view and alter requests
Getting ready
How to do it...
How it works...
Using Burp Suite to view and alter requests
Getting ready
How to do it...
How it works...
Identifying cross-site scripting (XSS) vulnerabilities
How to do it...
How it works...
There's more...
Identifying error based SQL injection
How to do it...
How it works...
There's more...
Identifying a blind SQL Injection
How to do it...
How it works...
See also
Identifying vulnerabilities in cookies
How to do it
How it works...
There's more...
Obtaining SSL and TLS information with SSLScan
How to do it...
How it works...
There's more...
See also
Looking for file inclusions
How to do it...
How it works...
There's more...
Identifying POODLE vulnerability
Getting ready
How to do it...
How it works...
See also
5. Automated Scanners
Introduction
Scanning with Nikto
How to do it...
How it works...
Finding vulnerabilities with Wapiti
How to do it...
How it works...
Using OWASP ZAP to scan for vulnerabilities
Getting ready
How to do it...
How it works...
There's more...
Scanning with w3af
How to do it...
How it works...
There's more...
Using Vega scanner
How to do it...
How it works...
Finding Web vulnerabilities with Metasploit's Wmap
Getting ready
How to do it...
How it works...
6. Exploitation – Low Hanging Fruits
Introduction
Abusing file inclusions and uploads
Getting ready
How to do it...
How it works...
There's more...
Exploiting OS Command Injections
How to do it...
How it works...
Exploiting an XML External Entity Injection
Getting ready
How to do it...
How it works...
There's more...
See also
Brute-forcing passwords with THC-Hydra
Getting ready
How to do it...
How it works...
There's more...
Dictionary attacks on login pages with Burp Suite
Getting ready
How to do it...
How it works...
There's more...
Obtaining session cookies through XSS
Getting ready
How to do it...
How it works...
There's more...
Step by step basic SQL Injection
How to do it...
How it works...
Finding and exploiting SQL Injections with SQLMap
How to do it...
How it works...
There's more...
See also
Attacking Tomcat's passwords with Metasploit
Getting ready
How to do it...
How it works...
See also
Using Tomcat Manager to execute code
How to do it...
How it works...
7. Advanced Exploitation
Introduction
Searching Exploit-DB for a web server's vulnerabilities
How to do it...
How it works...
There's more...
See also
Exploiting Heartbleed vulnerability
Getting ready
How to do it...
How it works...
Exploiting XSS with BeEF
Getting ready
How to do it...
How it works...
There's more...
Exploiting a Blind SQLi
Getting ready
How to do it...
How it works...
There's more...
Using SQLMap to get database information
How to do it...
How it works...
Performing a cross-site request forgery attack
Getting ready
How to do it...
Executing commands with Shellshock
How to do it...
How it works...
There's more...
Cracking password hashes with John the Ripper by using a dictionary
How to do it...
How it works...
Cracking password hashes by brute force using oclHashcat/cudaHashcat
Getting ready
How to do it...
How it works...
8. Man in the Middle Attacks
Introduction
Setting up a spoofing attack with Ettercap
Getting ready
How to do it...
How it works...
Being the MITM and capturing traffic with Wireshark
Getting ready
How to do it...
How it works...
See also
Modifying data between the server and the client
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up an SSL MITM attack
How to do it...
How it works...
See also
Obtaining SSL data with SSLsplit
Getting ready
How to do it...
How it works...
Performing DNS spoofing and redirecting traffic
Getting ready
How to do it...
How it works...
See also
9. Client-Side Attacks and Social Engineering
Introduction
Creating a password harvester with SET
How to do it...
How it works...
Using previously saved pages to create a phishing site
Getting ready
How to do it...
How it works...
Creating a reverse shell with Metasploit and capturing its connections
How to do it...
How it works...
Using Metasploit's browser_autpwn2 to attack a client
How to do it...
How it works...
Attacking with BeEF
Getting ready
How to do it...
How it works...
Tricking the user to go to our fake site
How to do it...
How it works...
There's more...
See also
10. Mitigation of OWASP Top 10
Introduction
A1 – Preventing injection attacks
How to do it...
How it works...
See also
A2 – Building proper authentication and session management
How to do it...
How it works...
See also
A3 – Preventing cross-site scripting
How to do it...
How it works...
See also
A4 – Preventing Insecure Direct Object References
How to do it...
How it works...
A5 – Basic security configuration guide
How to do it...
How it works...
A6 – Protecting sensitive data
How to do it...
How it works...
A7 – Ensuring function level access control
How to do it...
How it works...
A8 – Preventing CSRF
How to do it...
How it works...
See also
A9 – Where to look for known vulnerabilities on third-party components
How to do it...
How it works...
A10 – Redirect validation
How to do it...
How it works...
Index
Kali Linux Web Penetration Testing
Cookbook
Table of Contents
Kali Linux Web Penetration Testing Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Setting Up Kali Linux
Introduction
Updating and upgrading Kali Linux
Getting ready
How to do it…
How it works…
There’s more…
Installing and running OWASP Mantra
Getting ready
How to do it…
See also
Setting up the Iceweasel browser
How to do it…
How it works…
There’s more…
Installing VirtualBox
Getting ready
How to do it…
How it works…
There’s more…
See also
Creating a vulnerable virtual machine
How to do it…
How it works…
See also
Creating a client virtual machine
How to do it…
How it works…
See also
Configuring virtual machines for correct communication
Getting ready
How to do it…
How it works…
Getting to know web applications on a vulnerable VM
Getting ready
How to do it…
How it works…
2. Reconnaissance
Introduction
Scanning and identifying services with Nmap
Getting ready
How to do it…
How it works…
There’s more…
See also
Identifying a web application firewall
How to do it…
How it works…
Watching the source code
Getting ready
How to do it…
How it works…
Using Firebug to analyze and alter basic behavior
Getting ready
How to do it…
How it works…
There’s more…
Obtaining and modifying cookies
Getting ready
How to do it…
How it works…
Taking advantage of robots.txt
How to do it…
How it works…
Finding files and folders with DirBuster
Getting ready
How to do it…
How it works…
Password profiling with CeWL
How to do it…
How it works…
See also
Using John the Ripper to generate a dictionary
Getting ready
How to do it…
How it works…
There’s more…
Finding files and folders with ZAP
Getting ready
How to do it…
How it works…
See also
3. Crawlers and Spiders
Introduction
Downloading a page for offline analysis with Wget
Getting ready
How to do it…
How it works…
There’s more…
Downloading the page for offline analysis with HTTrack
Getting ready
How to do it…
How it works…
There’s more…
Using ZAP’s spider
Getting ready
How to do it…
How it works…
There’s more…
Using Burp Suite to crawl a website
Getting ready
How to do it…
How it works…
Repeating requests with Burp’s repeater
Getting ready
How to do it…
How it works…
Using WebScarab
Getting ready
How to do it…
How it works…
Identifying relevant files and directories from crawling results
How to do it…
How it works…
4. Finding Vulnerabilities
Introduction
Using Hackbar add-on to ease parameter probing
Getting ready
How to do it…
How it works…
Using Tamper Data add-on to intercept and modify requests
How to do it…
How it works…
Using ZAP to view and alter requests
Getting ready
How to do it…
How it works…
Using Burp Suite to view and alter requests
Getting ready
How to do it…
How it works…
Identifying cross-site scripting (XSS) vulnerabilities
How to do it…
How it works…
There’s more…
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
