Search icon Close icon
Search icon
Subscription
0
Cart icon
Close icon
You have no products in your basket yet
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Practical Web Penetration Testing

You're reading from  Practical Web Penetration Testing

Product type Book
Published in Jun 2018
Publisher Packt
ISBN-13 9781788624039
Pages 294 pages
Edition 1st Edition
Languages
Concepts
Author (1):
Gus Khawaja Gus Khawaja
Profile icon Gus Khawaja
LinkedIn
Gus Khawaja holds a bachelor's degree in computer science. He specializes in IT security and ethical hacking. He is an author and shares his passion with millions of viewers around the world using his online courses. He also works as a cybersecurity consultant in Montreal, Canada. After many years of experience in programming, he turned his attention to cybersecurity and the importance that security brings to this minefield. His passion for the ethical hacking mixed with his background in programming and IT makes him a wise swiss-knife professional in the computer science domain.
See other products by Gus Khawaja

Table of Contents (18) Chapters

Preface 1. Building a Vulnerable Web Application Lab 2. Kali Linux Installation 3. Delving Deep into the Usage of Kali Linux 4. All About Using Burp Suite 5. Understanding Web Application Vulnerabilities 6. Application Security Pre-Engagement 7. Application Threat Modeling 8. Source Code Review 9. Network Penetration Testing 10. Web Intrusion Tests 11. Pentest Automation Using Python 12. Nmap Cheat Sheet 13. Metasploit Cheat Sheet 14. Netcat Cheat Sheet 15. Networking Reference Section 16. Python Quick Reference 17. Other Books You May Enjoy

Delving Deep into the Usage of Kali Linux

I have been so excited to write this chapter and share all of the information that you will need to master the usage of Kali Linux. A lot of the content in this chapter will be common among Debian Linux distributions, and by the end of the chapter, you will be able to handle Kali Linux with ease, like a real hacker. Speaking of hackers, it's good to know that Kali Linux is used by both black hat hackers and professional penetration testers. I've always used it during my engagements, and I occasionally (but rarely) use Microsoft Windows OS.

Kali Linux contains tons of tools dedicated to penetration testing, and it would be a big challenge to get used to all of them at once. In this chapter, I will show you my most often used commands. I keep them with me when I'm on an engagement, in order to manipulate the operating system...

The Kali filesystem structure

The first thing that you need to start to understand is the Kali Linux filesystem structure, which is based on the Debian distribution filesystem. If you have used Microsoft Windows OS before, then the Linux structure will be a bit similar to it. For example, Windows starts with the C:\ directory, while the Linux OS starts with /, which is called the root directory.

The root directory (/) and the root home directory (/root) that you use in Kali are not the same. The latter is used as a home directory for the root user.

In Kali, we always use the root user to log in to our machine, and that means that you have no limits to what you can do in the OS. Every single piece in the Linux system is based on files; it's okay to look around, but be careful if you decide to change any of the configuration files.

The directory structure in Kali is based on...

Handling applications and packages

Kali Linux packages are stored in repositories and downloaded to the system to ensure the integrity of the package. Make sure to always update the system, as mentioned in the previous chapter. The repository configuration file is located at /etc/apt/sources.list. Make sure that this file is not empty (it will be if you didn't choose the network mirror option during the installation process); if it is, your Kali will not update.

The Advanced Packaging Tool

The Advanced Packaging Tool (APT) is used for installing or upgrading packages, along with all of the required dependencies. The APT can also be used to upgrade a complete distribution of Kali:

  • apt-get update or apt update: This command...

Handling the filesystem in Kali

I could write a whole book for this section, but I will do my best to show you the commands that you're going to need in your arsenal as a penetration tester.

Before I start listing all of the commands, I would like to share a unique command-line utility that you'll need to master before starting with any of the utilities in this chapter. You can probably guess it; it's called the Help switch! This option will give you a handful of information regarding the command that you are going to execute.

For example, if you want to list the contents of a directory and you're not sure of the options for the command, all you need to do is append the --help switch, and you can visualize all of the possible functionalities of the command:

Are you ready? This is going to be a long list (a sort of cheat sheet). Let's start:

  • To list the...

Security management

Managing users in Kali is not an everyday task, but you will probably use it occasionally. Personally, I rarely use the following commands, but sometimes, you might need to handle user management:

  • To add a user with sudo capabilities in Kali, use the following command:
useradd -m [username] -G sudo -s /bin/bash
  • If you're logged in and you want to elevate your privilege to a root user, try this command:
su - [desired root user name]
  • If you're logged in and you want to execute a root command, use the following:
sudo [application name]
  • To change the root (or any user's) password, use the following:
passwd [user name]
  • The shadow file is important in Kali, because it stores the hashed passwords and some useful information about users. For example, I created a user called gus on Kali, so, to get his information, I should execute the following...

Secure shell protocol

Secure shell (SSH) protocol is a network protocol that is used to establish an encrypted communication between a server and a client, using the TCP protocol. The SSH service is TCP-based, and listens, by default, on port 22. In general, a public-private key pair allows users to log in to a system without requiring a password. The public key is present on all systems that require a secure connection, while the user keeps the private key in a secure place. On the target systems, the public key is verified against a list of authorized keys that are allowed to remotely access the server. SSH can be compromised when the public key is not cryptographically strong enough, and can be guessed.

  • To start the ssh service, use the following:
service ssh start
  • To check whether the service is running properly, use the following:
netstat -antp|grep sshd
# or
service ssh...

Configuring network services in Kali

I'm doing my best to show you the necessary commands in each section. You don't need to know all of the commands for managing network services in Kali, but you are surely going to use some of them. In this section, I will show you my favorite commands related to the network services in Kali Linux.

To operate Kali properly, you need to ensure that it has connectivity to either a wired or a wireless network. You may need to obtain an IP address through Dynamic Host Configuration Protocol (DHCP), or assign one statically.

The first important command is ifconfig, which you will use to check the IP address on your Kali machine:

You can see my Kali IP address, 10.0.0.197, after executing this command (in the preceding screenshot). Also, you need to pay attention to the network interface names—eth0 represents the Ethernet cable,...

Process management commands

In general, Kali Linux is a stable system. However, things may occasionally go wrong, and sometimes, we will wish to tweak the system to better suit our needs. In this section, we will take a brief look at how we can manage processes on a Kali Linux system.

Htop utility

Before I start listing all of the built-in commands for managing the processes in Kali, there is a handy tool that I always use. Unfortunately, it's not preinstalled on Kali. It's called htop. This command-line tool lists all of the running processes in the Terminal window, in a nice, user-friendly layout:

#To install it
apt-get install htop
# To execute it
htop
Through using htop, I can see that I have a memory issue which...

System info commands

This section will be very useful in the post-exploitation phase.

Suppose that you just escalated your privileges on a Linux box; how can you know if you're really an admin? Just execute the id command, and you'll get the results. Don't underestimate this section! Review it carefully, and see the commands that you can take advantage of during the post-exploitation phase on a Linux machine:

  • To show the current host uptime, use the following:
uptime
  • To show who's logged in, use the following:
w
whoami
  • To show who you are (as a user), use the following:
id
  • To display information about a user, use the following:
finger [user name]
  • To show kernel information, use the following:
uname -a
  • To show CPU information, use the following:
cat /proc/cpuinfo
  • To show memory information, use the following:
cat /proc/meminfo
  • To show disk usage...

Summary

Another chapter has been completed. You are now smarter than you were yesterday. So many commands, right? Don't worry; you don't need to memorize all of these commands. You can always come back to this chapter and use it as a reference for your Terminal window ninja skills.

As you may have realized, I get straight to the point, without wasting your time on useless information and nitty-gritty details that you will never use in your career. I hope that you enjoyed this chapter, and that you learned something new, so that you can start using your Kali Linux baby machine.

lock icon The rest of the chapter is locked
arrow left Previous Chapter
Chapter 1 of 18
Next Chapter arrow right
You have been reading a chapter from
Practical Web Penetration Testing
Published in: Jun 2018 Publisher: Packt ISBN-13: 9781788624039
© 2018 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime}

Authors (1)

Profile icon Gus Khawaja
LinkedIn
Gus Khawaja holds a bachelor's degree in computer science. He specializes in IT security and ethical hacking. He is an author and shares his passion with millions of viewers around the world using his online courses. He also works as a cybersecurity consultant in Montreal, Canada. After many years of experience in programming, he turned his attention to cybersecurity and the importance that security brings to this minefield. His passion for the ethical hacking mixed with his background in programming and IT makes him a wise swiss-knife professional in the computer science domain.
Read more
See other products by Gus Khawaja

Other recommended products

Related to this chapter
Left arrow icon
Burp Suite Cookbook
Burp Suite Cookbook
The purpose of the Burp Suite Cookbook is to provide web application penetration testers with hands-on examples of how to use Burp Suite to perform web assessments. The book gives detailed screenshots demonstrating how to perform various attacks in Burp including Cross-site Scripting (XSS), SQL Injection, Cross-site Request Forgery, XML External Entity (XXE), and many more.
Sep 2018 11 hours 56 minutes
Network Scanning Cookbook
Network Scanning Cookbook
Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.
Sep 2018 10 hours 8 minutes
Hands-On Application Penetration Testing with Burp Suite
Hands-On Application Penetration Testing with Burp Suite
Using Burp Suite, you can quickly build proof of concepts, extract data via an exploit, attack multiple end points in an application and even begin to script complex multi stage attacks. This book will provide a hands-on coverage on how you can get started with executing an application penetration test and be sure of the results.
Feb 2019 12 hours 12 minutes
Kali Linux Cookbook
Kali Linux Cookbook
Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world’s most popular penetration testing distribution. Kali Linux is the most widely used platform and toolkit for penetration testing. Security is currently the hottest field in technology with a projected need for millions of security professionals. This book focuses on enhancing your knowledge in Kali Linux for security by expanding your skills with toolkits and frameworks that can increase your value as a security professional.
Sep 2017 14 hours 36 minutes
Learning Python Web Penetration Testing
Learning Python Web Penetration Testing
This book will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for every main activity in the process. It will show you how to test for security vulnerabilities in web applications just like security professionals and hackers do.
Jun 2018 4 hours 36 minutes
Metasploit for Beginners
Metasploit for Beginners
Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.
Jul 2017 6 hours 20 minutes
Metasploit 5.0 for Beginners
Metasploit 5.0 for Beginners
Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.
Apr 2020 8 hours 12 minutes
ASP.NET Core 5 Secure Coding Cookbook
ASP.NET Core 5 Secure Coding Cookbook
There are various ways to fix an ASP.NET Core web application security flaw. However, very few books share expert advice relating to which approaches work best for ASP.NET Core apps – unlike this book. The ASP.NET Core Secure Coding Cookbook is your guide to tackling the most common ASP.NET Core web application vulnerabilities.
Jul 2021 10 hours 48 minutes
Learn Penetration Testing
Learn Penetration Testing
A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.
May 2019 14 hours 8 minutes
Kali Linux Web Penetration Testing Cookbook
Kali Linux Web Penetration Testing Cookbook
Kali Linux is the most popular open-source penetration toolkit used for effective web penetration testing. This book will teach you, in the form of step-by-step recipes, how to detect a wide array of vulnerabilities, exploit them to analyze their consequences, and ultimately buffer attackable surfaces so applications are more secure.
Aug 2018 13 hours 28 minutes
Learn Kali Linux 2019
Learn Kali Linux 2019
The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.
Nov 2019 18 hours 20 minutes
Mastering Kali Linux for Advanced Penetration Testing
Mastering Kali Linux for Advanced Penetration Testing
Mastering Kali Linux for Advanced Penetration Testing, Third Edition will guide you through proven techniques to test your infrastructure security using Kali Linux. From selecting the most effective tools to carrying out advanced pentesting in highly secure environments, this book will help you gain the expertise you need to advance in your career.
Jan 2019 18 hours 16 minutes
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Attacking and Exploiting Modern Web Applications
Attacking and Exploiting Modern Web Applications
Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.
Aug 2023 11 hours 16 minutes
Automotive Cybersecurity Engineering Handbook
Automotive Cybersecurity Engineering Handbook
This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.
Oct 2023 13 hours 4 minutes
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide
This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.
Aug 2023 16 hours 32 minutes
Cloud Penetration Testing for Red Teamers
Cloud Penetration Testing for Red Teamers
The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.
Nov 2023 9 hours 56 minutes
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide
ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.
Sep 2023 10 hours 32 minutes
Burp Suite Cookbook
Burp Suite Cookbook
Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.
Oct 2023 15 hours 0 minutes
Building and Automating Penetration Testing Labs in the Cloud
Building and Automating Penetration Testing Labs in the Cloud
This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.
Oct 2023 18 hours 44 minutes
Ethical Hacking Workshop
Ethical Hacking Workshop
As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.
Oct 2023 7 hours 20 minutes
Windows Forensics Analyst Field Guide
Windows Forensics Analyst Field Guide
This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.
Oct 2023 10 hours 36 minutes
Implementing DevSecOps Practices
Implementing DevSecOps Practices
This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.
Dec 2023 8 hours 36 minutes
Right arrow icon