Penetration Testing with Perl

Harness the power of Perl to perform professional penetration testing

Penetration Testing with Perl

Progressing
Douglas Berdeaux

Harness the power of Perl to perform professional penetration testing
$26.99
$44.99
RRP $26.99
RRP $44.99
eBook
Print + eBook
$12.99 p/month

Get Access

Get Unlimited Access to every Packt eBook and Video course

Enjoy full and instant access to over 3000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

Book Details

ISBN 139781783283453
Paperback332 pages

About This Book

  • Write your own custom information security tools using Perl and object-oriented Perl modules
  • Apply powerful Perl Regular Expression syntax to finely tune intelligence gathering techniques
  • Develop a clear understanding of how common attacking tools can function during a penetration test

Who This Book Is For

If you are an expert Perl programmer interested in penetration testing or information security, this guide is designed for you. However, it will also be helpful for you even if you have little or no Linux shell experience.

Table of Contents

Chapter 1: Perl Programming
Files
Regular expressions
Perl string functions and operators
CPAN Perl modules
CPAN minus
Summary
Chapter 2: Linux Terminal Output
Built-in bash commands
Input/output streams
Killing runaway forked processes
Summary
Chapter 3: IEEE 802.3 Wired Network Mapping with Perl
Footprinting
Internet footprinting
Common tools for scanning
Designing our own live host scanner
Summary
Chapter 4: IEEE 802.3 Wired Network Manipulation with Perl
Packet capturing
MitM
Enabling packet forwarding
Network remapping with packet capture
Summary
Chapter 5: IEEE 802.11 Wireless Protocol and Perl
802.11 terminologies and packet analysis
Linux wireless utilities
802.11 packet capturing with Perl
Writing an 802.11 protocol analyzer in Perl
Perl and Aircrack-ng
Summary
Chapter 6: Open Source Intelligence
What's covered
Google dorks
E-mail address gathering
Domain Name Services
More intelligence
Summary
Chapter 7: SQL Injection with Perl
Web service discovery
SQL injection
MySQL post exploitation
Data-driven blind SQL injection
Time-based blind SQL injection
Summary
Chapter 8: Other Web-based Attacks
Cross-site scripting
File inclusion vulnerability discovery
Content management systems
Summary
Chapter 9: Password Cracking
Digital credential analysis
Cracking SHA1 and MD5
WPA2 passphrase cracking with Perl
Cracking ZIP file passwords
Summary
Chapter 10: Metadata Forensics
Metadata and Exif
Metadata extractor
Summary
Chapter 11: Social Engineering with Perl
Psychology
Perl Linux/Unix viruses
Spear phishing
Summary
Chapter 12: Reporting
Who is this for?
Documenting with Perl
Logging data to MySQL
HTML reporting
Summary
Chapter 13: Perl/Tk
Event-driven programming
Explaining the Perl/Tk widgets
Widgets and the grid
The GUI host discovery tool
A tabbed GUI environment
Summary

What You Will Learn

  • Develop your knowledge on the methodology, legality, and ethics involved in penetration testing
  • Utilize Linux OS, shell, and networking utilities using Perl
  • Manipulate and capture LAN network traffic in modern switched environments
  • Apply Perl to the Aircrack-ng suite
  • Combine external, internal, and Internet footprinting, and open source intelligence gathering
  • Perform web penetration testing and automation, including Local and Remote File Inclusion, SQL injection, cross-site scripting, and CMS vulnerability analysis
  • Stabilize your tests by using patterns such as Action Wrapper and Black Hole Proxy

In Detail

This guide will teach you the fundamentals of penetration testing with Perl, providing an understanding of the mindset of a hacker. In the first few chapters, you will study how to utilize Perl with Linux and the regular expression syntax. After that, you will learn how to use Perl for WAN target analysis, and Internet and external footprinting. You will learn to use Perl for automated web application and site penetration testing. We also cover intelligence gathering techniques from data obtained from footprinting and simple file forensics with file metadata.

By the end of this book, you will bring all of your code together into a simple graphical user interface penetration testing framework. Through this guide, you will have acquired the knowledge to apply Perl programming to any penetration testing phase and learn the importance of applying our technique in the methodology and context of the Penetration Testing Execution Standard.

Authors

Table of Contents

Chapter 1: Perl Programming
Files
Regular expressions
Perl string functions and operators
CPAN Perl modules
CPAN minus
Summary
Chapter 2: Linux Terminal Output
Built-in bash commands
Input/output streams
Killing runaway forked processes
Summary
Chapter 3: IEEE 802.3 Wired Network Mapping with Perl
Footprinting
Internet footprinting
Common tools for scanning
Designing our own live host scanner
Summary
Chapter 4: IEEE 802.3 Wired Network Manipulation with Perl
Packet capturing
MitM
Enabling packet forwarding
Network remapping with packet capture
Summary
Chapter 5: IEEE 802.11 Wireless Protocol and Perl
802.11 terminologies and packet analysis
Linux wireless utilities
802.11 packet capturing with Perl
Writing an 802.11 protocol analyzer in Perl
Perl and Aircrack-ng
Summary
Chapter 6: Open Source Intelligence
What's covered
Google dorks
E-mail address gathering
Domain Name Services
More intelligence
Summary
Chapter 7: SQL Injection with Perl
Web service discovery
SQL injection
MySQL post exploitation
Data-driven blind SQL injection
Time-based blind SQL injection
Summary
Chapter 8: Other Web-based Attacks
Cross-site scripting
File inclusion vulnerability discovery
Content management systems
Summary
Chapter 9: Password Cracking
Digital credential analysis
Cracking SHA1 and MD5
WPA2 passphrase cracking with Perl
Cracking ZIP file passwords
Summary
Chapter 10: Metadata Forensics
Metadata and Exif
Metadata extractor
Summary
Chapter 11: Social Engineering with Perl
Psychology
Perl Linux/Unix viruses
Spear phishing
Summary
Chapter 12: Reporting
Who is this for?
Documenting with Perl
Logging data to MySQL
HTML reporting
Summary
Chapter 13: Perl/Tk
Event-driven programming
Explaining the Perl/Tk widgets
Widgets and the grid
The GUI host discovery tool
A tabbed GUI environment
Summary

Book Details

ISBN 139781783283453
Paperback332 pages
Read More

Recommended for You

Catalyst 5.8: the Perl MVC Framework
$ 23.99
WS-BPEL 2.0 Beginner's Guide
$ 32.99
BPEL pour les services web : Deuxième Edition [French]
$ 55.99
Business Process Execution Language for Web Services 2nd Edition
$ 21.00