Web Penetration Testing with Kali Linux - Second Edition

Build your defense against web attacks with Kali Linux 2.0
Preview in Mapt
Code Files

Web Penetration Testing with Kali Linux - Second Edition

Juned Ahmed Ansari

1 customer reviews
Build your defense against web attacks with Kali Linux 2.0

Quick links: > What will you learn?> Table of content> Product reviews

Mapt Subscription
FREE
$29.99/m after trial
eBook
$28.00
RRP $39.99
Save 29%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$28.00
$49.99
$29.99 p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 14 Day Trial

Frequently bought together


Web Penetration Testing with Kali Linux - Second Edition Book Cover
Web Penetration Testing with Kali Linux - Second Edition
$ 39.99
$ 28.00
Kali Linux Web Penetration Testing Cookbook Book Cover
Kali Linux Web Penetration Testing Cookbook
$ 39.99
$ 28.00
Buy 2 for $35.00
Save $44.98
Add to Cart

Book Details

ISBN 139781783988525
Paperback312 pages

Book Description

Kali Linux 2.0 is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. It contains several hundred tools aimed at various information security tasks such as penetration testing, forensics, and reverse engineering.

At the beginning of the book, you will be introduced to the concepts of hacking and penetration testing and will get to know about the tools used in Kali Linux 2.0 that relate to web application hacking. Then, you will gain a deep understanding of SQL and command injection flaws and ways to exploit the flaws. Moving on, you will get to know more about scripting and input validation flaws, AJAX, and the security issues related to AJAX.

At the end of the book, you will use an automated technique called fuzzing to be able to identify flaws in a web application. Finally, you will understand the web application vulnerabilities and the ways in which they can be exploited using the tools in Kali Linux 2.0.

Table of Contents

Chapter 1: Introduction to Penetration Testing and Web Applications
Proactive security testing
Rules of engagement
The limitations of penetration testing
The need for testing web applications
Social engineering attacks
A web application overview for penetration testers
Summary
Chapter 2: Setting up Your Lab with Kali Linux
Kali Linux
Important tools in Kali Linux
Using Tor for penetration testing
Summary
Chapter 3: Reconnaissance and Profiling the Web Server
Reconnaissance
Scanning – probing the target
Summary
Chapter 4: Major Flaws in Web Applications
Information leakage
Authentication issues
Path traversal
Injection-based flaws
Cross-site scripting
Cross-site request forgery
Session-based flaws
File inclusion vulnerability
HTTP parameter pollution
HTTP response splitting
Summary
Chapter 5: Attacking the Server Using Injection-based Flaws
Command injection
SQL injection
Summary
Chapter 6: Exploiting Clients Using XSS and CSRF Flaws
The origin of cross-site scripting
An overview of cross-site scripting
Types of cross-site scripting
XSS and JavaScript – a deadly combination
Scanning for XSS flaws
Cross-site request forgery
Summary
Chapter 7: Attacking SSL-based Websites
Secure socket layer
Summary
Chapter 8: Exploiting the Client Using Attack Frameworks
Social engineering attacks
Social engineering toolkit
Spear-phishing attack
Website attack
Browser exploitation framework
Summary
Chapter 9: AJAX and Web Services – Security Issues
Introduction to AJAX
Web services
Summary
Chapter 10: Fuzzing Web Applications
Fuzzing basics
Types of fuzzing techniques
Summary

What You Will Learn

  • Set up your lab with Kali Linux 2.0
  • Identify the difference between hacking a web application and network hacking
  • Understand the different techniques used to identify the flavor of web applications
  • Expose vulnerabilities present in web servers and their applications using server-side attacks
  • Use SQL and cross-site scripting (XSS) attacks
  • Check for XSS flaws using the burp suite proxy
  • Find out about the mitigation techniques used to negate the effects of the Injection and Blind SQL attacks

Authors

Table of Contents

Chapter 1: Introduction to Penetration Testing and Web Applications
Proactive security testing
Rules of engagement
The limitations of penetration testing
The need for testing web applications
Social engineering attacks
A web application overview for penetration testers
Summary
Chapter 2: Setting up Your Lab with Kali Linux
Kali Linux
Important tools in Kali Linux
Using Tor for penetration testing
Summary
Chapter 3: Reconnaissance and Profiling the Web Server
Reconnaissance
Scanning – probing the target
Summary
Chapter 4: Major Flaws in Web Applications
Information leakage
Authentication issues
Path traversal
Injection-based flaws
Cross-site scripting
Cross-site request forgery
Session-based flaws
File inclusion vulnerability
HTTP parameter pollution
HTTP response splitting
Summary
Chapter 5: Attacking the Server Using Injection-based Flaws
Command injection
SQL injection
Summary
Chapter 6: Exploiting Clients Using XSS and CSRF Flaws
The origin of cross-site scripting
An overview of cross-site scripting
Types of cross-site scripting
XSS and JavaScript – a deadly combination
Scanning for XSS flaws
Cross-site request forgery
Summary
Chapter 7: Attacking SSL-based Websites
Secure socket layer
Summary
Chapter 8: Exploiting the Client Using Attack Frameworks
Social engineering attacks
Social engineering toolkit
Spear-phishing attack
Website attack
Browser exploitation framework
Summary
Chapter 9: AJAX and Web Services – Security Issues
Introduction to AJAX
Web services
Summary
Chapter 10: Fuzzing Web Applications
Fuzzing basics
Types of fuzzing techniques
Summary

Book Details

ISBN 139781783988525
Paperback312 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Kali Linux Web Penetration Testing Cookbook Book Cover
Kali Linux Web Penetration Testing Cookbook
$ 39.99
$ 28.00
Kali Linux Wireless Penetration Testing Essentials Book Cover
Kali Linux Wireless Penetration Testing Essentials
$ 27.99
$ 19.60
Mastering Kali Linux Wireless Pentesting Book Cover
Mastering Kali Linux Wireless Pentesting
$ 39.99
$ 28.00
Python Web Penetration Testing Cookbook Book Cover
Python Web Penetration Testing Cookbook
$ 35.99
$ 25.20
Learning Penetration Testing with Python Book Cover
Learning Penetration Testing with Python
$ 39.99
$ 28.00
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition Book Cover
Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition
$ 35.99
$ 25.20