Nicht aus der Schweiz? Besuchen Sie lehmanns.de

Web Penetration Testing with Kali Linux - Third Edition (eBook)

Explore the methods and tools of ethical hacking with Kali Linux, 3rd Edition
eBook Download: EPUB
2018
426 Seiten
Packt Publishing (Verlag)
978-1-78862-380-3 (ISBN)

Lese- und Medienproben

Web Penetration Testing with Kali Linux - Third Edition - Gilberto Nájera-Gutiérrez, Juned Ahmed Ansari
Systemvoraussetzungen
40,79 inkl. MwSt
(CHF 39,85)
Der eBook-Verkauf erfolgt durch die Lehmanns Media GmbH (Berlin) zum Preis in Euro inkl. MwSt.
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

Build your defense against web attacks with Kali Linux, including command injection flaws, crypto implementation layers, and web application security holes

Key Features

  • - Know how to set up your lab with Kali Linux
  • - Discover the core concepts of web penetration testing
  • - Get the tools and techniques you need with Kali Linux

Book Description

Web Penetration Testing with Kali Linux - Third Edition shows you how to set up a lab, helps you understand the nature and mechanics of attacking websites, and explains classical attacks in great depth. This edition is heavily updated for the latest Kali Linux changes and the most recent attacks. Kali Linux shines when it comes to client-side attacks and fuzzing in particular.

From the start of the book, you'll be given a thorough grounding in the concepts of hacking and penetration testing, and you'll see the tools used in Kali Linux that relate to web application hacking. You'll gain a deep understanding of classicalSQL, command-injection flaws, and the many ways to exploit these flaws. Web penetration testing also needs a general overview of client-side attacks, which is rounded out by a long discussion of scripting and input validation flaws.

There is also an important chapter on cryptographic implementation flaws, where we discuss the most recent problems with cryptographic layers in the networking stack.

The importance of these attacks cannot be overstated, and defending against them is relevant to most internet users and, of course, penetration testers.

At the end of the book, you'll use an automated technique called fuzzing to identify flaws in a web application. Finally, you'll gain an understanding of web application vulnerabilities and the ways they can be exploited using the tools in Kali Linux.

What you will learn

  • Learn how to set up your lab with Kali Linux
  • Understand the core concepts of web penetration testing
  • Get to know the tools and techniques you need to use with Kali Linux
  • Identify the difference between hacking a web application and network hacking
  • Expose vulnerabilities present in web servers and their applications using server-side attacks
  • Understand the different techniques used to identify the flavor of web applications
  • See standard attacks such as exploiting cross-site request forgery and cross-site scripting flaws
  • Get an overview of the art of client-side attacks
  • Explore automated attacks such as fuzzing web applications

Who this book is for

Since this book sets out to cover a large number of tools and security fields, it can work as an introduction to practical security skills for beginners in security. In addition, web programmers and also system administrators would benefit from this rigorous introduction to web penetration testing. Basic system administration skills are necessary, and the ability to read code is a must.

Gilberto Najera-Gutierrez is an experienced penetration tester currently working for one of the top security testing service providers in Australia. He obtained leading security and penetration testing certifications, namely Offensive Security Certified Professional (OSCP), EC-Council Certified Security Administrator (ECSA), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN); he also holds a Master's degree in Computer Science with specialization in Artificial Intelligence. Gilberto has been working as a penetration tester since 2013, and he has been a security enthusiast for almost 20 years. He has successfully conducted penetration tests on networks and applications of some the biggest corporations, government agencies, and financial institutions in Mexico and Australia. Juned Ahmed Ansari (@junedlive) is a cyber security researcher based out of Mumbai. He currently leads the penetration testing and offensive security team in a prodigious MNC. Juned has worked as a consultant for large private sector enterprises, guiding them on their cyber security program. He has also worked with start-ups, helping them make their final product secure. Juned has conducted several training sessions on advanced penetration testing, which were focused on teaching students stealth and evasion techniques in highly secure environments. His primary focus areas are penetration testing, threat intelligence, and application security research. He holds leading security certifications, namely GXPN, CISSP, CCSK, and CISA.
Build your defense against web attacks with Kali Linux, including command injection flaws, crypto implementation layers, and web application security holesAbout This BookKnow how to set up your lab with Kali LinuxDiscover the core concepts of web penetration testingGet the tools and techniques you need with Kali LinuxWho This Book Is ForSince this book sets out to cover a large number of tools and security fields, it can work as an introduction to practical security skills for beginners in security. In addition, web programmers and also system administrators would benefit from this rigorous introduction to web penetration testing. Basic system administration skills are necessary, and the ability to read code is a must.What You Will LearnLearn how to set up your lab with Kali LinuxUnderstand the core concepts of web penetration testingGet to know the tools and techniques you need to use with Kali LinuxIdentify the difference between hacking a web application and network hackingExpose vulnerabilities present in web servers and their applications using server-side attacksUnderstand the different techniques used to identify the flavor of web applicationsSee standard attacks such as exploiting cross-site request forgery and cross-site scripting flawsGet an overview of the art of client-side attacksExplore automated attacks such as fuzzing web applicationsIn DetailWeb Penetration Testing with Kali Linux - Third Edition shows you how to set up a lab, helps you understand the nature and mechanics of attacking websites, and explains classical attacks in great depth. This edition is heavily updated for the latest Kali Linux changes and the most recent attacks. Kali Linux shines when it comes to client-side attacks and fuzzing in particular.From the start of the book, you'll be given a thorough grounding in the concepts of hacking and penetration testing, and you'll see the tools used in Kali Linux that relate to web application hacking. You'll gain a deep understanding of classicalSQL, command-injection flaws, and the many ways to exploit these flaws. Web penetration testing also needs a general overview of client-side attacks, which is rounded out by a long discussion of scripting and input validation flaws.There is also an important chapter on cryptographic implementation flaws, where we discuss the most recent problems with cryptographic layers in the networking stack.The importance of these attacks cannot be overstated, and defending against them is relevant to most internet users and, of course, penetration testers.At the end of the book, you'll use an automated technique called fuzzing to identify flaws in a web application. Finally, you'll gain an understanding of web application vulnerabilities and the ways they can be exploited using the tools in Kali Linux.Style and approachThis step-by-step guide covers each topic with detailed practical examples. Every concept is explained with the help of illustrations using the tools available in Kali Linux.
Erscheint lt. Verlag 28.2.2018
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Schlagworte client-side attacks • client-side scripting • cryptography • Kali Linux • Penetration Testing • security • server-based attacks • web security
ISBN-10 1-78862-380-0 / 1788623800
ISBN-13 978-1-78862-380-3 / 9781788623803
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Adobe DRM)
Größe: 25,0 MB

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
CHF 34,15
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
CHF 41,95