Web Penetration Testing with Kali Linux - Second Edition

Купить бумажную книгу и читать

Купить бумажную книгу

По кнопке выше можно купить бумажные варианты этой книги и похожих книг на сайте интернет-магазина "Лабиринт".

Using the button above you can buy paper versions of this book and similar books on the website of the "Labyrinth" online store.

Название: Web Penetration Testing with Kali Linux - Second Edition

Автор: Juned Ahmed Ansari

Издательство: Packt Publishing

Год: 2015

Страниц: 314

Язык: English

Формат: pdf

Размер: 11 mb

Kali Linux 2.0 is the new generation of the industry-leading BackTrack Linux penetration testing and security auditing Linux distribution. It contains several hundred tools aimed at various information security tasks such as penetration testing, forensics, and reverse engineering.

At the beginning of the book, you will be introduced to the concepts of hacking and penetration testing and will get to know about the tools used in Kali Linux 2.0 that relate to web application hacking. Then, you will gain a deep understanding of SQL and command injection flaws and ways to exploit the flaws. Moving on, you will get to know more about scripting and input validation flaws, AJAX, and the security issues related to AJAX.

At the end of the book, you will use an automated technique called fuzzing to be able to identify flaws in a web application. Finally, you will understand the web application vulnerabilities and the ways in which they can be exploited using the tools in Kali Linux 2.0.

What You Will Learn

Set up your lab with Kali Linux 2.0

Identify the difference between hacking a web application and network hacking

Understand the different techniques used to identify the flavor of web applications

Expose vulnerabilities present in web servers and their applications using server-side attacks

Use SQL and cross-site scripting (XSS) attacks

Check for XSS flaws using the burp suite proxy

Find out about the mitigation techniques used to negate the effects of the Injection and Blind SQL attacks

Дата создания страницы: