McPhee M. - Mastering Kali Linux for Web Penetration Testing [2017, PDF/EPUB/MOBI, ENG] +Code

Сообщение Солнышко » 28 янв 2018, 17:17

Mastering Kali Linux for Web Penetration Testing
Год издания: 2017
Автор: McPhee M.
Издательство: Packt Publishing
ISBN: 9781784395070
Язык: Английский
Качество: Издательский макет или текст (eBook)
Интерактивное оглавление: Да
Количество страниц: 338
Описание: You will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess.
By the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.
What You Will Learn
- Establish a fully-featured sandbox for test rehearsal and risk-free investigation of applications
- Enlist open-source information to get a head-start on enumerating account credentials, mapping potential dependencies, and discovering unintended backdoors and exposed information
- Map, scan, and spider web applications using nmap/zenmap, nikto, arachni, webscarab, w3af, and NetCat for more accurate characterization
- Proxy web transactions through tools such as Burp Suite, OWASP's ZAP tool, and Vega to uncover application weaknesses and manipulate responses
- Deploy SQL injection, cross-site scripting, Java vulnerabilities, and overflow attacks using Burp Suite, websploit, and SQLMap to test application robustness
- Evaluate and test identity, authentication, and authorization schemes and sniff out weak cryptography before the black hats do
Table of Contents
1: Common Web Applications and Architectures
2: Guidelines for Preparation and Testing
3: Stalking Prey Through Target Recon
4: Scanning for Vulnerabilities with Arachni
5: Proxy Operations with OWASP ZAP and Burp Suite
6: Infiltrating Sessions via Cross-Site Scripting
7: Injection and Overflow Testing
8: Exploiting Trust Through Cryptography Testing
9: Stress Testing Authentication and Session Management
10: Launching Client-Side Attacks
11: Breaking the Application Logic
12: Educating the Customer and Finishing Up





Автор: Солнышко
Добавлен: 28 янв 2018, 17:17
Размер: 35.89 МБ
Размер: 37 633 126 байт
Сидеров: 25
Личеров: 8
Скачали: 0
Здоровье: 100%
Раздающих: 100%
Скорость скачивания: 0 байт/сек
Скорость раздачи: 0 байт/сек
Последний сидер: 3 дня 7 часов 42 минуты 42 секунды назад
Последний личер: 3 дня 7 часов 42 минуты 42 секунды назад
Приватный: Нет (DHT включён)
Сеть и безопасность Скачать торрент
Скачать торрент
[ Размер 12.41 КБ / Просмотров 6 ]


  • Похожие торренты
    Последнее сообщение

Вернуться в Сеть и безопасность