Web penetration testing with Kali Linux : a practical guide to implementing penetration testing strategies on websites, web applications, and standard web protocols with Kali Linux / Joseph Muniz, Aamir Lakhani.

Format:

Book

Author/Creator:

Muniz, Joseph.

Contributor:

Lakhani, Aamir.

Series:

Community Experience Distilled

Language:

English

Subjects (All):

Computer networks--Security measures.

Computer networks.

Web sites--Testing.

Web sites.

Web sites--Evaluation.

Physical Description:

1 online resource (342 p.)

Edition:

1st edition

Place of Publication:

Birmingham, England : Packt Publishing, 2013.

Language Note:

English

System Details:

Mode of access: World Wide Web.

text file

Summary:

Testing web security is best done through simulating an attack. Kali Linux lets you do this to professional standards and this is the book you need to be fully up-to-speed with this powerful open-source toolkit. Learn key reconnaissance concepts needed as a penetration tester Attack and exploit key features, authentication, and sessions on web applications Learn how to protect systems, write reports, and sell web penetration testing services In Detail Kali Linux is built for professional penetration testing and security auditing. It is the next-generation of BackTrack, the most popular open-source penetration toolkit in the world. Readers will learn how to think like real attackers, exploit systems, and expose vulnerabilities. Even though web applications are developed in a very secure environment and have an intrusion detection system and firewall in place to detect and prevent any malicious activity, open ports are a pre-requisite for conducting online business. These ports serve as an open door for attackers to attack these applications. As a result, penetration testing becomes essential to test the integrity of web-applications. Web Penetration Testing with Kali Linux is a hands-on guide that will give you step-by-step methods on finding vulnerabilities and exploiting web applications. "Web Penetration Testing with Kali Linux" looks at the aspects of web penetration testing from the mind of an attacker. It provides real-world, practical step-by-step instructions on how to perform web penetration testing exercises. You will learn how to use network reconnaissance to pick your targets and gather information. Then, you will use server-side attacks to expose vulnerabilities in web servers and their applications. Client attacks will exploit the way end users use web applications and their workstations. You will also learn how to use open source tools to write reports and get tips on how to sell penetration tests and look out for common pitfalls. On the completion of this book, you will have the skills needed to use Kali Linux for web penetration tests and expose vulnerabilities on web applications and clients that access them.

Contents:

Intro

Web Penetration Testing with Kali Linux

Table of Contents

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers and more

Why Subscribe?

Free Access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

1. Penetration Testing and Setup

Web application Penetration Testing concepts

Penetration Testing methodology

Calculating risk

Kali Penetration Testing concepts

Step 1 - Reconnaissance

Step 2 - Target evaluation

Step 3 - Exploitation

Step 4 - Privilege Escalation

Step 5 - maintaining a foothold

Introducing Kali Linux

Kali system setup

Running Kali Linux from external media

Installing Kali Linux

Kali Linux and VM image first run

Kali toolset overview

Summary

2. Reconnaissance

Reconnaissance objectives

Initial research

Company website

Web history sources

Regional Internet Registries (RIRs)

Electronic Data Gathering, Analysis, and Retrieval (EDGAR)

Social media resources

Trust

Job postings

Location

Shodan

Google hacking

Google Hacking Database

Researching networks

HTTrack - clone a website

ICMP Reconnaissance techniques

DNS Reconnaissance techniques

DNS target identification

Maltego - Information Gathering graphs

Nmap

FOCA - website metadata Reconnaissance

3. Server-side Attacks

Vulnerability assessment

Webshag

Skipfish

ProxyStrike

Vega

Owasp-Zap

Websploit

Exploitation

Metasploit

w3af

Exploiting e-mail systems

Brute-force attacks

Hydra

DirBuster

WebSlayer

Cracking passwords

John the Ripper.

Man-in-the-middle

SSL strip

Starting the attack - redirection

Setting up port redirection using Iptables

4. Client-side Attacks

Social engineering

Social Engineering Toolkit (SET)

Using SET to clone and attack

MitM Proxy

Host scanning

Host scanning with Nessus

Installing Nessus on Kali

Using Nessus

Obtaining and cracking user passwords

Windows passwords

Mounting Windows

Linux passwords

Kali password cracking tools

Johnny

hashcat and oclHashcat

samdump2

chntpw

Ophcrack

Crunch

Other tools available in Kali

Hash-identifier

dictstat

RainbowCrack (rcracki_mt)

findmyhash

phrasendrescher

CmosPwd

creddump

5. Attacking Authentication

Attacking session management

Clickjacking

Hijacking web session cookies

Web session tools

Firefox plugins

Firesheep - Firefox plugin

Web Developer - Firefox plugin

Greasemonkey - Firefox plugin

Cookie Injector - Firefox plugin

Cookies Manager+ - Firefox plugin

Cookie Cadger

Wireshark

Hamster and Ferret

Man-in-the-middle attack

dsniff and arpspoof

Ettercap

Driftnet

SQL Injection

sqlmap

Cross-site scripting (XSS)

Testing cross-site scripting

XSS cookie stealing / Authentication hijacking

Other tools

urlsnarf

acccheck

hexinject

Patator

DBPwAudit

6. Web Attacks

Browser Exploitation Framework - BeEF

FoxyProxy - Firefox plugin

BURP Proxy

OWASP - ZAP

SET password harvesting

Fimap

Denial of Services (DoS)

THC-SSL-DOS

Scapy

Slowloris

Low Orbit Ion Cannon

DNSCHEF

SniffJoke

Siege

Inundator

TCPReplay

7. Defensive Countermeasures

Testing your defenses

Baseline security

STIG

Patch management

Password policies

Mirror your environment.

HTTrack

Other cloning tools

Man-in-the-middle defense

SSL strip defense

Denial of Service defense

Cookie defense

Clickjacking defense

Digital forensics

Kali Forensics Boot

Filesystem analysis with Kali

dc3dd

Other forensics tools in Kali

chkrootkit

Autopsy

Binwalk

pdf-parser

Foremost

Pasco

Scalpel

bulk_extractor

8. Penetration Test Executive Report

Compliance

Industry standards

Professional services

Documentation

Report format

Cover page

Confidentiality statement

Document control

Timeline

Executive summary

Methodology

Detailed testing procedures

Summary of findings

Vulnerabilities

Network considerations and recommendations

Appendices

Glossary

Statement of Work (SOW)

External Penetration Testing

Additional SOW material

Kali reporting tools

Dradis

KeepNote

Maltego CaseFile

MagicTree

CutyCapt

Sample reports

Index.

Notes:

"Community expertise distilled"--Cover.

Includes index.

Includes bibliographical references and index.

Description based on online resource; title from PDF title page (ebrary, viewed October 18, 2013).

ISBN:

9781782163176

1782163174

OCLC:

859388541