Kooperativer Bibliotheksverbund

UID:

Format: 1 Online-Ressource (v, 343 Seiten) : , Illustrationen, Diagramme (farbig).

Edition: First published

ISBN: 978-1-78899-528-3

Additional Edition: Erscheint auch als Druck-Ausgabe ISBN 978-1-78899-406-4

Language: English

UID:

Format: 1 online resource (356 pages)

Edition: 1st edition

ISBN: 1-78899-528-7

Content: Test, fuzz, and break web applications and services using Burp Suite's powerful capabilities Key Features Master the skills to perform various types of security tests on your web applications Get hands-on experience working with components like scanner, proxy, intruder and much more Discover the best-way to penetrate and test web applications Book Description Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks. The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application. By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite. What you will learn Set up Burp Suite and its configurations for an application penetration test Proxy application traffic from browsers and mobile devices to the server Discover and identify application security issues in various scenarios Exploit discovered vulnerabilities to execute commands Exploit discovered vulnerabilities to gain access to data in various datastores Write your own Burp Suite plugin and explore the Infiltrator module Write macros to automate tasks in Burp Suite Who this book is for If you are interested in learning how to test web applications and the web part of mobile applications using Burp, then this is the book for you. It is specifically designed to meet your needs if you have basic experience in using Burp and are now aiming to become a professional Burp user.

Additional Edition: ISBN 1-78899-406-X

Language: English

UID:

Format: 1 online resource (504 pages) : , illustrations

Edition: 1st edition

ISBN: 1-78398-217-9

Content: Over 70 recipes for system administrators or DevOps to master Kali Linux 2 and perform effective security assessments About This Book Set up a penetration testing lab to conduct a preliminary assessment of attack surfaces and run exploits Improve your testing efficiency with the use of automated vulnerability scanners Work through step-by-step recipes to detect a wide array of vulnerabilities, exploit them to analyze their consequences, and identify security anomalies Who This Book Is For This book is intended for those who want to know more about information security. In particular, it's ideal for system administrators and system architects who want to ensure that the infrastructure and systems they are creating and managing are secure. This book helps both beginners and intermediates by allowing them to use it as a reference book and to gain in-depth knowledge. What You Will Learn Understand the importance of security assessments over merely setting up and managing systems/processes Familiarize yourself with tools such as OPENVAS to locate system and network vulnerabilities Discover multiple solutions to escalate privileges on a compromised machine Identify security anomalies in order to make your infrastructure secure and further strengthen it Acquire the skills to prevent infrastructure and application vulnerabilities Exploit vulnerabilities that require a complex setup with the help of Metasploit In Detail With the increasing threats of breaches and attacks on critical infrastructure, system administrators and architects can use Kali Linux 2.0 to ensure their infrastructure is secure by finding out known vulnerabilities and safeguarding their infrastructure against unknown vulnerabilities. This practical cookbook-style guide contains chapters carefully structured in three phases ? information gathering, vulnerability assessment, and penetration testing for the web, and wired and wireless networks. It's an ideal reference guide if you're looking for a solution to a specific problem or learning how to use a tool. We provide hands-on examples of powerful tools/scripts designed for exploitation. In the final section, we cover various tools you can use during testing, and we help you create in-depth reports to impress management. We provide system engineers with steps to reproduce issues and fix them. Style and approach This practical book is full of easy-to-follow recipes with based on real-world problems faced by the authors. Each recipe is ...

Note: Cover -- Copyright -- Credits -- About the Authors -- About the Reviewers -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Getting Started - Setting Up an Environment -- Introduction -- Installing Kali Linux on Cloud - Amazon AWS -- Getting ready -- How to do it... -- How it works... -- There's more... -- Installing Kali Linux on Docker -- Getting ready -- How to do it... -- How it works... -- There's more... -- Installing NetHunter on OnePlus One -- Getting ready -- How to do it... -- How it works... -- There's more... -- Installing Kali Linux on a virtual machine -- Getting ready -- How to do it... -- How it works... -- Customizing Kali Linux for faster package updates -- Getting ready -- How to do it... -- How it works... -- Customizing Kali Linux for faster operations -- Getting ready -- How to do it... -- How it works... -- Configuring remote connectivity services - HTTP, TFTP, and SSH -- Getting ready -- How to do it... -- How it works... -- Configuring Nessus and Metasploit -- Getting ready -- How to do it... -- How it works... -- There's more... -- Configuring third-party tools -- Getting ready -- How to do it... -- How it works... -- Installing Docker on Kali Linux -- Getting ready -- How to do it... -- How it works... -- Chapter 2: Network Information Gathering -- Introduction -- Discovering live servers over the network -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- Bypassing IDS/IPS/firewall -- Getting ready -- How to do it... -- How it works... -- There's more... -- Discovering ports over the network -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also -- Using unicornscan for faster port scanning -- Getting ready -- How to do it... -- How it works... -- There's more... -- Service fingerprinting -- Getting ready. , How to do it... -- How it works... -- There's more... -- Determining the OS using nmap and xprobe2 -- Getting ready -- How to do it... -- How it works... -- There's more... -- Service enumeration -- Getting ready -- How to do it... -- How it works... -- There's more... -- Open-source information gathering -- Getting ready -- How to do it... -- How it works... -- There's more... -- Chapter 3: Network Vulnerability Assessment -- Introduction -- Using nmap for manual vulnerability assessment -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also... -- Integrating nmap with Metasploit -- Getting ready -- How to do it... -- How it works... -- There's more... -- Walkthrough of Metasploitable assessment with Metasploit -- Getting ready... -- How to do it... -- How it works... -- There's more... -- See also... -- Vulnerability assessment with OpenVAS framework -- Getting ready -- How to do it... -- How it works... -- There's more... -- PTES -- OWASP -- Web Application Hacker's Methodology -- See also... -- Chapter 4: Network Exploitation -- Introduction -- Gathering information for credential cracking -- Getting ready -- How to do it... -- Cracking FTP login using custom wordlist -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking SSH login using custom wordlist -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking HTTP logins using custom wordlist -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking MySql and PostgreSQL login using custom wordlist -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking Cisco login using custom wordlist -- Getting ready -- How to do it... -- How it works... -- There's more... -- Exploiting vulnerable services (Unix) -- Getting ready -- How to do it. , How it works... -- There's more... -- Exploiting vulnerable services (Windows) -- Getting ready -- How to do it... -- How it works... -- There's more... -- Exploiting services using exploit-db scripts -- Getting ready -- How to do it... -- How it works... -- There's more... -- Chapter 5: Web Application Information Gathering -- Introduction -- Setting up API keys for recon-ng -- Getting ready -- How to do it... -- How it works... -- Using recon-ng for reconnaissance -- Getting ready -- How to do it... -- Gathering information using theharvester -- Getting ready -- How to do it... -- How it works... -- Using DNS protocol for information gathering -- Getting ready -- How to do it... -- How it works... -- There's more... -- Web application firewall detection -- Getting ready -- How to do it... -- How it works... -- HTTP and DNS load balancer detection -- Getting ready -- How to do it... -- How it works... -- Discovering hidden files/directories using DirBuster -- Getting ready -- How to do it... -- How it works... -- CMS and plugins detection using WhatWeb and p0f -- Getting ready -- How to do it... -- How it works... -- There's more... -- Finding SSL cipher vulnerabilities -- Getting ready -- How to do it... -- How it works... -- Chapter 6: Building a Classification Model with Spark * -- Types of classification models -- Linear models -- Logistic regression -- Multinomial logistic regression -- Visualizing the StumbleUpon dataset -- Extracting features from the Kaggle/StumbleUpon evergreen classification dataset -- StumbleUponExecutor -- Linear support vector machines -- The naïve Bayes model -- Decision trees -- Ensembles of trees -- Random Forests -- Gradient-Boosted trees -- Multilayer perceptron classifier -- Extracting the right features from your data -- Training classification models. , Training a classification model on the Kaggle/StumbleUpon evergreen classification dataset -- Using classification models -- Generating predictions for the Kaggle/StumbleUpon evergreen classification dataset -- Evaluating the performance of classification models -- Accuracy and prediction error -- Precision and recall -- ROC curve and AUC -- Improving model performance and tuning parameters -- Feature standardization -- Additional features -- Using the correct form of data -- Tuning model parameters -- Linear models -- Iterations -- Step size -- Regularization -- Decision trees -- Tuning tree depth and impurity -- The naïve Bayes model -- Cross-validation -- Summary -- Chapter 7: Web Application Vulnerability Assessment -- Introduction -- Running vulnerable web applications in Docker -- Getting ready -- How to do it... -- How it works... -- Using W3af for vulnerability assessment -- Getting ready -- How to do it... -- How it works... -- Using Nikto for web server assessment -- Getting ready -- How to do it... -- How it works... -- Using Skipfish for vulnerability assessment -- Getting ready -- -- How it works... -- Using Burp Proxy to intercept HTTP traffic -- Getting ready -- How to do it... -- How it works... -- Using Burp Intruder for customized attack automation -- Getting ready -- How to do it... -- How it works... -- Using Burp Sequencer to test the session randomness -- Getting ready -- How to do it... -- How it works... -- Chapter 8: Web Application Exploitation -- Introduction -- Using Burp for active/passive scanning -- Getting ready -- How to do it... -- How it works... -- Using sqlmap to find SQL Injection on the login page -- Getting ready -- How to do it... -- How it works... -- Exploiting SQL Injection on URL parameters using SQL Injection -- Getting ready -- How to do it... -- How it works... -- Getting ready -- How to do it. , How it works... -- Using Weevely for file upload vulnerability -- Getting ready -- How to do it... -- How it works... -- Exploiting Shellshock using Burp -- Getting ready -- How to do it... -- How it works... -- Using Metasploit to exploit Heartbleed -- Getting ready -- How to do it... -- How it works... -- Using the FIMAP tool for file inclusion attacks (RFI/LFI) -- Getting ready -- How to do it... -- How it works... -- Chapter 9: System and Password Exploitation -- Introduction -- Using local password-attack tools -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking password hashes -- Getting ready -- How to do it... -- How it works... -- There's more... -- Using Social-Engineering Toolkit -- Getting ready -- How to do it... -- How it works... -- There's more... -- Using BeEF for browser exploitation -- Getting ready -- How to do it... -- How it works... -- There's more... -- Cracking NTLM hashes using rainbow tables -- Getting ready -- How to do it... -- How it works... -- There's more... -- Chapter 10: Privilege Escalation and Exploitation -- Introduction -- Using WMIC to find privilege-escalation vulnerabilities -- Getting ready -- How to do it... -- How it works... -- There's more... -- Sensitive-information gathering -- Getting ready -- How to do it... -- There's more... -- Unquoted service-path exploitation -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also... -- Service permission issues -- Getting ready -- How to do it... -- How it works... -- There's more... -- Misconfigured software installations/insecure file permissions -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also... -- Linux privilege escalation -- Getting ready -- How to do it... -- How it works... -- There's more... -- See also... -- Chapter 11: Wireless Exploitation. , Introduction.

Additional Edition: ISBN 1-78398-216-0

Language: English