
The Basics of Web Hacking
Tools and Techniques to Attack the Web
Description
Key Features
- Provides a simple and clean approach to Web hacking, including hands-on examples and exercises that are designed to teach you how to hack the server, hack the Web app, and hack the Web user
- Covers the most significant new tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more!
- Written by an author who works in the field as a penetration tester and who teaches Web security classes at Dakota State University
Readership
Beginning Information Security professionals, systems administrators, information technology leaders, network administrators, and an academic audience among information security majors.
Table of Contents
Dedication
Acknowledgments
Honey Bear
Lizard
Baby Bird
Family and Friends
Security Community
Scott White—Technical Reviewer
Syngress Team
My Vices
Biography
Foreword
Introduction
About This Book
A Hands-On Approach
What's in This Book?
A Quick Disclaimer
Chapter 1. The Basics of Web Hacking
Chapter Rundown:
Introduction
What Is a Web Application?
What You Need to Know About Web Servers
What You Need to Know About HTTP
The Basics of Web Hacking: Our Approach
Web Apps Touch Every Part of IT
Existing Methodologies
Most Common Web Vulnerabilities
Setting Up a Test Environment
Chapter 2. Web Server Hacking
Chapter Rundown:
Introduction
Reconnaissance
Port Scanning
Vulnerability Scanning
Exploitation
Maintaining Access
Chapter 3. Web Application Recon and Scanning
Chapter Rundown:
Introduction
Web Application Recon
Web Application Scanning
Chapter 4. Web Application Exploitation with Injection
Chapter Rundown:
Introduction
SQL Injection Vulnerabilities
SQL Injection Attacks
sqlmap
Operating System Command Injection Vulnerabilities
Operating System Command Injection Attacks
Web Shells
Chapter 5. Web Application Exploitation with Broken Authentication and Path Traversal
Chapter Rundown:
Introduction
Authentication and Session Vulnerabilities
Path Traversal Vulnerabilities
Brute Force Authentication Attacks
Session Attacks
Path Traversal Attacks
Chapter 6. Web User Hacking
Chapter Rundown:
Introduction
Cross-Site Scripting (XSS) Vulnerabilities
Cross-Site Request Forgery (CSRF) Vulnerabilities
Technical Social Engineering Vulnerabilities
Web User Recon
Web User Scanning
Web User Exploitation
Cross-Site Scripting (XSS) Attacks
Reflected XSS Attacks
Stored XSS Attacks
Cross-Site Request Forgery (CSRF) Attacks
User Attack Frameworks
Chapter 7. Fixes
Chapter Rundown:
Introduction
Web Server Fixes
Web Application Fixes
Web User Fixes
Chapter 8. Next Steps
Chapter Rundown:
Introduction
Security Community Groups and Events
Formal Education
Certifications
Additional Books
Index
Product details
- No. of pages: 160
- Language: English
- Copyright: © Syngress 2013
- Published: June 18, 2013
- Imprint: Syngress
- Paperback ISBN: 9780124166004
- eBook ISBN: 9780124166592
About the Author
Josh Pauli
Ratings and Reviews
Latest reviews
(Total rating for all reviews)
saurabh Wed Apr 22 2020
The Basics of Web Hacking
good