Gus Khawaja - Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more
Here you can read online Gus Khawaja - Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2018, publisher: Packt Publishing, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more
- Author:
- Publisher:Packt Publishing
- Genre:
- Year:2018
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Learn how to execute web application penetration testing end-to-end
Key Features- Build an end-to-end threat model landscape for web application security
- Learn both web application vulnerabilities and web intrusion testing
- Associate network vulnerabilities with a web application infrastructure
Companies all over the world want to hire professionals dedicated to application security. Practical Web Penetration Testing focuses on this very trend, teaching you how to conduct application security testing using real-life scenarios.
To start with, youll set up an environment to perform web application penetration testing. You will then explore different penetration testing concepts such as threat modeling, intrusion test, infrastructure security threat, and more, in combination with advanced concepts such as Python scripting for automation. Once you are done learning the basics, you will discover end-to-end implementation of tools such as Metasploit, Burp Suite, and Kali Linux. Many companies deliver projects into production by using either Agile or Waterfall methodology. This book shows you how to assist any company with their SDLC approach and helps you on your journey to becoming an application security specialist.
By the end of this book, you will have hands-on knowledge of using different tools for penetration testing.
What you will learn- Learn how to use Burp Suite effectively
- Use Nmap, Metasploit, and more tools for network infrastructure tests
- Practice using all web application hacking tools for intrusion tests using Kali Linux
- Learn how to analyze a web application using application threat modeling
- Know how to conduct web intrusion tests
- Understand how to execute network infrastructure tests
- Master automation of penetration testing functions for maximum efficiency using Python
Practical Web Penetration Testing is for you if you are a security professional, penetration tester, or stakeholder who wants to execute penetration testing using the latest and most popular tools. Basic knowledge of ethical hacking would be an added advantage.
Table of Contents- Building a Vulnerable Web Application Lab
- Kali Linux Installation
- Delving Deep into the Usage of Kali Linux
- All About Using Burp Suite
- Understanding Web Application Vulnerabilities
- Application Security Pre-Engagement
- Application Threat Modeling
- Source Code Review
- Network Penetration Testing
- Web Intrusion Tests
- Pentest Automation Using Python
- Appendix A: Nmap Cheat Sheet
- Appendix B: Metasploit Cheat Sheet
- Appendix C: Netcat Cheat Sheet
- Appendix D: Networking Reference Section
- Appendix E: Python Quick Reference
Gus Khawaja: author's other books
Who wrote Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more? Find out the surname, the name of the author of the book and a list of all author's works by series.
Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
Copyright 2018 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Gebin George
Acquisition Editor: Rahul Nair
Content Development Editor: Abhishek Jadhav
Technical Editor: Prachi Sawant
Copy Editor: Safis Editing
Project Coordinator: Judie Jose
Proofreader: Safis Editing
Indexer: Rekha Nair
Graphics: Tom Scaria
Production Coordinator: Arvindkumar Gupta
First published: June 2018
Production reference: 1200618
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78862-403-9
www.packtpub.com
Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.
Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.
At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.
Gus Khawaja holds a bachelor's degree in computer science. He specializes in IT security and ethical hacking. He is an author and shares his passion with millions of viewers around the world using his online courses. He also works as a cybersecurity consultant in Montreal, Canada.
After many years of experience in programming, he turned his attention to cybersecurity and the importance that security brings to this minefield. His passion for the ethical hacking mixed with his background in programming and IT makes him a wise swiss-knife professional in the computer science domain.
Akash Mahajan is an accomplished security professional with over a decade's experience of providing specialist application and infrastructure consulting services to companies, governments, and organizations around the world. He has deep experience of working with clients to provide innovative security insights that truly reflect the commercial and operational needs of the organization, from strategic advice to testing and analysis to incident response and recovery. He has authored Burp Suite Essentials and Security Automation with Ansible2, both by Packt.
, Building a Vulnerable Web Application Lab, will help us to get and install the vulnerable application Mutillidae using Windows and Linux. Also, we will have a quick tour of how to use this vulnerable web application.
, Kali Linux Installation, will explain how to download, install, and configure Kali Linux
, Delving Deep into the Usage of Kali Linux, will teach more about how to deal with Kali Linux from the Terminal window, and will help you to become a ninja in bash scripting as well.
, All About Using Burp Suite, covers what you need to know about Metasploit to fulfil the role of a web application security expert.
, Understanding Web Application Vulnerabilities, explains the attacks that can happen on a web application, and after finishing the chapter, you will be able to use these skills to manipulate your findings during pentests.
, Application Security Pre-Engagement, will explain how to sign all the necessary contracts before starting the tests. Also, you will learn how to estimate, scope, and schedule your tests before they start.
, Application Threat Modeling, will explains that ATM is a security architecture document that allows you to identify future threats and to pinpoint the different pentest activities that need to be executed in the future deployment of the web application project.
, Source Code Review, covers how to deal with the source code review process. The source code is the heart or engine of a web application, and it must be properly constructed from a security perspective.
, Network Penetration Testing, explains how to use Metasploit, Nmap, and OpenVAS together to conduct a network infrastructure vulnerability assessment.
, Web Intrusion Tests, will show how to look for web application based vulnerabilities (SQLi, XSS, and CSRF) using Burp. Also, the readers will learn how to take advantage of, get a remote shell, and probably elevate their privileges on the victim web server.
, Pentest Automation Using Python, explains how to automate everything that we have learned using the Python language for a more performant result.
, Nmap Cheat Sheet, a list of the most common Nmap options.
, Metasploit Cheat Sheet, provides a quick reference to the Metasploit framework.
, Netcat Cheat Sheet, provides Netcat commands and a few popular practical examples.
, Networking Reference Section, provides important information about networking, such as network subnets, port number, and its services.
, Python Quick Reference, provides a quick overview of the amazing programming languagePython.
Font size:
Interval:
Bookmark:
Similar books «Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more»
Look at similar books to Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Practical Web Penetration Testing: Secure web applications using Burp Suite, Nmap, Metasploit, and more and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.