Michael McPhee - Mastering Kali Linux for Web Penetration Testing

• 1: Common Web Applications and Architectures
  • b'Chapter 1: Common Web Applications and Architectures'
  • b'Common architectures'
  • b'Web application hosting'
  • b'Application development cycles'
  • b'Common weaknesses \xc3\xa2\xc2\x80\xc2\x93 where to start'
  • b'Web application defenses'
  • b'Summary'

• 2: Guidelines for Preparation and Testing
  • b'Chapter 2: Guidelines for Preparation and Testing'
  • b'Picking your favorite testing framework'
  • b'Keeping it legal and ethical'
  • b'Labbing - practicing what we learn'
  • b'Summary'

• 3: Stalking Prey Through Target Recon
  • b'Chapter 3: Stalking Prey Through Target Recon'
  • b'The imitation game'
  • b'Open source awesomeness'
  • b'Being social with your target'
  • b'Summary'

• 4: Scanning for Vulnerabilities with Arachni
  • b'Chapter 4: Scanning for Vulnerabilities with Arachni'
  • b'Walking into\xc3\x82\xc2\xa0spider webs'
  • b'An encore for stacks and frameworks'
  • b'The Arachni test scenario'
  • b'Summary'

• 5: Proxy Operations with OWASP ZAP and Burp Suite
  • b'Chapter 5: Proxy Operations with OWASP ZAP and Burp Suite'
  • b'Pulling back the curtain with\xc3\x82\xc2\xa0ZAP'
  • b'Taking it to a new level with Burp Suite'
  • b'Summary'

• 6: Infiltrating Sessions via Cross-Site Scripting
  • b'Chapter 6: Infiltrating Sessions via Cross-Site Scripting'
  • b'The low-down on XSS\xc3\x82\xc2\xa0types'
  • b'Seeing is believing'
  • b'Summary'

• 7: Injection and Overflow Testing
  • b'Chapter 7: Injection and Overflow Testing'
  • b'Injecting some fun into your testing'
  • b'Is SQL any good?'
  • b'The X-factor - XML and XPath injections'
  • b'Credential Jedi mind tricks'
  • b'Going beyond persuasion \xc3\xa2\xc2\x80\xc2\x93 Injecting for execution'
  • b'Down with HTTP?'
  • b'Summary'

• 8: Exploiting Trust Through Cryptography Testing
  • b'Chapter 8: Exploiting Trust Through Cryptography Testing'
  • b'How secret is your secret?'
  • b'Assessing encryption like a pro'
  • b'Exploiting the flaws'
  • b'Hanging out as the Man-in-the-Middle'
  • b'Summary'

• 9: Stress Testing Authentication and Session Management
  • b'Chapter 9: Stress Testing Authentication and Session Management'
  • b'Knock knock, who's there?'
  • b'This is the session you are looking for'
  • b'Functional access level control'
  • b'Refining a brute's vocabulary'
  • b'Summary'

• 10: Launching Client-Side Attacks
  • b'Chapter 10: Launching Client-Side Attacks'
  • b'Why are clients so weak?'
  • b'Picking on the little guys'
  • b'I don't need your validation'
  • b'Trendy hacks come and go'
  • b'Summary'

• 11: Breaking the Application Logic
  • b'Chapter 11: Breaking the Application Logic'
  • b'Speed-dating your target'
  • b'Functional Feng Shui'
  • b'Summary'

• 12: Educating the Customer and Finishing Up
  • b'Chapter 12: Educating the Customer and Finishing Up'
  • b'Finishing up'
  • b'Bringing best practices'
  • b'Assessing the competition'
  • b'Summary'

Web applications are essential for today's civilization. I know this sounds bold, but when you think of how the technology has changed the world, there is no doubt that globalization is responsible for the rapid exchange of information across great distances via the internet in large parts of the world. While the internet is many things, the most inherently valuable components are those where data resides. Since the advent of the World Wide Web in the 1990s, this data has exploded, with the world currently generating more data in the next 2 years than in all of the recorded history. While databases and object storage are the main repositories for this staggering amount of data, web applications are the portals through which that data comes and goes is manipulated, and processed into actionable information. This information is presented to the end users dynamically in their browser, and the relative simplicity and access that this imbues are the leading reason why web applications are impossible to avoid. We're so accustomed to web applications that many of us would find it impossible to go more than a few hours without them.

Financial, manufacturing, government, defense, businesses, educational, and entertainment institutions are dependent on the web applications that allow them to function and interact with each other. These ubiquitous portals are trusted to store, process, exchange, and present all sorts of sensitive information and valuable data while safeguarding it from harm. the industrial world has placed a great deal of trust in these systems. So, any damage to these systems or any kind of trust violation can and often does cause far-reaching economic, political, or physical damage and can even lead to loss of life. The news is riddled with breaking news of compromised web applications every day. Each of these attacks results in loss of that trust as data (from financial and health information to intellectual property) is stolen, leaked, abused, and disclosed. Companies have been irreparably harmed, patients endangered, careers ended, and destinies altered. This is heavy stuff!

While there are many potential issues that keep architects, developers, and operators on edge, many of these have a very low probability of occurring with one great exception. Criminal and geopolitical actors and activists present a clear danger to computing systems, networks, and all other people or things that are attached to or make use of them. Bad coding, improper implementation, or missing countermeasures are a boon to these adversaries, offering a way in or providing cover for their activities. As potential attackers see the opportunity to wreak havoc, they invest more, educate themselves, develop new techniques, and then achieve more ambitious goals. This cycle repeats itself. Defending networks, systems, and applications against these threats is a noble cause.

Defensive approaches also exist that can help reduce risks and minimize exposure, but it is the penetration tester (also known as the White Hat Hacker ) that ensures that they are up to the task. By thinking like an attacker - and using many of the same tools and techniques - a pen tester can uncover latent flaws in the design or implementation and allow the application stakeholders to fill these gaps before the malicious hacker (also known as the