Skip to content
You are not logged in |Login  

LEADER 00000cam  2200685 i 4500 
001    on1125068319 
003    OCoLC 
005    20220110213023.0 
006    m     o  d         
007    cr cn||||||||| 
008    190919t20192019enk     o     000 0 eng d 
019    1110098037|a1110490030 
020    9781838644949|q(electronic book) 
020    1838644946|q(electronic book) 
024 8  9781838646073 
035    (OCoLC)1125068319|z(OCoLC)1110098037|z(OCoLC)1110490030 
040    OTZ|beng|erda|epn|cOTZ|dN$T|dYDXIT|dOCLCQ|dEBLCP|dYDX
049    GTKE 
050  4 QA76.9.A25|bN35 2019 
082 04 005.8|223 
100 1  Najera-Gutierrez, Gilberto,|eauthor. 
245 10 Improving your Penetration Testing Skills :|bstrengthen 
       your defense against web attacks with Kali Linux and 
       Metasploit /|cGilberto Najera-Gutierrez, Juned Ahmed 
       Ansari, Daniel Teixeira, Abhinav Singh. 
264  1 Birmingham :|bPackt Publishing,|c2019. 
264  4 |c©2019 
300    1 online resource (712 pages) 
336    text|btxt|2rdacontent 
337    computer|bc|2rdamedia 
338    online resource|bcr|2rdacarrier 
347    text file 
365    |b49.99 
505 0  Cover; FM; Copyright; About Packt; Contributors; Table of 
       Contents; Preface; Chapter 1: Introduction to Penetration 
       Testing and Web Applications; Proactive security testing; 
       Different testing methodologies; Ethical hacking; 
       Penetration testing; Vulnerability assessment; Security 
       audits; Considerations when performing penetration 
       testing; Rules of Engagement; The type and scope of 
       testing; Client contact details; Client IT team 
       notifications; Sensitive data handling; Status meeting and
       reports; The limitations of penetration testing; The need 
       for testing web applications 
505 8  Reasons to guard against attacks on web applicationsKali 
       Linux; A web application overview for penetration testers;
       HTTP protocol; Knowing an HTTP request and response; The 
       request header; The response header; HTTP methods; The GET
       method; The POST method; The HEAD method; The TRACE 
       method; The PUT and DELETE methods; The OPTIONS method; 
       Keeping sessions in HTTP; Cookies; Cookie flow between 
       server and client; Persistent and nonpersistent cookies; 
       Cookie parameters; HTML data in HTTP response; The server-
       side code; Multilayer web application; Three-layer web 
       application design; Web services 
505 8  Introducing SOAP and REST web servicesHTTP methods in web 
       services; XML and JSON; AJAX; Building blocks of AJAX; The
       AJAX workflow; HTML5; WebSockets; Chapter 2: Setting Up 
       Your Lab with Kali Linux; Kali Linux; Latest improvements 
       in Kali Linux; Installing Kali Linux; Virtualizing Kali 
       Linux versus installing it on physical hardware; 
       Installing on VirtualBox; Creating the virtual machine; 
       Installing the system; Important tools in Kali Linux; CMS 
       and Framework Identification; WPScan; JoomScan; CMSmap; 
       Web Application Proxies; Burp Proxy; Customizing client 
505 8  Modifying requests on the flyBurp Proxy with HTTPS 
       websites; Zed Attack Proxy; ProxyStrike; Web Crawlers and 
       Directory Bruteforce; DIRB; DirBuster; Uniscan; Web 
       Vulnerability Scanners; Nikto; w3af; Skipfish; Other 
       tools; OpenVAS; Database exploitation; Web application 
       fuzzers; Using Tor for penetration testing; Vulnerable 
       applications and servers to practice on; OWASP Broken Web 
       Applications; Hackazon; Web Security Dojo; Other 
       resources; Chapter 3: Reconnaissance and Profiling the Web
       Server; Reconnaissance; Passive reconnaissance versus 
       active reconnaissance; Information gathering 
505 8  Domain registration detailsWhois -- extracting domain 
       information; Identifying related hosts using DNS; Zone 
       transfer using dig; DNS enumeration; DNSEnum; Fierce; 
       DNSRecon; Brute force DNS records using Nmap; Using search
       engines and public sites to gather information; Google 
       dorks; Shodan; the Harvester; Maltego; Recon-ng -- a 
       framework for information gathering; Domain enumeration 
       using Recon-ng; Sub-level and top-level domain 
       enumeration; Reporting modules; Scanning -- probing the 
       target; Port scanning using Nmap; Different options for 
       port scan; Evading firewalls and IPS using Nmap 
520    Evade antiviruses and bypass firewalls with the most 
       widely used penetration testing frameworks Key Features 
       Gain insights into the latest antivirus evasion techniques
       Set up a complete pentesting environment using Metasploit 
       and virtual machines Discover a variety of tools and 
       techniques that can be used with Kali Linux Book 
       Description Penetration testing or ethical hacking is a 
       legal and foolproof way to identify vulnerabilities in 
       your system. With thorough penetration testing, you can 
       secure your system against the majority of threats. This 
       Learning Path starts with an in-depth explanation of what 
       hacking and penetration testing is. You'll gain a deep 
       understanding of classical SQL and command injection flaws,
       and discover ways to exploit these flaws to secure your 
       system. You'll also learn how to create and customize 
       payloads to evade antivirus software and bypass an 
       organization's defenses. Whether it's exploiting server 
       vulnerabilities and attacking client systems, or 
       compromising mobile phones and installing backdoors, this 
       Learning Path will guide you through all this and more to 
       improve your defense against online attacks. By the end of
       this Learning Path, you'll have the knowledge and skills 
       you need to invade a system and identify all its 
       vulnerabilities. This Learning Path includes content from 
       the following Packt products: Web Penetration Testing with
       Kali Linux - Third Edition by Juned Ahmed Ansari and 
       Gilberto Najera-Gutierrez Metasploit Penetration Testing 
       Cookbook - Third Edition by Abhinav Singh, Monika Agarwal,
       et al What you will learn Build and analyze Metasploit 
       modules in Ruby Integrate Metasploit with other 
       penetration testing tools Use server-side attacks to 
       detect vulnerabilities in web servers and their 
       applications Explore automated attacks such as fuzzing web
       applications Identify the difference between hacking a web
       application and network hacking Deploy Metasploit with the
       Penetration Testing Execution Standard (PTES) Use MSFvenom
       to generate payloads and backdoor files, and create 
       shellcode Who this book is for This Learning Path is 
       designed for security professionals, web programmers, and 
       pentesters who want to learn vulnerability exploitation 
       and make the most of the Metasploit framework. Some 
       understanding of penetration testing and Metasploit is 
       required, but basic system administration skills and the 
       ability to read code are a must. Downloading the example 
       code for this ebook: You can download the exampl ... 
542    |fCopyright © 2019 Packt Publishing|g2019 
550    Made available through: Safari, an O'Reilly Media Company.
588 0  Online resource; title from digital title page (viewed on 
       December 16, 2019). 
630 00 Kali Linux. 
630 00 Metasploit (Electronic resource) 
630 07 Kali Linux.|2fast|0(OCoLC)fst01914587 
630 07 Metasploit (Electronic resource)|2fast|0(OCoLC)fst01787159
650  0 Penetration testing (Computer security) 
650  7 Programming & scripting languages: general.|2bicssc 
650  7 Network security.|2bicssc 
650  7 Privacy & data protection.|2bicssc 
650  7 Computers|xNetworking|xSecurity.|2bisacsh 
650  7 Computers|xProgramming Languages|xRuby.|2bisacsh 
650  7 Computers|xInternet|xSecurity.|2bisacsh 
650  7 Penetration testing (Computer security)|2fast
700 1  Ansari, Juned Ahmed,|eauthor. 
700 1  Teixeira, Daniel,|eauthor. 
700 1  Singh, Abhinav,|eauthor. 
710 2  Safari, an O'Reilly Media Company. 
776 08 |iPrint version:|aNajera-Gutierrez, Gilberto.|tImproving 
       Your Penetration Testing Skills : Strengthen Your Defense 
       Against Web Attacks with Kali Linux and Metasploit.
       |dBirmingham : Packt Publishing, Limited, ©2019
914    on1125068319 
994    92|bGTK 
Location Call No. Status
 Rocky Hill - Downloadable Materials  EBSCO Ebook    Downloadable
Rocky Hill cardholders click here to access this title from EBSCO