eBook - ePub
Python Web Penetration Testing Cookbook
- 224 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Python Web Penetration Testing Cookbook
Tools to learn more effectively
Saving Books
Keyword Search
Annotating Text
Listen to it instead
Information
Python Web Penetration Testing Cookbook
Table of Contents
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Disclamer
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Gathering Open Source Intelligence
Introduction
Gathering information using the Shodan API
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
Scripting a Google+ API search
Getting ready
How to do itā¦
How it worksā¦
See alsoā¦
There's moreā¦
Downloading profile pictures using the Google+ API
How to do it
How it works
Harvesting additional results from the Google+ API using pagination
How to do it
How it works
Getting screenshots of websites with QtWebKit
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
Screenshots based on a port list
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
Spidering websites
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
2. Enumeration
Introduction
Performing a ping sweep with Scapy
How to do itā¦
How it worksā¦
Scanning with Scapy
How to do itā¦
How it worksā¦
There's moreā¦
Checking username validity
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Brute forcing usernames
Getting ready
How to do itā¦
How it worksā¦
See also
Enumerating files
Getting ready
How to do itā¦
How it worksā¦
Brute forcing passwords
Getting ready
How to do itā¦
How it worksā¦
See also
Generating e-mail addresses from names
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Finding e-mail addresses from web pages
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Finding comments in source code
How to do itā¦
How it worksā¦
There's moreā¦
3. Vulnerability Identification
Introduction
Automated URL-based Directory Traversal
Getting ready
How to do itā¦
How it worksā¦
There's more
Automated URL-based Cross-site scripting
How to do itā¦
How it worksā¦
There's moreā¦
Automated parameter-based Cross-site scripting
How to do itā¦
How it worksā¦
There's moreā¦
Automated fuzzing
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
jQuery checking
How to do itā¦
How it worksā¦
There's moreā¦
Header-based Cross-site scripting
Getting ready
How to do itā¦
How it worksā¦
See also
Shellshock checking
Getting ready
How to do itā¦
How it worksā¦
4. SQL Injection
Introduction
Checking jitter
How to do itā¦
How it worksā¦
There's moreā¦
Identifying URL-based SQLi
How to do itā¦
How it worksā¦
There's moreā¦
Exploiting Boolean SQLi
How to do itā¦
How it worksā¦
There's moreā¦
Exploiting Blind SQL Injection
How to do itā¦
How it worksā¦
There's moreā¦
Encoding payloads
How to do itā¦
How it worksā¦
There's moreā¦
5. Web Header Manipulation
Introduction
Testing HTTP methods
How to do itā¦
How it worksā¦
There's moreā¦
Fingerprinting servers through HTTP headers
How to do itā¦
How it worksā¦
There's moreā¦
Testing for insecure headers
Getting ready
How to do itā¦
How it worksā¦
Brute forcing login through the Authorization header
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Testing for clickjacking vulnerabilities
How to do itā¦
How it worksā¦
Identifying alternative sites by spoofing user agents
How to do itā¦
How it worksā¦
See also
Testing for insecure cookie flags
How to do itā¦
How it worksā¦
There's moreā¦
Session fixation through a cookie injection
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
6. Image Analysis and Manipulation
Introduction
Hiding a message using LSB steganography
Getting ready
How to do itā¦
How it worksā¦
There's moreā¦
See also
Extracting messages hidden in LSB
How to do itā¦
How it worksā¦
There's moreā¦
Hiding text in images
How to do itā¦
How it worksā¦
There's moreā¦
Extracting text from images
How to do itā¦
How it worksā¦
There's moreā¦
Enabling command and control using steganography
Getting ready
How to do itā¦
How it worksā¦
7. Encryption and Encoding
Introduction
Generating an MD5 hash
Getting ready
How to do itā¦
How it worksā¦
Generating an SHA 1/128/256 hash
Getting ready
How to do itā¦
How it worksā¦
Implementing SHA and MD5 hashes together
Getting ready
How to do itā¦
How it worksā¦
Implementing SHA in a real-world scenario
Getting ready
How to do itā¦
How it worksā¦
Generating a Bcrypt hash
Getting ready
How to do itā¦
How it worksā¦
Cracking an MD5 hash
Getting ready
How to do itā¦
How it worksā¦
Encoding with Base64
Getting ready
How to do itā¦
How it worksā¦
Encoding with ROT13
Getting ready
How to do itā¦
How it worksā¦
Cracking a substitution cipher
Getting ready
How to do itā¦
How it worksā¦
Cracking the Atbash cipher
Getting ready
How to do itā¦
How it worksā¦
Attacking one-time pad reuse
Getting ready
How to do itā¦
How it worksā¦
Predicting a linear congruential generator
Getting ready
How to do itā¦
How it worksā¦
Identifying hashes
Getting ready
How to do itā¦
How it worksā¦
8. Payloads and Shells
Introduction
Extracting data through HTTP requests
Getting Ready
How to do itā¦
How it worksā¦
Creating an HTTP C2
Getting Started
How to do itā¦
How it worksā¦
Creating an FTP C2
Getting Started
How to do itā¦
How it worksā¦
Creating an Twitter C2
Getting Started
How to do itā¦
How it worksā¦
Creating a simple Netcat shell
How to do itā¦
How it worksā¦
9. Reporting
Introduction
Converting Nmap XML to CSV
Getting ready
How to do itā¦
How it worksā¦
Extracting links from a URL to Maltego
How to do itā¦
How it worksā¦
Thereās moreā¦
Extracting e-mails to Maltego
How to do itā¦
How it worksā¦
Parsing Sslscan into CSV
How to do itā¦
How it worksā¦
Generating graphs using plot.ly
Getting ready
How to do itā¦
How it worksā¦
Index
Python Web Penetration Testing Cookbook
Copyright Ā© 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by a...
Table of contents
- Python Web Penetration Testing Cookbook
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, weāve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Python Web Penetration Testing Cookbook by Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound in PDF and/or ePUB format, as well as other popular books in Computer Science & Cryptography. We have over one million books available in our catalogue for you to explore.