Mastering Modern Web Penetration Testing
eBook - ePub

Mastering Modern Web Penetration Testing

Prakhar Prasad

Share book
  1. 298 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Mastering Modern Web Penetration Testing

Prakhar Prasad

Book details
Book preview
Table of contents
Citations

About This Book

Master the art of conducting modern pen testing attacks and techniques on your web application before the hacker does!

About This Book

  • This book covers the latest technologies such as Advance XSS, XSRF, SQL Injection, Web API testing, XML attack vectors, OAuth 2.0 Security, and more involved in today's web applications
  • Penetrate and secure your web application using various techniques
  • Get this comprehensive reference guide that provides advanced tricks and tools of the trade for seasoned penetration testers

Who This Book Is For

This book is for security professionals and penetration testers who want to speed up their modern web application penetrating testing. It will also benefit those at an intermediate level and web developers who need to be aware of the latest application hacking techniques.

What You Will Learn

  • Get to know the new and less-publicized techniques such PHP Object Injection and XML-based vectors
  • Work with different security tools to automate most of the redundant tasks
  • See different kinds of newly-designed security headers and how they help to provide security
  • Exploit and detect different kinds of XSS vulnerabilities
  • Protect your web application using filtering mechanisms
  • Understand old school and classic web hacking in depth using SQL Injection, XSS, and CSRF
  • Grasp XML-related vulnerabilities and attack vectors such as XXE and DoS techniques
  • Get to know how to test REST APIs to discover security issues in them

In Detail

Web penetration testing is a growing, fast-moving, and absolutely critical field in information security. This book executes modern web application attacks and utilises cutting-edge hacking techniques with an enhanced knowledge of web application security.

We will cover web hacking techniques so you can explore the attack vectors during penetration tests. The book encompasses the latest technologies such as OAuth 2.0, Web API testing methodologies and XML vectors used by hackers. Some lesser discussed attack vectors such as RPO (relative path overwrite), DOM clobbering, PHP Object Injection and etc. has been covered in this book.

We'll explain various old school techniques in depth such as XSS, CSRF, SQL Injection through the ever-dependable SQLMap and reconnaissance.

Websites nowadays provide APIs to allow integration with third party applications, thereby exposing a lot of attack surface, we cover testing of these APIs using real-life examples.

This pragmatic guide will be a great benefit and will help you prepare fully secure applications.

Style and approach

This master-level guide covers various techniques serially. It is power-packed with real-world examples that focus more on the practical aspects of implementing the techniques rather going into detailed theory.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Mastering Modern Web Penetration Testing an online PDF/ePUB?
Yes, you can access Mastering Modern Web Penetration Testing by Prakhar Prasad in PDF and/or ePUB format, as well as other popular books in Computer Science & Web Development. We have over one million books available in our catalogue for you to explore.

Information

Year
2016
ISBN
9781785284588

Mastering Modern Web Penetration Testing


Table of Contents

Mastering Modern Web Penetration Testing
Credits
About the Author
About the Reviewer
www.PacktPub.com
eBooks, discount offers, and more
Why subscribe?
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Common Security Protocols
SOP
Demonstration of the same-origin policy in Google Chrome
Switching origins
Quirks with Internet Explorer
Cross-domain messaging
AJAX and the same-origin policy
CORS
CORS headers
Pre-flight request
Simple request
URL encoding – percent encoding
Unrestricted characters
Restricted characters
Encoding table
Encoding unrestricted characters
Double encoding
Introducing double encoding
IIS 5.0 directory traversal code execution – CVE-2001-0333
Using double encoding to evade XSS filters
Base64 encoding
Character set of Base64 encoding
The encoding process
Padding in Base64
Summary
2. Information Gathering
Information gathering techniques
Active techniques
Passive techniques
Enumerating Domains, Files, and Resources
Fierce
theHarvester
SubBrute
CeWL
DirBuster
WhatWeb
Maltego
Wolfram Alpha
Shodan
DNSdumpster
Reverse IP Lookup – YouGetSignal
Pentest-Tools
Google Advanced Search
Summary
3. Cross-Site Scripting
Reflected XSS
Demonstrating reflected XSS vulnerability
Reflected XSS – case study 1
Reflected XSS – case study 2
Stored XSS
Demonstrating stored XSS
Stored XSS through Markdown
Stored XSS through APIs
Stored XSS through spoofed IP addresses
Flash-based XSS – ExternalInterface.call()
HttpOnly and secure cookie flags
DOM-based XSS
XSS exploitation – The BeEF
Setting Up BeEF
Demonstration of the BeEF hook and its components
Logs
Commands
Rider
Xssrays
IPec
Network
Summary
4. Cross-Site Request Forgery
Introducing CSRF
Exploiting POST-request based CSRF
How developers prevent CSRF?
PayPal's CSRF vulnerability to change phone numbers
Exploiting CSRF in JSON requests
Using XSS to steal anti-CSRF tokens
Exploring pseudo anti-CSRF tokens
Flash comes to the rescue
Rosetta Flash
Defeating XMLHTTPRequest-based CSRF protection
Summary
5. Exploiting SQL Injection
Installation of SQLMap under Kali Linux
Introduction to SQLMap
Injection techniques
Dumping the data – in an error-based scenario
Interacting with the wizard
Dump everything!
SQLMap and URL rewriting
Speeding up the process!
Multi-threading
NULL connection
HTTP persistent connections
Output prediction
Basic optimization flags
Dumping the data – in blind and time-based scenarios
Reading and writing files
Checking privileges
Reading files
Writing files
Handling injections in a POST request
SQL injection inside a login-based portal
SQL shell
Command shell
Evasion – tamper scripts
Configuring with proxies
Summary
6. File Upload Vulnerabilities
Introducing file upload vulnerability
Remote code execution
Multi-functional web shells
Netcat accessible reverse shell
The return of XSS
SWF – the flash
SVG images
Denial of Service
Malicious JPEG file – pixel flood
Malicious GIF file – frame flood
Malicious zTXT field of PNG files
Bypassing upload protections
Case-sensitive blacklist extension check bypass
MIME content type verification bypass
Apache's htaccess trick to execute benign files as PHP
SetHandler method
The AddType method
Bypassing image content verification
Summary
7. Metasploit and Web
Discovering Metasploit modules
Interacting with Msfconsole
Using Auxiliary Modules related to Web Applications
Understanding WMAP – Metasploit's Web Application Security Scanner
Generating Web backdoor payload with Metasploit
Summary
8. XML Attacks
XML 101 – the basics
XML elements
XML Attributes
XML DTD and entities
Internal DTD
External DTD
Entities
Entity declaration
XXE attack
Reading files
PHP Base64 conversion URI as an alternative
SSRF through XXE
Remote code execution
Denial of Service through XXE
XML quadratic blowup
XML billion laughs
The quadratic blowup
WordPress 3.9 quadratic blowup vulnerability – Case Study
Summary
9. Emerging Attack Vectors
Server Side Request Forgery
Demonstrat...

Table of contents