eBook - ePub
Python Web Penetration Testing Cookbook
Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
This is a test
Partager le livre
- 224 pages
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Python Web Penetration Testing Cookbook
Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Python Web Penetration Testing Cookbook est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Python Web Penetration Testing Cookbook par Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Computer Science et Programming in Python. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Python Web Penetration Testing Cookbook
Table of Contents
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Disclamer
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Gathering Open Source Intelligence
Introduction
Gathering information using the Shodan API
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
Scripting a Google+ API search
Getting ready
How to do itâŠ
How it worksâŠ
See alsoâŠ
There's moreâŠ
Downloading profile pictures using the Google+ API
How to do it
How it works
Harvesting additional results from the Google+ API using pagination
How to do it
How it works
Getting screenshots of websites with QtWebKit
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
Screenshots based on a port list
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
Spidering websites
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
2. Enumeration
Introduction
Performing a ping sweep with Scapy
How to do itâŠ
How it worksâŠ
Scanning with Scapy
How to do itâŠ
How it worksâŠ
There's moreâŠ
Checking username validity
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Brute forcing usernames
Getting ready
How to do itâŠ
How it worksâŠ
See also
Enumerating files
Getting ready
How to do itâŠ
How it worksâŠ
Brute forcing passwords
Getting ready
How to do itâŠ
How it worksâŠ
See also
Generating e-mail addresses from names
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Finding e-mail addresses from web pages
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Finding comments in source code
How to do itâŠ
How it worksâŠ
There's moreâŠ
3. Vulnerability Identification
Introduction
Automated URL-based Directory Traversal
Getting ready
How to do itâŠ
How it worksâŠ
There's more
Automated URL-based Cross-site scripting
How to do itâŠ
How it worksâŠ
There's moreâŠ
Automated parameter-based Cross-site scripting
How to do itâŠ
How it worksâŠ
There's moreâŠ
Automated fuzzing
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
jQuery checking
How to do itâŠ
How it worksâŠ
There's moreâŠ
Header-based Cross-site scripting
Getting ready
How to do itâŠ
How it worksâŠ
See also
Shellshock checking
Getting ready
How to do itâŠ
How it worksâŠ
4. SQL Injection
Introduction
Checking jitter
How to do itâŠ
How it worksâŠ
There's moreâŠ
Identifying URL-based SQLi
How to do itâŠ
How it worksâŠ
There's moreâŠ
Exploiting Boolean SQLi
How to do itâŠ
How it worksâŠ
There's moreâŠ
Exploiting Blind SQL Injection
How to do itâŠ
How it worksâŠ
There's moreâŠ
Encoding payloads
How to do itâŠ
How it worksâŠ
There's moreâŠ
5. Web Header Manipulation
Introduction
Testing HTTP methods
How to do itâŠ
How it worksâŠ
There's moreâŠ
Fingerprinting servers through HTTP headers
How to do itâŠ
How it worksâŠ
There's moreâŠ
Testing for insecure headers
Getting ready
How to do itâŠ
How it worksâŠ
Brute forcing login through the Authorization header
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Testing for clickjacking vulnerabilities
How to do itâŠ
How it worksâŠ
Identifying alternative sites by spoofing user agents
How to do itâŠ
How it worksâŠ
See also
Testing for insecure cookie flags
How to do itâŠ
How it worksâŠ
There's moreâŠ
Session fixation through a cookie injection
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
6. Image Analysis and Manipulation
Introduction
Hiding a message using LSB steganography
Getting ready
How to do itâŠ
How it worksâŠ
There's moreâŠ
See also
Extracting messages hidden in LSB
How to do itâŠ
How it worksâŠ
There's moreâŠ
Hiding text in images
How to do itâŠ
How it worksâŠ
There's moreâŠ
Extracting text from images
How to do itâŠ
How it worksâŠ
There's moreâŠ
Enabling command and control using steganography
Getting ready
How to do itâŠ
How it worksâŠ
7. Encryption and Encoding
Introduction
Generating an MD5 hash
Getting ready
How to do itâŠ
How it worksâŠ
Generating an SHA 1/128/256 hash
Getting ready
How to do itâŠ
How it worksâŠ
Implementing SHA and MD5 hashes together
Getting ready
How to do itâŠ
How it worksâŠ
Implementing SHA in a real-world scenario
Getting ready
How to do itâŠ
How it worksâŠ
Generating a Bcrypt hash
Getting ready
How to do itâŠ
How it worksâŠ
Cracking an MD5 hash
Getting ready
How to do itâŠ
How it worksâŠ
Encoding with Base64
Getting ready
How to do itâŠ
How it worksâŠ
Encoding with ROT13
Getting ready
How to do itâŠ
How it worksâŠ
Cracking a substitution cipher
Getting ready
How to do itâŠ
How it worksâŠ
Cracking the Atbash cipher
Getting ready
How to do itâŠ
How it worksâŠ
Attacking one-time pad reuse
Getting ready
How to do itâŠ
How it worksâŠ
Predicting a linear congruential generator
Getting ready
How to do itâŠ
How it worksâŠ
Identifying hashes
Getting ready
How to do itâŠ
How it worksâŠ
8. Payloads and Shells
Introduction
Extracting data through HTTP requests
Getting Ready
How to do itâŠ
How it worksâŠ
Creating an HTTP C2
Getting Started
How to do itâŠ
How it worksâŠ
Creating an FTP C2
Getting Started
How to do itâŠ
How it worksâŠ
Creating an Twitter C2
Getting Started
How to do itâŠ
How it worksâŠ
Creating a simple Netcat shell
How to do itâŠ
How it worksâŠ
9. Reporting
Introduction
Converting Nmap XML to CSV
Getting ready
How to do itâŠ
How it worksâŠ
Extracting links from a URL to Maltego
How to do itâŠ
How it worksâŠ
Thereâs moreâŠ
Extracting e-mails to Maltego
How to do itâŠ
How it worksâŠ
Parsing Sslscan into CSV
How to do itâŠ
How it worksâŠ
Generating graphs using plot.ly
Getting ready
How to do itâŠ
How it worksâŠ
Index
Python Web Penetration Testing Cookbook
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by a...