eBook - ePub
Python Web Penetration Testing Cookbook
Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
This is a test
Condividi libro
- 224 pagine
- English
- ePUB (disponibile sull'app)
- Disponibile su iOS e Android
eBook - ePub
Python Web Penetration Testing Cookbook
Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni
Domande frequenti
Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Python Web Penetration Testing Cookbook è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Python Web Penetration Testing Cookbook di Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Computer Science e Programming in Python. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.
Informazioni
Python Web Penetration Testing Cookbook
Table of Contents
Python Web Penetration Testing Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Disclamer
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Getting ready
How to do it…
How it works…
There's more…
See also
Conventions
Reader feedback
Customer support
Downloading the example code
Errata
Piracy
Questions
1. Gathering Open Source Intelligence
Introduction
Gathering information using the Shodan API
Getting ready
How to do it…
How it works…
There's more…
Scripting a Google+ API search
Getting ready
How to do it…
How it works…
See also…
There's more…
Downloading profile pictures using the Google+ API
How to do it
How it works
Harvesting additional results from the Google+ API using pagination
How to do it
How it works
Getting screenshots of websites with QtWebKit
Getting ready
How to do it…
How it works…
There's more…
Screenshots based on a port list
Getting ready
How to do it…
How it works…
There's more…
Spidering websites
Getting ready
How to do it…
How it works…
There's more…
2. Enumeration
Introduction
Performing a ping sweep with Scapy
How to do it…
How it works…
Scanning with Scapy
How to do it…
How it works…
There's more…
Checking username validity
Getting ready
How to do it…
How it works…
There's more…
See also
Brute forcing usernames
Getting ready
How to do it…
How it works…
See also
Enumerating files
Getting ready
How to do it…
How it works…
Brute forcing passwords
Getting ready
How to do it…
How it works…
See also
Generating e-mail addresses from names
Getting ready
How to do it…
How it works…
There's more…
See also
Finding e-mail addresses from web pages
Getting ready
How to do it…
How it works…
There's more…
See also
Finding comments in source code
How to do it…
How it works…
There's more…
3. Vulnerability Identification
Introduction
Automated URL-based Directory Traversal
Getting ready
How to do it…
How it works…
There's more
Automated URL-based Cross-site scripting
How to do it…
How it works…
There's more…
Automated parameter-based Cross-site scripting
How to do it…
How it works…
There's more…
Automated fuzzing
Getting ready
How to do it…
How it works…
There's more…
See also
jQuery checking
How to do it…
How it works…
There's more…
Header-based Cross-site scripting
Getting ready
How to do it…
How it works…
See also
Shellshock checking
Getting ready
How to do it…
How it works…
4. SQL Injection
Introduction
Checking jitter
How to do it…
How it works…
There's more…
Identifying URL-based SQLi
How to do it…
How it works…
There's more…
Exploiting Boolean SQLi
How to do it…
How it works…
There's more…
Exploiting Blind SQL Injection
How to do it…
How it works…
There's more…
Encoding payloads
How to do it…
How it works…
There's more…
5. Web Header Manipulation
Introduction
Testing HTTP methods
How to do it…
How it works…
There's more…
Fingerprinting servers through HTTP headers
How to do it…
How it works…
There's more…
Testing for insecure headers
Getting ready
How to do it…
How it works…
Brute forcing login through the Authorization header
Getting ready
How to do it…
How it works…
There's more…
See also
Testing for clickjacking vulnerabilities
How to do it…
How it works…
Identifying alternative sites by spoofing user agents
How to do it…
How it works…
See also
Testing for insecure cookie flags
How to do it…
How it works…
There's more…
Session fixation through a cookie injection
Getting ready
How to do it…
How it works…
There's more…
6. Image Analysis and Manipulation
Introduction
Hiding a message using LSB steganography
Getting ready
How to do it…
How it works…
There's more…
See also
Extracting messages hidden in LSB
How to do it…
How it works…
There's more…
Hiding text in images
How to do it…
How it works…
There's more…
Extracting text from images
How to do it…
How it works…
There's more…
Enabling command and control using steganography
Getting ready
How to do it…
How it works…
7. Encryption and Encoding
Introduction
Generating an MD5 hash
Getting ready
How to do it…
How it works…
Generating an SHA 1/128/256 hash
Getting ready
How to do it…
How it works…
Implementing SHA and MD5 hashes together
Getting ready
How to do it…
How it works…
Implementing SHA in a real-world scenario
Getting ready
How to do it…
How it works…
Generating a Bcrypt hash
Getting ready
How to do it…
How it works…
Cracking an MD5 hash
Getting ready
How to do it…
How it works…
Encoding with Base64
Getting ready
How to do it…
How it works…
Encoding with ROT13
Getting ready
How to do it…
How it works…
Cracking a substitution cipher
Getting ready
How to do it…
How it works…
Cracking the Atbash cipher
Getting ready
How to do it…
How it works…
Attacking one-time pad reuse
Getting ready
How to do it…
How it works…
Predicting a linear congruential generator
Getting ready
How to do it…
How it works…
Identifying hashes
Getting ready
How to do it…
How it works…
8. Payloads and Shells
Introduction
Extracting data through HTTP requests
Getting Ready
How to do it…
How it works…
Creating an HTTP C2
Getting Started
How to do it…
How it works…
Creating an FTP C2
Getting Started
How to do it…
How it works…
Creating an Twitter C2
Getting Started
How to do it…
How it works…
Creating a simple Netcat shell
How to do it…
How it works…
9. Reporting
Introduction
Converting Nmap XML to CSV
Getting ready
How to do it…
How it works…
Extracting links from a URL to Maltego
How to do it…
How it works…
There’s more…
Extracting e-mails to Maltego
How to do it…
How it works…
Parsing Sslscan into CSV
How to do it…
How it works…
Generating graphs using plot.ly
Getting ready
How to do it…
How it works…
Index
Python Web Penetration Testing Cookbook
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by a...