Learning Python Web Penetration Testing : Automate Web Penetration Testing Activities Using Python.

Mostrar otras versiones (1)

Chapter 5: Password Testing; How password attacks work; Password cracking; Password policies and account locking; Our first password BruteForcer; Basic authentication; Creating the password cracker; Adding support for digest authentication; What is digest authentication?; Adding digest authenticatio...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Martorella, Christian
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing Ltd, 2018.
Temas:
Python.
Penetration testing.
Computer security.
Network security.
Programming & scripting languages: general.
Computers > Networking > Security.
Computers > Programming Languages > Python.
Computers > Security > General.
Computer networks > Security measures
Penetration testing (Computer security)
Python (Computer program language)
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Cover; Title Page; Copyright and Credits; Packt Upsell; Contributor; Table of Contents; Preface; Chapter 1: Introduction to Web Application Penetration Testing; Understanding the web application penetration testing process; Typical web application toolkit; HTTP Proxy; Crawlers and spiders; Vulnerability scanners; Brute forces/predictable resource locators; Specific task tools; Testing environment; Summary; Chapter 2: Interacting with Web Applications; HTTP protocol basics; What is HTTP and how it works?; Anatomy of an HTTP request; HTTP headers; GET request.
  • Interacting with a web app using the requests libraryRequests library; Our first script; Setting headers; Analyzing HTTP responses; HTTP codes; Summary; Chapter 3: Web Crawling with Scrapy
  • Mapping the Application; Web application mapping; Creating our own crawler/spider with Scrapy; Starting with Scrapy; Making our crawler recursive; Scraping interesting stuff; Summary; Chapter 4: Resources Discovery; What is resource discovery?; Building our first BruteForcer ; Analysing the results; Adding more information; Entering the hash of the response content; Taking screenshots of the findings.
  • Automating the detectionExploiting a SQL injection to extract data; What data can we extract with an SQLi?; Automating basic extractions; Advanced SQLi exploiting; Summary; Chapter 7: Intercepting HTTP Requests; HTTP proxy anatomy; What is an HTTP proxy?; Why do we need a proxy?; Types of HTTP proxy; Introduction to mitmproxy; Why mitmproxy?; Manipulating HTTP requests; Inline scripts; Automating SQLi in mitmproxy; SQLi process; Summary; Other Books You May Enjoy; Index.

Ejemplares similares