Cargando…

Hands-On Application Penetration Testing with Burp Suite : Use Burp Suite and Its Features to Inspect, Detect, and Exploit Security Vulnerabilities in Your Web Applications.

Using Burp Suite, you can quickly build proof of concepts, extract data via an exploit, attack multiple end points in an application and even begin to script complex multi stage attacks. This book will provide a hands-on coverage on how you can get started with executing an application penetration t...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Lozano, Carlos A.
Otros Autores: Shah, Dhruv, Ahemed Walikar, Riyaz
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt Publishing Ltd, 2019.
Temas:
Acceso en línea:Texto completo

MARC

LEADER 00000cam a2200000Mi 4500
001 EBSCO_on1089615253
003 OCoLC
005 20231017213018.0
006 m o d
007 cr |n|---|||||
008 190309s2019 enk o 000 0 eng d
040 |a EBLCP  |b eng  |e pn  |c EBLCP  |d CHVBK  |d OCLCQ  |d VT2  |d OCLCQ  |d N$T  |d NLW  |d UKMGB  |d OCLCQ  |d OCLCO 
015 |a GBC216908  |2 bnb 
016 7 |a 019299034  |2 Uk 
020 |a 1788995287 
020 |a 9781788995283  |q (electronic bk.) 
020 |z 9781788994064  |q print 
029 1 |a AU@  |b 000065126686 
029 1 |a CHNEW  |b 001040585 
029 1 |a CHVBK  |b 559029489 
029 1 |a UKMGB  |b 019299034 
029 1 |a AU@  |b 000069022733 
035 |a (OCoLC)1089615253 
037 |a 9781788995283  |b Packt Publishing 
050 4 |a QA76.9.A25  |b .L693 2019 
082 0 4 |a 005.8  |2 23 
049 |a UAMI 
100 1 |a Lozano, Carlos A. 
245 1 0 |a Hands-On Application Penetration Testing with Burp Suite :  |b Use Burp Suite and Its Features to Inspect, Detect, and Exploit Security Vulnerabilities in Your Web Applications. 
260 |a Birmingham :  |b Packt Publishing Ltd,  |c 2019. 
300 |a 1 online resource (356 pages) 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
588 0 |a Print version record. 
505 0 |a Cover; Title Page; Copyright and Credits; Contributors; About Packt; Table of Contents; Preface; Chapter 1: Configuring Burp Suite; Getting to know Burp Suite; Setting up proxy listeners; Managing multiple proxy listeners; Working with non-proxy-aware clients; Creating target scopes in Burp Suite; Working with target exclusions; Quick settings before beginning; Summary; Chapter 2: Configuring the Client and Setting Up Mobile Devices; Setting up Firefox to work with Burp Suite (HTTP and HTTPS); Setting up Chrome to work with Burp Suite (HTTP and HTTPS) 
505 8 |a Setting up Chrome proxy options on Linux Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS); Additional browser add-ons that can be used to manage proxy settings; FoxyProxy for Firefox; Proxy SwitchySharp for Google Chrome; Setting system-wide proxy for non-proxy-aware clients; Linux or macOS X; Windows; Setting up Android to work with Burp Suite; Setting up iOS to work with Burp Suite; Summary; Chapter 3: Executing an Application Penetration Test; Differences between a bug bounty and a client-initiated pentest; Initiating a penetration test 
505 8 |a Why Burp Suite? Let's cover some groundwork!Types and features; Crawling; Why Burp Suite Scanner?; Auditor/Scanner; Understanding the insertion points; Summary; Chapter 4: Exploring the Stages of an Application Penetration Test; Stages of an application pentest; Planning and reconnaissance; Client-end code analysis; Manual testing; Various business logic flaws; Second-order SQL injection; Pentesting cryptographic parameters; Privilege escalation; Sensitive information disclosures; Automated testing; Exploiting discovered issues; Digging deep for data exfiltration; Taking shells; Reporting 
505 8 |a Getting to know Burp Suite betterFeatures of Burp Suite; Dashboard; Target ; Proxy; Intruder; Repeater; Comparer; Sequencer; Decoder; Extender; Project options; User options; Summary; Chapter 5: Preparing for an Application Penetration Test; Setup of vulnerable web applications; Setting up Xtreme Vulnerable Web Application; Setting up OWASP Broken Web Application; Reconnaissance and file discovery; Using Burp for content and file discovery; Testing for authentication via Burp; Brute forcing login pages using Burp Intruder; Testing for authentication page for SQL injection; Summary 
505 8 |a Chapter 6: Identifying Vulnerabilities Using Burp SuiteDetecting SQL injection flaws; Manual detection; Scanner detection; CO2 detection; Detecting OS command injection; Manual detection; Detecting XSS vulnerabilities; Detecting XML-related issues, such as XXE; Detecting SSTI; Detecting SSRF; Summary; Chapter 7: Detecting Vulnerabilities Using Burp Suite; Detecting CSRF; Detecting CSRF using Burp Suite; Steps for detecting CSRF using Burp Suite; Detecting Insecure Direct Object References; Detecting security misconfigurations; Unencrypted communications and clear text protocols 
500 |a Default credentials 
520 |a Using Burp Suite, you can quickly build proof of concepts, extract data via an exploit, attack multiple end points in an application and even begin to script complex multi stage attacks. This book will provide a hands-on coverage on how you can get started with executing an application penetration test and be sure of the results. 
590 |a eBooks on EBSCOhost  |b EBSCO eBook Subscription Academic Collection - Worldwide 
650 0 |a Penetration testing. 
650 7 |a Computer security.  |2 bicssc 
650 7 |a Network security.  |2 bicssc 
650 7 |a Computer networking & communications.  |2 bicssc 
650 7 |a Computers  |x Networking  |x Security.  |2 bisacsh 
650 7 |a Computers  |x Security  |x General.  |2 bisacsh 
650 7 |a Computers  |x Networking  |x General.  |2 bisacsh 
650 7 |a Application software  |x Testing  |2 fast 
650 7 |a Computer networks  |x Security measures  |2 fast 
650 7 |a Penetration testing (Computer security)  |2 fast 
700 1 |a Shah, Dhruv. 
700 1 |a Ahemed Walikar, Riyaz. 
776 0 8 |i Print version:  |a Lozano, Carlos A.  |t Hands-On Application Penetration Testing with Burp Suite : Use Burp Suite and Its Features to Inspect, Detect, and Exploit Security Vulnerabilities in Your Web Applications.  |d Birmingham : Packt Publishing Ltd, ©2019  |z 9781788994064 
856 4 0 |u https://ebsco.uam.elogim.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2037517  |z Texto completo 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL5721783 
938 |a EBSCOhost  |b EBSC  |n 2037517 
994 |a 92  |b IZTAP