吉尔博托?N.古铁雷斯,Gilberto Najera-Gutierrez is an experienced penetration tester currently working for one ofthe top security testing service providers in Australia. He obtained leading security andpenetration testing certifications, namely Offensive Security Certified Professional (OSCP),EC-Council Certified Security Administrator (ECSA), and GIAC Exploit Researcher andAdvanced Penetration Tester (GXPN); he also holds a Master's degree in Computer Sciencewith specialization in Artificial Intelligence. Gilberto has been working as a penetration tester since 2013, and he has been a securityenthusiast for almost 20 years. He has successfully conducted penetration tests on networksand applications of some the biggest corporations, government agencies, and financialinstitutions in Mexico and Australia.
目录
Preface Chapter 1: Introduction to Penetration Testing and Web Applications Proactive security testing Different testing methodologies Ethical hacking Penetration testing Vulnerability assessment Security audits Considerations when performing penetration testing Rules of Engagement The type and scope of testing Client contact details Client IT team notifications Sensitive data handling Status meeting and reports The limitations of penetration testing The need for testing web applications Reasons to guard against attacks on web applications Kali Linux A web application overview for penetration testers HTTP protocol Knowing an HTTP request and response The request header The response header HTTP methods The GET method The POST method The HEAD method The TRACE method The PUT and DELETE methods The OPTIONS method Keeping sessions in HTTP Cookies Cookie flow between server and client Persistent and nonpersistent cookies Cookie parameters HTML data in HTTP response The server-side code Multilayer web application Three-layer web application design Web services Introducing SOAP and REST web services HTTP methods in web services XML and JSON AJAX Building blocks of AJAX The AJAX workflow HTML5 WebSockets Summary Chapter 2: Setting Up Your Lab with Kali Linux Kali Linux Latest improvements in Kali Linux Installing Kali Linux Virtualizing Kali Linux versus installing it on physical hardware Installing on VirtualBox Creating the virtual machine Installing the system Important tools in Kali Linux CMS & Framework Identification WPScan JoomScan CMSmap Web Application Proxies Burp Proxy Customizing client interception Modifying requests on the fly Burp Proxy with HTTPS websites Zed Attack Proxy ProxyStrike Web Crawlers and Directory Bruteforce Chapter 3: Reconnaissance and Profiling the Web Sewer Reconnaissance Chapter 4: Authentication and Session Management Flaws Authentication schemes in web applications Chapter 5: Detecting and Exploiting Injection-Based Flaws Command injection Chapter 6: Finding and Exploiting Cross-Site Scripting (XSS) Vulnerabilities Chapter 7: Cross-Site Request Forgery, Identification, and Exploitation Chapter 8: Attacking Flaws in Cryptographic Implementations Chapter 9: AJAX, HTML5, and Client-Side Attacks Crawling AJAX applications Chapter 10: Other Common Security Flaws in Web Applications Insecure direct object references Chapter 11 : Using Automated Scanners on Web Applications Considerations before using an automated scanner Web application vulnerability scanners in Kali Linux Index
