舉報 
會員
Hands-On Application Penetration Testing with Burp Suite
Burpsuiteisasetofgraphictoolsfocusedtowardspenetrationtestingofwebapplications.Burpsuiteiswidelyusedforwebpenetrationtestingbymanysecurityprofessionalsforperformingdifferentweb-levelsecuritytasks.Thebookstartsbysettinguptheenvironmenttobeginanapplicationpenetrationtest.Youwillbeabletoconfiguretheclientandapplytargetwhitelisting.YouwillalsolearntosetupandconfigureAndroidandIOSdevicestoworkwithBurpSuite.ThebookwillexplainhowvariousfeaturesofBurpSuitecanbeusedtodetectvariousvulnerabilitiesaspartofanapplicationpenetrationtest.Oncedetectioniscompletedandthevulnerabilityisconfirmed,youwillbeabletoexploitadetectedvulnerabilityusingBurpSuite.ThebookwillalsocoversadvancedconceptslikewritingextensionsandmacrosforBurpsuite.Finally,youwilldiscovervariousstepsthataretakentoidentifythetarget,discoverweaknessesintheauthenticationmechanism,andfinallybreaktheauthenticationimplementationtogainaccesstotheadministrativeconsoleoftheapplication.Bytheendofthisbook,youwillbeabletoeffectivelyperformend-to-endpenetrationtestingwithBurpSuite.
最新章節
- Leave a review - let other readers know what you think
- Other Books You May Enjoy
- Summary
- Exploitation
- Intruder detection
- Using SQLMap
品牌:中圖公司
上架時間:2021-07-02 11:58:24
出版社:Packt Publishing
本書數字版權由中圖公司提供,并由其授權上海閱文信息技術有限公司制作發行
- Leave a review - let other readers know what you think 更新時間:2021-07-02 12:17:14
- Other Books You May Enjoy
- Summary
- Exploitation
- Intruder detection
- Using SQLMap
- Looking for entry points
- SQLMap detection
- Automatic scan
- Discovering Blind SQL injection
- Exploiting and Exfiltrating Data from a Large Shipping Corporation
- Summary
- Sensitive information sent via unprotected channels
- The session is not destructed after the logout
- Session IDs susceptible to session fixations attacks
- Session IDs exposed in the URL
- Predictable login credentials
- Weak storage for credentials
- Authentication method analysis
- Discovering authentication weaknesses
- Port scanning
- Performing information gathering
- Large online retailers
- Remembering about authentication
- Breaking the Authentication for a Large Online Retailer
- Summary
- Executing the extension
- The operation
- Creating the GUI
- Creating the user-agents (strings)
- Modifying the user-agent using an extension
- Burp Suite's API
- Writing a Burp Suite extension
- Setting up the development environment
- Writing Burp Suite Extensions
- Summary
- Bypassing type restrictions
- Bypassing file upload restrictions
- Automation with Burp Suite
- Brute forcing forms
- Brute forcing it with Burp Suite
- Brute forcing HTTP basic authentication
- Exploiting crypto vulnerabilities
- Exploiting the vulnerability
- Using insecure deserialization to execute OS commands
- Untrusted HTTP methods
- Default credentials
- Using Intruder
- Mapping the application
- Scanning
- Directory listings
- Default pages
- Exploiting security misconfigurations
- Exploiting IDOR with Burp Suite
- Extracting data using Insecure Direct Object Reference (IDOR) flaws
- Using SSRF/XSPA to extract data from internal machines
- Performing an internal port scan to the backend
- Using SSRF/XSPA to perform internal port scans
- Exploiting Vulnerabilities Using Burp Suite - Part 2
- Summary
- Using Burp Suite to exploit the vulnerability
- Exploiting SSTI vulnerabilities to execute server commands
- Using Burp Suite to exploit the vulnerability
- Performing out-of-data extraction using XXE and Burp Suite collaborator
- Exploiting the vulnerability
- Extracting server files using XXE vulnerabilities
- Taking control of the user's browser using XSS
- Exploiting the vulnerability
- Stealing session credentials using XSS
- SHELLING
- Executing an out-of-band command injection
- The vulnerability
- Executing OS commands using an SQL injection
- Performing exfiltration using Burp Suite
- The exploitation
- The vulnerability
- Data exfiltration via a blind Boolean-based SQL injection
- Exploiting Vulnerabilities Using Burp Suite - Part 1
- Summary
- Session is not destructed after logout
- Time out implementation
- Session IDs susceptible to session fixation attacks
- Session IDs exposed in the URL
- Detecting predictable login credentials
- Detecting weak storage for credentials
- Detecting broken authentication
- Insecure storage
- Redirections
- Detecting OAuth issues using Burp Suite
- Detecting SSO protocols
- Detecting OAuth-related issues
- Java Deserialization Scanner
- Detecting insecure deserialization
- Default pages
- Testing information
- Unattended installations
- Default credentials
- Unencrypted communications and clear text protocols
- Detecting security misconfigurations
- Detecting Insecure Direct Object References
- Steps for detecting CSRF using Burp Suite
- Detecting CSRF using Burp Suite
- Detecting CSRF
- Detecting Vulnerabilities Using Burp Suite
- Summary
- Detecting SSRF
- Detecting SSTI
- Detecting XML-related issues such as XXE
- Detecting XSS vulnerabilities
- Manual detection
- Detecting OS command injection
- CO2 detection
- Scanner detection
- Manual detection
- Detecting SQL injection flaws
- Identifying Vulnerabilities Using Burp Suite
- Summary
- Testing for authentication page for SQL injection
- Brute forcing login pages using Burp Intruder
- Testing for authentication via Burp
- Using Burp for content and file discovery
- Reconnaissance and file discovery
- Setting up OWASP Broken Web Application
- Setting up Xtreme Vulnerable Web Application
- Setup of vulnerable web applications
- Preparing for an Application Penetration Test
- Summary
- User options
- Project options
- Extender
- Decoder
- Sequencer
- Comparer
- Repeater
- Intruder
- Proxy
- Target
- Dashboard
- Features of Burp Suite
- Getting to know Burp Suite better
- Reporting
- Taking shells
- Digging deep for data exfiltration
- Exploiting discovered issues
- Automated testing
- Sensitive information disclosures
- Privilege escalation
- Pentesting cryptographic parameters
- Second-order SQL injection
- Various business logic flaws
- Manual testing
- Client-end code analysis
- Planning and reconnaissance
- Stages of an application pentest
- Exploring the Stages of an Application Penetration Test
- Summary
- Understanding the insertion points
- Auditor/Scanner
- Why Burp Suite Scanner?
- Crawling
- Types and features
- Why Burp Suite? Let's cover some groundwork!
- Initiating a penetration test
- Differences between a bug bounty and a client-initiated pentest
- Executing an Application Penetration Test
- Summary
- Setting up iOS to work with Burp Suite
- Setting up Android to work with Burp Suite
- Windows
- Linux or macOS X
- Setting system-wide proxy for non-proxy-aware clients
- Proxy SwitchySharp for Google Chrome
- FoxyProxy for Firefox
- Additional browser add-ons that can be used to manage proxy settings
- Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome proxy options on Linux
- Setting up Chrome to work with Burp Suite (HTTP and HTTPS)
- Setting up Firefox to work with Burp Suite (HTTP and HTTPS)
- Configuring the Client and Setting Up Mobile Devices
- Summary
- Quick settings before beginning
- Working with target exclusions
- Creating target scopes in Burp Suite
- Working with non-proxy-aware clients
- Managing multiple proxy listeners
- Setting up proxy listeners
- Getting to know Burp Suite
- Configuring Burp Suite
- Reviews
- Get in touch
- Conventions used
- To get the most out of this book
- What this book covers
- Who this book is for
- Preface
- Packt.com
- Why subscribe?
- About Packt
- Packt is searching for authors like you
- About the reviewer
- About the authors
- Contributors
- Hands-On Application Penetration Testing with Burp Suite
- Copyright and Credits
- Title Page
- coverpage
- coverpage
- Title Page
- Copyright and Credits
- Hands-On Application Penetration Testing with Burp Suite
- Contributors
- About the authors
- About the reviewer
- Packt is searching for authors like you
- About Packt
- Why subscribe?
- Packt.com
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Conventions used
- Get in touch
- Reviews
- Configuring Burp Suite
- Getting to know Burp Suite
- Setting up proxy listeners
- Managing multiple proxy listeners
- Working with non-proxy-aware clients
- Creating target scopes in Burp Suite
- Working with target exclusions
- Quick settings before beginning
- Summary
- Configuring the Client and Setting Up Mobile Devices
- Setting up Firefox to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome proxy options on Linux
- Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)
- Additional browser add-ons that can be used to manage proxy settings
- FoxyProxy for Firefox
- Proxy SwitchySharp for Google Chrome
- Setting system-wide proxy for non-proxy-aware clients
- Linux or macOS X
- Windows
- Setting up Android to work with Burp Suite
- Setting up iOS to work with Burp Suite
- Summary
- Executing an Application Penetration Test
- Differences between a bug bounty and a client-initiated pentest
- Initiating a penetration test
- Why Burp Suite? Let's cover some groundwork!
- Types and features
- Crawling
- Why Burp Suite Scanner?
- Auditor/Scanner
- Understanding the insertion points
- Summary
- Exploring the Stages of an Application Penetration Test
- Stages of an application pentest
- Planning and reconnaissance
- Client-end code analysis
- Manual testing
- Various business logic flaws
- Second-order SQL injection
- Pentesting cryptographic parameters
- Privilege escalation
- Sensitive information disclosures
- Automated testing
- Exploiting discovered issues
- Digging deep for data exfiltration
- Taking shells
- Reporting
- Getting to know Burp Suite better
- Features of Burp Suite
- Dashboard
- Target
- Proxy
- Intruder
- Repeater
- Comparer
- Sequencer
- Decoder
- Extender
- Project options
- User options
- Summary
- Preparing for an Application Penetration Test
- Setup of vulnerable web applications
- Setting up Xtreme Vulnerable Web Application
- Setting up OWASP Broken Web Application
- Reconnaissance and file discovery
- Using Burp for content and file discovery
- Testing for authentication via Burp
- Brute forcing login pages using Burp Intruder
- Testing for authentication page for SQL injection
- Summary
- Identifying Vulnerabilities Using Burp Suite
- Detecting SQL injection flaws
- Manual detection
- Scanner detection
- CO2 detection
- Detecting OS command injection
- Manual detection
- Detecting XSS vulnerabilities
- Detecting XML-related issues such as XXE
- Detecting SSTI
- Detecting SSRF
- Summary
- Detecting Vulnerabilities Using Burp Suite
- Detecting CSRF
- Detecting CSRF using Burp Suite
- Steps for detecting CSRF using Burp Suite
- Detecting Insecure Direct Object References
- Detecting security misconfigurations
- Unencrypted communications and clear text protocols
- Default credentials
- Unattended installations
- Testing information
- Default pages
- Detecting insecure deserialization
- Java Deserialization Scanner
- Detecting OAuth-related issues
- Detecting SSO protocols
- Detecting OAuth issues using Burp Suite
- Redirections
- Insecure storage
- Detecting broken authentication
- Detecting weak storage for credentials
- Detecting predictable login credentials
- Session IDs exposed in the URL
- Session IDs susceptible to session fixation attacks
- Time out implementation
- Session is not destructed after logout
- Summary
- Exploiting Vulnerabilities Using Burp Suite - Part 1
- Data exfiltration via a blind Boolean-based SQL injection
- The vulnerability
- The exploitation
- Performing exfiltration using Burp Suite
- Executing OS commands using an SQL injection
- The vulnerability
- Executing an out-of-band command injection
- SHELLING
- Stealing session credentials using XSS
- Exploiting the vulnerability
- Taking control of the user's browser using XSS
- Extracting server files using XXE vulnerabilities
- Exploiting the vulnerability
- Performing out-of-data extraction using XXE and Burp Suite collaborator
- Using Burp Suite to exploit the vulnerability
- Exploiting SSTI vulnerabilities to execute server commands
- Using Burp Suite to exploit the vulnerability
- Summary
- Exploiting Vulnerabilities Using Burp Suite - Part 2
- Using SSRF/XSPA to perform internal port scans
- Performing an internal port scan to the backend
- Using SSRF/XSPA to extract data from internal machines
- Extracting data using Insecure Direct Object Reference (IDOR) flaws
- Exploiting IDOR with Burp Suite
- Exploiting security misconfigurations
- Default pages
- Directory listings
- Scanning
- Mapping the application
- Using Intruder
- Default credentials
- Untrusted HTTP methods
- Using insecure deserialization to execute OS commands
- Exploiting the vulnerability
- Exploiting crypto vulnerabilities
- Brute forcing HTTP basic authentication
- Brute forcing it with Burp Suite
- Brute forcing forms
- Automation with Burp Suite
- Bypassing file upload restrictions
- Bypassing type restrictions
- Summary
- Writing Burp Suite Extensions
- Setting up the development environment
- Writing a Burp Suite extension
- Burp Suite's API
- Modifying the user-agent using an extension
- Creating the user-agents (strings)
- Creating the GUI
- The operation
- Executing the extension
- Summary
- Breaking the Authentication for a Large Online Retailer
- Remembering about authentication
- Large online retailers
- Performing information gathering
- Port scanning
- Discovering authentication weaknesses
- Authentication method analysis
- Weak storage for credentials
- Predictable login credentials
- Session IDs exposed in the URL
- Session IDs susceptible to session fixations attacks
- The session is not destructed after the logout
- Sensitive information sent via unprotected channels
- Summary
- Exploiting and Exfiltrating Data from a Large Shipping Corporation
- Discovering Blind SQL injection
- Automatic scan
- SQLMap detection
- Looking for entry points
- Using SQLMap
- Intruder detection
- Exploitation
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-07-02 12:17:14
