05926nam 2200781 a 450 991045318270332120200520144314.00-12-416659-8(CKB)2550000001064758(EBL)1222592(OCoLC)851158028(SSID)ssj0000915343(PQKBManifestationID)11548234(PQKBTitleCode)TC0000915343(PQKBWorkID)10869329(PQKB)10048669(MiAaPQ)EBC1222592(CaSebORM)9780124166004(PPN)176633138(Au-PeEL)EBL1222592(CaPaEBR)ebr10723004(CaONFJC)MIL499720(EXLCZ)99255000000106475820130603d2013 uy 0engur|n|---|||||txtccrThe basics of web hacking[electronic resource] tools and techniques to attack the Web /Josh Pauli ; Scott White, technical editor1st editionAmsterdam Syngress, an imprint of Elsevier20131 online resource (160 p.)The basics The basics of web hacking Description based upon print version of record.0-12-416600-8 1-299-68470-X Includes bibliographical references and index.Front Cover; The Basics of Web Hacking: Tools and Techniques to Attack the Web; Copyright; Dedication; Acknowledgments; Honey Bear; Lizard; Baby Bird; Family and Friends; Security Community; Scott White-Technical Reviewer; Syngress Team; My Vices; Biography; Foreword; Introduction; About this Book; A Hands-on Approach; What's in this Book?; A Quick Disclaimer; Contents; Chapter 1: The Basics of Web Hacking; Introduction; What Is a Web Application?; What You Need to Know About Web Servers; What You Need to Know About HTTP; HTTP Cycles; Noteworthy HTTP Headers; Noteworthy HTTP Status CodesThe Basics of Web Hacking: Our ApproachOur Targets; Our Tools; Web Apps Touch Every Part of IT; Existing Methodologies; The Open-Source Security Testing Methodology Manual (OSSTM); Penetration Testing Execution Standard (PTES); Making Sense of Existing Methodologies; Most Common Web Vulnerabilities; Injection; Cross-site Scripting (XSS); Broken Authentication and Session Management; Cross-site Request Forgery; Security Misconfiguration; Setting Up a Test Environment; Target Web Application; Installing the Target Web Application; Configuring the Target Web Application; DVWA Install ScriptChapter 2: Web Server HackingIntroduction; Reconnaissance; Learning About the Web Server; The Robots.txt File; Port Scanning; Nmap; Updating Nmap; Running Nmap; Nmap Scripting Engine (NSE); Vulnerability Scanning; Nessus; Installing Nessus; Configuring Nessus; Running Nessus; Reviewing Nessus Results; Nikto; Exploitation; Basics of Metasploit; Search; Use; Show Payloads; Set Payload; Show Options; Set Option; Exploit; Maintaining Access; Chapter 3: Web Application Recon and Scanning; Introduction; Web Application Recon; Basics of a Web Proxy; Burp Suite; Configuring Burp ProxySpidering with BurpAutomated Spidering; Manual Spidering; Running Burp Spider; Web Application Scanning; What a Scanner Will Find; What a Scanner Won't Find; Scanning with ZED Attack Proxy (ZAP); Configuring ZAP; Running ZAP; Reviewing ZAP Results; ZAP Brute Force; Scanning with Burp Scanner; Configuring Burp Scanner; Running Burp Scanner; Reviewing Burp Scanner Results; Chapter 4: Web Application Exploitation with Injection; Introduction; SQL Injection Vulnerabilities; SQL Interpreter; SQL for Hackers; SQL Injection Attacks; Finding the Vulnerability; Bypassing AuthenticationExtracting Additional InformationHarvesting Password Hashes; Offline Password Cracking; sqlmap; Operating System Command Injection Vulnerabilities; O/S Command Injection for Hackers; Operating System Command Injection Attacks; Web Shells; Chapter 5: Web Application Exploitation with Broken Authentication and Path Traversal; Introduction; Authentication and Session Vulnerabilities; Path Traversal Vulnerabilities; Brute Force Authentication Attacks; Intercepting the Authentication Attempt; Configuring Burp Intruder; Intruder Payloads; Running Intruder; Session Attacks; Cracking CookiesBurp Sequencer The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a ""path of least resistance"" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabiliWeb sitesSecurity measuresWeb applicationsSecurity measuresComputer networksSecurity measuresPenetration testing (Computer security)Computer hackersComputer crimesPreventionElectronic books.Web sitesSecurity measures.Web applicationsSecurity measures.Computer networksSecurity measures.Penetration testing (Computer security)Computer hackers.Computer crimesPrevention.005.8Pauli Joshua J997248White Scott997249MiAaPQMiAaPQMiAaPQBOOK9910453182703321The basics of web hacking2287145UNINA01486nam0 22003251i 450 UON0016028520231205103004.87188-8265-180-020020528d2002 |0itac50 baitaIT|||| 1||||Homo Faber: Studies on Nature, Technology, and Science at the Time of Pompeii: presented at a conference at the Deutsches Museum, Munich 21-22 March 2000edited by Jurgen Renn and Giuseppe CastagnettiRoma : L'Erma di Bretschneider2002187 p.ill. ; 27 cmIn testa al front.: Ministero per i beni e le attività culturali, Soprintendenza archeologica di PompeiProf. PesandoIT-UONSI N 2POMPEI042/06001UON001337932001 Studi della Soprintendenza Archeologica di Pompei6SCIENZA E TECNOLOGIAPompeiUONC032997FIITRomaUONL000004500.08937Scienze pure - Roma antica21CASTAGNETTIGiuseppeUONV094629RENNJurgenUONV094628L'Erma di BretschneiderUONV259640650ITSOL20240220RICASIBA - SISTEMA BIBLIOTECARIO DI ATENEOUONSIUON00160285SIBA - SISTEMA BIBLIOTECARIO DI ATENEOSI N 2 POMPEI 042 06 SI MC 25541 5 06 Prof. PesandoHomo faber352521UNIOR