LEADER 05926nam  2200781 a 450 
001 9910453182703321
005 20200520144314.0
010   $a0-12-416659-8
035   $a(CKB)2550000001064758
035   $a(EBL)1222592
035   $a(OCoLC)851158028
035   $a(SSID)ssj0000915343
035   $a(PQKBManifestationID)11548234
035   $a(PQKBTitleCode)TC0000915343
035   $a(PQKBWorkID)10869329
035   $a(PQKB)10048669
035   $a(MiAaPQ)EBC1222592
035   $a(CaSebORM)9780124166004
035   $a(PPN)176633138
035   $a(Au-PeEL)EBL1222592
035   $a(CaPaEBR)ebr10723004
035   $a(CaONFJC)MIL499720
035   $a(EXLCZ)992550000001064758
100   $a20130603d2013      uy             0
101 0 $aeng
135   $aur|n|---|||||
181   $ctxt
182   $cc
183   $acr
200 14$aThe basics of web hacking$b[electronic resource] $etools and techniques to attack the Web /$fJosh Pauli ; Scott White, technical editor
205   $a1st edition
210   $aAmsterdam $cSyngress, an imprint of Elsevier$d2013
215   $a1 online resource (160 p.)
225 0 $aThe basics The basics of web hacking 
300   $aDescription based upon print version of record.
311   $a0-12-416600-8 
311   $a1-299-68470-X 
320   $aIncludes bibliographical references and index.
327   $aFront Cover; The Basics of Web Hacking: Tools and Techniques to Attack the Web; Copyright; Dedication; Acknowledgments; Honey Bear; Lizard; Baby Bird; Family and Friends; Security Community; Scott White-Technical Reviewer; Syngress Team; My Vices; Biography; Foreword; Introduction; About this Book; A Hands-on Approach; What's in this Book?; A Quick Disclaimer; Contents; Chapter 1: The Basics of Web Hacking; Introduction; What Is a Web Application?; What You Need to Know About Web Servers; What You Need to Know About HTTP; HTTP Cycles; Noteworthy HTTP Headers; Noteworthy HTTP Status Codes
327   $aThe Basics of Web Hacking: Our ApproachOur Targets; Our Tools; Web Apps Touch Every Part of IT; Existing Methodologies; The Open-Source Security Testing Methodology Manual (OSSTM); Penetration Testing Execution Standard (PTES); Making Sense of Existing Methodologies; Most Common Web Vulnerabilities; Injection; Cross-site Scripting (XSS); Broken Authentication and Session Management; Cross-site Request Forgery; Security Misconfiguration; Setting Up a Test Environment; Target Web Application; Installing the Target Web Application; Configuring the Target Web Application; DVWA Install Script
327   $aChapter 2: Web Server HackingIntroduction; Reconnaissance; Learning About the Web Server; The Robots.txt File; Port Scanning; Nmap; Updating Nmap; Running Nmap; Nmap Scripting Engine (NSE); Vulnerability Scanning; Nessus; Installing Nessus; Configuring Nessus; Running Nessus; Reviewing Nessus Results; Nikto; Exploitation; Basics of Metasploit; Search; Use; Show Payloads; Set Payload; Show Options; Set Option; Exploit; Maintaining Access; Chapter 3: Web Application Recon and Scanning; Introduction; Web Application Recon; Basics of a Web Proxy; Burp Suite; Configuring Burp Proxy
327   $aSpidering with BurpAutomated Spidering; Manual Spidering; Running Burp Spider; Web Application Scanning; What a Scanner Will Find; What a Scanner Won't Find; Scanning with ZED Attack Proxy (ZAP); Configuring ZAP; Running ZAP; Reviewing ZAP Results; ZAP Brute Force; Scanning with Burp Scanner; Configuring Burp Scanner; Running Burp Scanner; Reviewing Burp Scanner Results; Chapter 4: Web Application Exploitation with Injection; Introduction; SQL Injection Vulnerabilities; SQL Interpreter; SQL for Hackers; SQL Injection Attacks; Finding the Vulnerability; Bypassing Authentication
327   $aExtracting Additional InformationHarvesting Password Hashes; Offline Password Cracking; sqlmap; Operating System Command Injection Vulnerabilities; O/S Command Injection for Hackers; Operating System Command Injection Attacks; Web Shells; Chapter 5: Web Application Exploitation with Broken Authentication and Path Traversal; Introduction; Authentication and Session Vulnerabilities; Path Traversal Vulnerabilities; Brute Force Authentication Attacks; Intercepting the Authentication Attempt; Configuring Burp Intruder; Intruder Payloads; Running Intruder; Session Attacks; Cracking Cookies
327   $aBurp Sequencer
330   $a The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a ""path of least resistance"" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabili
606   $aWeb sites$xSecurity measures
606   $aWeb applications$xSecurity measures
606   $aComputer networks$xSecurity measures
606   $aPenetration testing (Computer security)
606   $aComputer hackers
606   $aComputer crimes$xPrevention
608   $aElectronic books.
615  0$aWeb sites$xSecurity measures.
615  0$aWeb applications$xSecurity measures.
615  0$aComputer networks$xSecurity measures.
615  0$aPenetration testing (Computer security)
615  0$aComputer hackers.
615  0$aComputer crimes$xPrevention.
676   $a005.8
700   $aPauli$b Joshua J$0997248
701   $aWhite$b Scott$0997249
801  0$bMiAaPQ
801  1$bMiAaPQ
801  2$bMiAaPQ
906   $aBOOK
912   $a9910453182703321
996   $aThe basics of web hacking$92287145
997   $aUNINA