top

  Info

  • Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.

  Info

  • Utilizzare questo link per rimuovere la selezione effettuata.

Biblioteca

MARC Lista (tabellare)
The basics of web hacking [[electronic resource] ] : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
The basics of web hacking [[electronic resource] ] : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
Autore Pauli Joshua J
Edizione [1st edition]
Pubbl/distr/stampa Amsterdam, : Syngress, an imprint of Elsevier, 2013
Descrizione fisica 1 online resource (160 p.)
Disciplina 005.8
Altri autori (Persone) WhiteScott
Collana The basics The basics of web hacking
Soggetto topico Web sites - Security measures
Web applications - Security measures
Computer networks - Security measures
Penetration testing (Computer security)
Computer hackers
Computer crimes - Prevention
Soggetto genere / forma Electronic books.
ISBN 0-12-416659-8
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; The Basics of Web Hacking: Tools and Techniques to Attack the Web; Copyright; Dedication; Acknowledgments; Honey Bear; Lizard; Baby Bird; Family and Friends; Security Community; Scott White-Technical Reviewer; Syngress Team; My Vices; Biography; Foreword; Introduction; About this Book; A Hands-on Approach; What's in this Book?; A Quick Disclaimer; Contents; Chapter 1: The Basics of Web Hacking; Introduction; What Is a Web Application?; What You Need to Know About Web Servers; What You Need to Know About HTTP; HTTP Cycles; Noteworthy HTTP Headers; Noteworthy HTTP Status Codes
The Basics of Web Hacking: Our ApproachOur Targets; Our Tools; Web Apps Touch Every Part of IT; Existing Methodologies; The Open-Source Security Testing Methodology Manual (OSSTM); Penetration Testing Execution Standard (PTES); Making Sense of Existing Methodologies; Most Common Web Vulnerabilities; Injection; Cross-site Scripting (XSS); Broken Authentication and Session Management; Cross-site Request Forgery; Security Misconfiguration; Setting Up a Test Environment; Target Web Application; Installing the Target Web Application; Configuring the Target Web Application; DVWA Install Script
Chapter 2: Web Server HackingIntroduction; Reconnaissance; Learning About the Web Server; The Robots.txt File; Port Scanning; Nmap; Updating Nmap; Running Nmap; Nmap Scripting Engine (NSE); Vulnerability Scanning; Nessus; Installing Nessus; Configuring Nessus; Running Nessus; Reviewing Nessus Results; Nikto; Exploitation; Basics of Metasploit; Search; Use; Show Payloads; Set Payload; Show Options; Set Option; Exploit; Maintaining Access; Chapter 3: Web Application Recon and Scanning; Introduction; Web Application Recon; Basics of a Web Proxy; Burp Suite; Configuring Burp Proxy
Spidering with BurpAutomated Spidering; Manual Spidering; Running Burp Spider; Web Application Scanning; What a Scanner Will Find; What a Scanner Won't Find; Scanning with ZED Attack Proxy (ZAP); Configuring ZAP; Running ZAP; Reviewing ZAP Results; ZAP Brute Force; Scanning with Burp Scanner; Configuring Burp Scanner; Running Burp Scanner; Reviewing Burp Scanner Results; Chapter 4: Web Application Exploitation with Injection; Introduction; SQL Injection Vulnerabilities; SQL Interpreter; SQL for Hackers; SQL Injection Attacks; Finding the Vulnerability; Bypassing Authentication
Extracting Additional InformationHarvesting Password Hashes; Offline Password Cracking; sqlmap; Operating System Command Injection Vulnerabilities; O/S Command Injection for Hackers; Operating System Command Injection Attacks; Web Shells; Chapter 5: Web Application Exploitation with Broken Authentication and Path Traversal; Introduction; Authentication and Session Vulnerabilities; Path Traversal Vulnerabilities; Brute Force Authentication Attacks; Intercepting the Authentication Attempt; Configuring Burp Intruder; Intruder Payloads; Running Intruder; Session Attacks; Cracking Cookies
Burp Sequencer
Record Nr. UNINA-9910453182703321
Pauli Joshua J  
Amsterdam, : Syngress, an imprint of Elsevier, 2013
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
The basics of web hacking : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
The basics of web hacking : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
Autore Pauli Joshua J
Edizione [1st edition]
Pubbl/distr/stampa Amsterdam, : Syngress, an imprint of Elsevier, 2013
Descrizione fisica 1 online resource (xiii, 145 pages) : illustrations (some color)
Disciplina 005.8
Collana The basics The basics of web hacking
Soggetto topico Web sites - Security measures
Web applications - Security measures
Computer networks - Security measures
Penetration testing (Computer security)
Computer hackers
Computer crimes - Prevention
ISBN 0-12-416659-8
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; The Basics of Web Hacking: Tools and Techniques to Attack the Web; Copyright; Dedication; Acknowledgments; Honey Bear; Lizard; Baby Bird; Family and Friends; Security Community; Scott White-Technical Reviewer; Syngress Team; My Vices; Biography; Foreword; Introduction; About this Book; A Hands-on Approach; What's in this Book?; A Quick Disclaimer; Contents; Chapter 1: The Basics of Web Hacking; Introduction; What Is a Web Application?; What You Need to Know About Web Servers; What You Need to Know About HTTP; HTTP Cycles; Noteworthy HTTP Headers; Noteworthy HTTP Status Codes
The Basics of Web Hacking: Our ApproachOur Targets; Our Tools; Web Apps Touch Every Part of IT; Existing Methodologies; The Open-Source Security Testing Methodology Manual (OSSTM); Penetration Testing Execution Standard (PTES); Making Sense of Existing Methodologies; Most Common Web Vulnerabilities; Injection; Cross-site Scripting (XSS); Broken Authentication and Session Management; Cross-site Request Forgery; Security Misconfiguration; Setting Up a Test Environment; Target Web Application; Installing the Target Web Application; Configuring the Target Web Application; DVWA Install Script
Chapter 2: Web Server HackingIntroduction; Reconnaissance; Learning About the Web Server; The Robots.txt File; Port Scanning; Nmap; Updating Nmap; Running Nmap; Nmap Scripting Engine (NSE); Vulnerability Scanning; Nessus; Installing Nessus; Configuring Nessus; Running Nessus; Reviewing Nessus Results; Nikto; Exploitation; Basics of Metasploit; Search; Use; Show Payloads; Set Payload; Show Options; Set Option; Exploit; Maintaining Access; Chapter 3: Web Application Recon and Scanning; Introduction; Web Application Recon; Basics of a Web Proxy; Burp Suite; Configuring Burp Proxy
Spidering with BurpAutomated Spidering; Manual Spidering; Running Burp Spider; Web Application Scanning; What a Scanner Will Find; What a Scanner Won't Find; Scanning with ZED Attack Proxy (ZAP); Configuring ZAP; Running ZAP; Reviewing ZAP Results; ZAP Brute Force; Scanning with Burp Scanner; Configuring Burp Scanner; Running Burp Scanner; Reviewing Burp Scanner Results; Chapter 4: Web Application Exploitation with Injection; Introduction; SQL Injection Vulnerabilities; SQL Interpreter; SQL for Hackers; SQL Injection Attacks; Finding the Vulnerability; Bypassing Authentication
Extracting Additional InformationHarvesting Password Hashes; Offline Password Cracking; sqlmap; Operating System Command Injection Vulnerabilities; O/S Command Injection for Hackers; Operating System Command Injection Attacks; Web Shells; Chapter 5: Web Application Exploitation with Broken Authentication and Path Traversal; Introduction; Authentication and Session Vulnerabilities; Path Traversal Vulnerabilities; Brute Force Authentication Attacks; Intercepting the Authentication Attempt; Configuring Burp Intruder; Intruder Payloads; Running Intruder; Session Attacks; Cracking Cookies
Burp Sequencer
Record Nr. UNINA-9910779756803321
Pauli Joshua J  
Amsterdam, : Syngress, an imprint of Elsevier, 2013
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui
The basics of web hacking : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
The basics of web hacking : tools and techniques to attack the Web / / Josh Pauli ; Scott White, technical editor
Autore Pauli Joshua J
Edizione [1st edition]
Pubbl/distr/stampa Amsterdam, : Syngress, an imprint of Elsevier, 2013
Descrizione fisica 1 online resource (xiii, 145 pages) : illustrations (some color)
Disciplina 005.8
Collana The basics The basics of web hacking
Soggetto topico Web sites - Security measures
Web applications - Security measures
Computer networks - Security measures
Penetration testing (Computer security)
Computer hackers
Computer crimes - Prevention
ISBN 0-12-416659-8
Formato Materiale a stampa
Livello bibliografico Monografia
Lingua di pubblicazione eng
Nota di contenuto Front Cover; The Basics of Web Hacking: Tools and Techniques to Attack the Web; Copyright; Dedication; Acknowledgments; Honey Bear; Lizard; Baby Bird; Family and Friends; Security Community; Scott White-Technical Reviewer; Syngress Team; My Vices; Biography; Foreword; Introduction; About this Book; A Hands-on Approach; What's in this Book?; A Quick Disclaimer; Contents; Chapter 1: The Basics of Web Hacking; Introduction; What Is a Web Application?; What You Need to Know About Web Servers; What You Need to Know About HTTP; HTTP Cycles; Noteworthy HTTP Headers; Noteworthy HTTP Status Codes
The Basics of Web Hacking: Our ApproachOur Targets; Our Tools; Web Apps Touch Every Part of IT; Existing Methodologies; The Open-Source Security Testing Methodology Manual (OSSTM); Penetration Testing Execution Standard (PTES); Making Sense of Existing Methodologies; Most Common Web Vulnerabilities; Injection; Cross-site Scripting (XSS); Broken Authentication and Session Management; Cross-site Request Forgery; Security Misconfiguration; Setting Up a Test Environment; Target Web Application; Installing the Target Web Application; Configuring the Target Web Application; DVWA Install Script
Chapter 2: Web Server HackingIntroduction; Reconnaissance; Learning About the Web Server; The Robots.txt File; Port Scanning; Nmap; Updating Nmap; Running Nmap; Nmap Scripting Engine (NSE); Vulnerability Scanning; Nessus; Installing Nessus; Configuring Nessus; Running Nessus; Reviewing Nessus Results; Nikto; Exploitation; Basics of Metasploit; Search; Use; Show Payloads; Set Payload; Show Options; Set Option; Exploit; Maintaining Access; Chapter 3: Web Application Recon and Scanning; Introduction; Web Application Recon; Basics of a Web Proxy; Burp Suite; Configuring Burp Proxy
Spidering with BurpAutomated Spidering; Manual Spidering; Running Burp Spider; Web Application Scanning; What a Scanner Will Find; What a Scanner Won't Find; Scanning with ZED Attack Proxy (ZAP); Configuring ZAP; Running ZAP; Reviewing ZAP Results; ZAP Brute Force; Scanning with Burp Scanner; Configuring Burp Scanner; Running Burp Scanner; Reviewing Burp Scanner Results; Chapter 4: Web Application Exploitation with Injection; Introduction; SQL Injection Vulnerabilities; SQL Interpreter; SQL for Hackers; SQL Injection Attacks; Finding the Vulnerability; Bypassing Authentication
Extracting Additional InformationHarvesting Password Hashes; Offline Password Cracking; sqlmap; Operating System Command Injection Vulnerabilities; O/S Command Injection for Hackers; Operating System Command Injection Attacks; Web Shells; Chapter 5: Web Application Exploitation with Broken Authentication and Path Traversal; Introduction; Authentication and Session Vulnerabilities; Path Traversal Vulnerabilities; Brute Force Authentication Attacks; Intercepting the Authentication Attempt; Configuring Burp Intruder; Intruder Payloads; Running Intruder; Session Attacks; Cracking Cookies
Burp Sequencer
Record Nr. UNINA-9910812400803321
Pauli Joshua J  
Amsterdam, : Syngress, an imprint of Elsevier, 2013
Materiale a stampa
Lo trovi qui: Univ. Federico II
Opac: Controlla la disponibilità qui