舉報 
會員
Hands-On Application Penetration Testing with Burp Suite
Burpsuiteisasetofgraphictoolsfocusedtowardspenetrationtestingofwebapplications.Burpsuiteiswidelyusedforwebpenetrationtestingbymanysecurityprofessionalsforperformingdifferentweb-levelsecuritytasks.Thebookstartsbysettinguptheenvironmenttobeginanapplicationpenetrationtest.Youwillbeabletoconfiguretheclientandapplytargetwhitelisting.YouwillalsolearntosetupandconfigureAndroidandIOSdevicestoworkwithBurpSuite.ThebookwillexplainhowvariousfeaturesofBurpSuitecanbeusedtodetectvariousvulnerabilitiesaspartofanapplicationpenetrationtest.Oncedetectioniscompletedandthevulnerabilityisconfirmed,youwillbeabletoexploitadetectedvulnerabilityusingBurpSuite.ThebookwillalsocoversadvancedconceptslikewritingextensionsandmacrosforBurpsuite.Finally,youwilldiscovervariousstepsthataretakentoidentifythetarget,discoverweaknessesintheauthenticationmechanism,andfinallybreaktheauthenticationimplementationtogainaccesstotheadministrativeconsoleoftheapplication.Bytheendofthisbook,youwillbeabletoeffectivelyperformend-to-endpenetrationtestingwithBurpSuite.
目錄(206章)
倒序
- coverpage
- Title Page
- Copyright and Credits
- Hands-On Application Penetration Testing with Burp Suite
- Contributors
- About the authors
- About the reviewer
- Packt is searching for authors like you
- About Packt
- Why subscribe?
- Packt.com
- Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Conventions used
- Get in touch
- Reviews
- Configuring Burp Suite
- Getting to know Burp Suite
- Setting up proxy listeners
- Managing multiple proxy listeners
- Working with non-proxy-aware clients
- Creating target scopes in Burp Suite
- Working with target exclusions
- Quick settings before beginning
- Summary
- Configuring the Client and Setting Up Mobile Devices
- Setting up Firefox to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome to work with Burp Suite (HTTP and HTTPS)
- Setting up Chrome proxy options on Linux
- Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)
- Additional browser add-ons that can be used to manage proxy settings
- FoxyProxy for Firefox
- Proxy SwitchySharp for Google Chrome
- Setting system-wide proxy for non-proxy-aware clients
- Linux or macOS X
- Windows
- Setting up Android to work with Burp Suite
- Setting up iOS to work with Burp Suite
- Summary
- Executing an Application Penetration Test
- Differences between a bug bounty and a client-initiated pentest
- Initiating a penetration test
- Why Burp Suite? Let's cover some groundwork!
- Types and features
- Crawling
- Why Burp Suite Scanner?
- Auditor/Scanner
- Understanding the insertion points
- Summary
- Exploring the Stages of an Application Penetration Test
- Stages of an application pentest
- Planning and reconnaissance
- Client-end code analysis
- Manual testing
- Various business logic flaws
- Second-order SQL injection
- Pentesting cryptographic parameters
- Privilege escalation
- Sensitive information disclosures
- Automated testing
- Exploiting discovered issues
- Digging deep for data exfiltration
- Taking shells
- Reporting
- Getting to know Burp Suite better
- Features of Burp Suite
- Dashboard
- Target
- Proxy
- Intruder
- Repeater
- Comparer
- Sequencer
- Decoder
- Extender
- Project options
- User options
- Summary
- Preparing for an Application Penetration Test
- Setup of vulnerable web applications
- Setting up Xtreme Vulnerable Web Application
- Setting up OWASP Broken Web Application
- Reconnaissance and file discovery
- Using Burp for content and file discovery
- Testing for authentication via Burp
- Brute forcing login pages using Burp Intruder
- Testing for authentication page for SQL injection
- Summary
- Identifying Vulnerabilities Using Burp Suite
- Detecting SQL injection flaws
- Manual detection
- Scanner detection
- CO2 detection
- Detecting OS command injection
- Manual detection
- Detecting XSS vulnerabilities
- Detecting XML-related issues such as XXE
- Detecting SSTI
- Detecting SSRF
- Summary
- Detecting Vulnerabilities Using Burp Suite
- Detecting CSRF
- Detecting CSRF using Burp Suite
- Steps for detecting CSRF using Burp Suite
- Detecting Insecure Direct Object References
- Detecting security misconfigurations
- Unencrypted communications and clear text protocols
- Default credentials
- Unattended installations
- Testing information
- Default pages
- Detecting insecure deserialization
- Java Deserialization Scanner
- Detecting OAuth-related issues
- Detecting SSO protocols
- Detecting OAuth issues using Burp Suite
- Redirections
- Insecure storage
- Detecting broken authentication
- Detecting weak storage for credentials
- Detecting predictable login credentials
- Session IDs exposed in the URL
- Session IDs susceptible to session fixation attacks
- Time out implementation
- Session is not destructed after logout
- Summary
- Exploiting Vulnerabilities Using Burp Suite - Part 1
- Data exfiltration via a blind Boolean-based SQL injection
- The vulnerability
- The exploitation
- Performing exfiltration using Burp Suite
- Executing OS commands using an SQL injection
- The vulnerability
- Executing an out-of-band command injection
- SHELLING
- Stealing session credentials using XSS
- Exploiting the vulnerability
- Taking control of the user's browser using XSS
- Extracting server files using XXE vulnerabilities
- Exploiting the vulnerability
- Performing out-of-data extraction using XXE and Burp Suite collaborator
- Using Burp Suite to exploit the vulnerability
- Exploiting SSTI vulnerabilities to execute server commands
- Using Burp Suite to exploit the vulnerability
- Summary
- Exploiting Vulnerabilities Using Burp Suite - Part 2
- Using SSRF/XSPA to perform internal port scans
- Performing an internal port scan to the backend
- Using SSRF/XSPA to extract data from internal machines
- Extracting data using Insecure Direct Object Reference (IDOR) flaws
- Exploiting IDOR with Burp Suite
- Exploiting security misconfigurations
- Default pages
- Directory listings
- Scanning
- Mapping the application
- Using Intruder
- Default credentials
- Untrusted HTTP methods
- Using insecure deserialization to execute OS commands
- Exploiting the vulnerability
- Exploiting crypto vulnerabilities
- Brute forcing HTTP basic authentication
- Brute forcing it with Burp Suite
- Brute forcing forms
- Automation with Burp Suite
- Bypassing file upload restrictions
- Bypassing type restrictions
- Summary
- Writing Burp Suite Extensions
- Setting up the development environment
- Writing a Burp Suite extension
- Burp Suite's API
- Modifying the user-agent using an extension
- Creating the user-agents (strings)
- Creating the GUI
- The operation
- Executing the extension
- Summary
- Breaking the Authentication for a Large Online Retailer
- Remembering about authentication
- Large online retailers
- Performing information gathering
- Port scanning
- Discovering authentication weaknesses
- Authentication method analysis
- Weak storage for credentials
- Predictable login credentials
- Session IDs exposed in the URL
- Session IDs susceptible to session fixations attacks
- The session is not destructed after the logout
- Sensitive information sent via unprotected channels
- Summary
- Exploiting and Exfiltrating Data from a Large Shipping Corporation
- Discovering Blind SQL injection
- Automatic scan
- SQLMap detection
- Looking for entry points
- Using SQLMap
- Intruder detection
- Exploitation
- Summary
- Other Books You May Enjoy
- Leave a review - let other readers know what you think 更新時間:2021-07-02 12:17:14
推薦閱讀
- Node Security
- 攻守道:企業數字業務安全風險與防范
- CTF實戰:技術、解題與進階
- Rootkit和Bootkit:現代惡意軟件逆向分析和下一代威脅
- 安全實戰之滲透測試
- 反黑命令與攻防從新手到高手(微課超值版)
- 網絡安全技術及應用(第3版)
- Python Penetration Testing Cookbook
- 網絡運維親歷記 (網絡運維紀實文學)
- 計算機網絡安全基礎(第5版)
- Instant Java Password and Authentication Security
- 華為防火墻實戰指南
- 構建新型網絡形態下的網絡空間安全體系
- 網絡空間安全:拒絕服務攻擊檢測與防御
- 黑客攻防從入門到精通:命令版
- Web安全之機器學習入門
- 大數據安全治理與防范:反欺詐體系建設
- 0day安全
- 業務安全關鍵技術與應用實踐
- Securing Docker
- 黑客攻防從入門到精通(加密與解密篇)
- Practical PowerShell Exchange Server 2019
- Kali Linux Network Scanning Cookbook
- Windows 7安全指南
- 黑客攻防實戰從入門到精通(第2版)
- App安全實戰指南:Android和iOS App的安全攻防與合規
- 網絡靶場與攻防演練
- Web漏洞搜索
- 黑客攻防從入門到精通(實戰版)
- 網絡攻擊與防御技術
