Discover the most common web vulnerabilities and prevent them from becoming a threat to your site's securityKey FeaturesFamiliarize yourself with the most common web vulnerabilitiesConduct a preliminary assessment of attack surfaces and run exploits in your labExplore new tools in the Kali Linux ecosystem for web penetration testingBook DescriptionWeb applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test – from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security flaws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities.What you will learnSet up a secure penetration testing laboratoryUse proxies, crawlers, and spiders to investigate an entire websiteIdentify cross-site scripting and client-side vulnerabilitiesExploit vulnerabilities that allow the insertion of code into web applicationsExploit vulnerabilities that require complex setupsImprove testing efficiency using automated vulnerability scannersLearn how to circumvent security controls put in place to prevent attacksWho this book is forKali Linux Web Penetration Testing Cookbook is for IT professionals, web developers, security enthusiasts, and security professionals who want an accessible reference on how to find, exploit, and prevent security vulnerabilities in web applications. The basics of operating a Linux environment and prior exposure to security technologies and tools are necessary. Cover......Page 1 Title Page......Page 2 Copyright and Credits......Page 3 Packt Upsell......Page 4 Contributors......Page 5 Table of Contents......Page 7 Preface......Page 16 Installing VirtualBox on Windows and Linux......Page 23 How to do it.........Page 24 There's more.........Page 26 How to do it.........Page 27 How to do it.........Page 35 Configuring the web browser for penetration testing......Page 39 How to do it.........Page 40 How it works.........Page 42 See also......Page 43 How to do it.........Page 44 How it works.........Page 45 Getting ready......Page 46 How to do it.........Page 47 Getting to know web applications on a vulnerable virtual machine......Page 50 How to do it.........Page 51 How it works.........Page 54 See also......Page 55 Introduction......Page 56 Getting ready......Page 57 How to do it.........Page 58 How it works.........Page 62 Using Recon-ng to gather information......Page 63 How to do it.........Page 64 See also......Page 66 How to do it.........Page 67 There's more.........Page 69 Identifying web application firewalls......Page 70 How to do it.........Page 71 Getting ready......Page 73 How to do it.........Page 74 How it works.........Page 76 Using the browser's developer tools to analyze and alter basic behavior......Page 77 How to do it.........Page 78 There's more.........Page 80 How to do it.........Page 81 How it works.........Page 83 Taking advantage of robots.txt......Page 84 How to do it.........Page 85 How it works.........Page 87 Introduction......Page 88 Getting ready......Page 89 How to do it.........Page 90 Finding files and folders with ZAP......Page 92 Getting ready......Page 93 How to do it.........Page 95 Using Burp Suite to view and alter requests......Page 97 How to do it.........Page 98 How it works.........Page 102 Using Burp Suite's Intruder to find files and folders......Page 103 How to do it.........Page 104 How it works.........Page 107 Using the ZAP proxy to view and alter requests......Page 108 How to do it.........Page 109 How it works.........Page 111 How to do it.........Page 112 How it works.........Page 114 How to do it.........Page 115 Getting ready......Page 118 How to do it.........Page 119 How it works.........Page 122 How to do it.........Page 123 How it works.........Page 126 How to do it.........Page 127 How it works.........Page 129 Introduction......Page 130 Getting ready......Page 131 How to do it.........Page 132 How it works.........Page 136 How to do it.........Page 137 How it works.........Page 141 Brute forcing basic authentication with Hydra......Page 142 How to do it.........Page 143 How it works.........Page 145 See also......Page 146 Getting ready......Page 147 How to do it.........Page 149 How it works.........Page 151 There's more.........Page 152 Manually identifying vulnerabilities in cookies......Page 153 How to do it.........Page 154 How it works.........Page 155 How to do it.........Page 156 How it works.........Page 160 How to do it.........Page 161 How it works.........Page 168 Abusing insecure direct object references......Page 169 How to do it.........Page 170 How it works.........Page 173 Getting ready......Page 174 How to do it.........Page 175 How it works.........Page 180 See also......Page 181 Introduction......Page 182 How to do it.........Page 183 Identifying Cross-Site Scripting vulnerabilities......Page 188 How to do it.........Page 189 How it works.........Page 191 How to do it.........Page 192 How it works.........Page 193 See also......Page 194 How to do it.........Page 195 Getting ready......Page 199 How to do it.........Page 200 There's more.........Page 204 How to do it.........Page 205 How it works.........Page 208 Getting ready......Page 209 How to do it.........Page 212 How it works.........Page 217 Getting ready......Page 218 How to do it.........Page 219 How it works.........Page 222 Introduction......Page 223 How to do it.........Page 224 How it works.........Page 226 Getting ready......Page 227 How to do it.........Page 228 There's more.........Page 231 How to do it.........Page 232 There's more.........Page 234 How to do it.........Page 235 How to do it.........Page 239 How it works.........Page 246 See also......Page 247 How to do it.........Page 248 How it works.........Page 252 See also......Page 253 How to do it.........Page 254 How it works.........Page 256 Detecting and exploiting command injection vulnerabilities......Page 257 How to do it.........Page 258 How it works.........Page 260 Introduction......Page 262 How to do it.........Page 263 How it works.........Page 266 Executing commands by exploiting Shellshock......Page 267 How to do it.........Page 268 How it works.........Page 272 Creating and capturing a reverse shell with Metasploit......Page 273 How to do it.........Page 274 How it works.........Page 277 How to do it.........Page 278 How it works.........Page 281 See also......Page 282 Privilege escalation on Windows......Page 283 How to do it.........Page 284 How it works.........Page 291 See also......Page 292 Using Tomcat Manager to execute code......Page 294 How to do it.........Page 295 How it works.........Page 297 Getting ready......Page 298 How to do it.........Page 299 How it works.........Page 300 How to do it.........Page 301 How it works.........Page 303 Introduction......Page 304 How to do it.........Page 305 Considerations when doing automated scanning......Page 307 How to do it.........Page 308 Finding vulnerabilities with Wapiti......Page 309 How to do it.........Page 310 How it works.........Page 312 How to do it.........Page 313 How it works.........Page 316 Scanning with Skipfish......Page 317 How to do it.........Page 318 How it works.........Page 319 How to do it.........Page 320 Finding vulnerabilities in Joomla with JoomScan......Page 322 How to do it.........Page 323 How it works.........Page 325 Getting ready......Page 326 How to do it.........Page 327 How it works.........Page 330 Introduction......Page 331 How to do it.........Page 332 There's more.........Page 334 How to do it.........Page 335 Bypassing file upload restrictions......Page 339 How to do it.........Page 340 How it works.........Page 345 Getting ready......Page 346 How to do it.........Page 348 How it works.........Page 351 How to do it.........Page 352 Exploiting HTTP parameter pollution......Page 356 How to do it.........Page 357 How it works.........Page 358 How to do it.........Page 360 How it works.........Page 364 Introduction......Page 365 How to do it.........Page 366 How it works.........Page 367 See also......Page 368 How to do it.........Page 369 How it works.........Page 371 How to do it.........Page 372 How it works.........Page 373 How it works.........Page 374 How to do it.........Page 375 A6 – Basic security configuration guide......Page 376 How to do it.........Page 377 How it works.........Page 378 How to do it.........Page 379 How it works.........Page 380 How to do it.........Page 381 A9 – Where to look for known vulnerabilities on third-party components......Page 382 How to do it.........Page 383 How to do it.........Page 384 How it works.........Page 385 Other Books You May Enjoy......Page 386 Index......Page 389 Discover the most common web vulnerabilities and prevent them from becoming a threat to your site's securityKey Features Familiarize yourself with the most common web vulnerabilities Conduct a preliminary assessment of attack surfaces and run exploits in your lab Explore new tools in Kali Linux ecosystem for web penetration testing Book DescriptionWeb applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a huge array of testing tools, many of which can be used to execute web penetration testing.Starting from the setup of a testing laboratory, this book will give you the skills you need to cover every stage of a penetration test: from gathering information about the system and the application to identifying vulnerabilities through manual testing and the use of vulnerability scanners to both basic and advanced exploitation techniques that may lead to a full system compromise. You will explore the latest features of Burp suite and perform wide range of tasks using Burp suite’s intruder. Next, you will be able to use automated scanners to find security flaws in web applications and also understand how to bypass basic security controls. Finally, you will be able to put this into the context of OWASP and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of the book, you will have the required skills to identify, exploit, and prevent web application vulnerabilities.What You Will Learn Set up a penetration testing laboratory in a secure way Use proxies, crawlers, and spiders to investigate an entire website in minutes Identify cross site scripting and client-side vulnerabilities Exploit vulnerabilities that require complex setups and run custom-made exploits Discover and exploit vulnerabilities that allow you to inject code into web applications Improve your testing efficiency with the use of automated vulnerability scanners Learn to circumvent some security controls put in place to prevent attacks Who This Book Is ForThis book is for IT professionals, web developers, security enthusiasts, and security professionals who want an accessible reference on how to find, exploit, and prevent security vulnerabilities in web applications. You should know the basics of operating a Linux environment and have some exposure to security technologies and tools.About the AuthorGilberto Najera-Gutierrezis an experienced penetration tester currently working for one of the top security testing service providers in Australia. He obtained leading security and penetration testing certifications, namely Offensive Security Certified Professional (OSCP), EC-Council Certified Security Administrator (ECSA), and GIAC Exploit Researcher and Advanced Penetration Tester (GXPN); he also holds a Master's degree in Computer Science with specialization in Artificial Intelligence.Gilberto has been working as a penetration tester since 2013, and he has been a security enthusiast for almost 20 years. He has successfully conducted penetration tests on networks and applications of some the biggest corporations, government agencies, and financial institutions in Mexico and Australia. Discover the most common web vulnerabilities and prevent them from becoming a threat to your site's security Key FeaturesFamiliarize yourself with the most common web vulnerabilitiesConduct a preliminary assessment of attack surfaces and run exploits in your labExplore new tools in the Kali Linux ecosystem for web penetration testingBook DescriptionWeb applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities. What you will learnSet up a secure penetration testing laboratoryUse proxies, crawlers, and spiders to investigate an entire websiteIdentify cross-site scripting and client-side vulnerabilitiesExploit vulnerabilities that allow the insertion of code into web applicationsExploit vulnerabilities that require complex setupsImprove testing efficiency using automated vulnerability scannersLearn how to circumvent security controls put in place to prevent attacksWho this book is forKali Linux Web Penetration Testing Cookbook is for IT professionals, web developers, security enthusiasts, and security professionals who want an accessible reference on how to find, exploit, and prevent security vulnerabilities in web applications. The basics of operating a Linux environment and prior exposure to security technologies and tools are necessary. Table of ContentsSetting up Kali Linux and the Testing LabReconnaissanceUsing Proxies, Crawlers and SpidersTesting Authentication and Session ManagementCross-Site Scripting and Client-Side AttacksExploiting Injection VulnerabilitiesExploiting Platform VulnerabilitiesUsing Automated ScannersBypassing Basic Security ControlsMitigation of OWASP Top 10 Vulnerabilities BDiscover the most common web vulnerabilities and prevent them from becoming a threat to your site's security/b h4Key Features/h4 ulliFamiliarize yourself with the most common web vulnerabilities /li liConduct a preliminary assessment of attack surfaces and run exploits in your lab /li liExplore new tools in the Kali Linux ecosystem for web penetration testing /li /ul h4Book Description/h4 Web applications are a huge point of attack for malicious hackers and a critical area for security professionals and penetration testers to lock down and secure. Kali Linux is a Linux-based penetration testing platform that provides a broad array of testing tools, many of which can be used to execute web penetration testing. Kali Linux Web Penetration Testing Cookbook gives you the skills you need to cover every stage of a penetration test - from gathering information about the system and application, to identifying vulnerabilities through manual testing. You will also cover the use of vulnerability scanners and look at basic and advanced exploitation techniques that may lead to a full system compromise. You will start by setting up a testing laboratory, exploring the latest features of tools included in Kali Linux and performing a wide range of tasks with OWASP ZAP, Burp Suite and other web proxies and security testing tools. As you make your way through the book, you will learn how to use automated scanners to find security ?aws in web applications and understand how to bypass basic security controls. In the concluding chapters, you will look at what you have learned in the context of the Open Web Application Security Project (OWASP) and the top 10 web application vulnerabilities you are most likely to encounter, equipping you with the ability to combat them effectively. By the end of this book, you will have acquired the skills you need to identify, exploit, and prevent web application vulnerabilities. h4What you will learn/h4 ulliSet up a secure penetration testing laboratory /li liUse proxies, crawlers, and spiders to investigate an entire website /li liIdentify cross-site scripting and client-side vulnerabilities /li liExploit vulnerabilities that allow the insertion of code into web applications /li liExploit vulnerabilities that require complex setups /li liImprove testing efficiency using automated vulnerability scanners /li liLearn how to circumvent security controls put in place to prevent attacks/li/ul h4Who this book is for/h4 Kali Linux Web Penetration Testing Cookbook is for IT professionals, web developers, security enthusiasts, and security professionals who want an accessible reference on how to find, exploit, and prevent security vulnerabilities in web applications. The basics of operating a Linux environment and prior exposure to security technologies and tools are necessary Kali Linux is the most popular open-source penetration toolkit used for effective web penetration testing. This book will teach you, in the form of step-by-step recipes, how to detect a wide array of vulnerabilities, exploit them to analyze their consequences, and ultimately buffer attackable surfaces so applications are more secure.