Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Bug Hunting for Penetration Testers

You're reading from   Hands-On Bug Hunting for Penetration Testers A practical guide to help ethical hackers discover web application security flaws

Arrow left icon
Product type Paperback
Published in Sep 2018
Publisher Packt
ISBN-13 9781789344202
Length 250 pages
Edition 1st Edition
Languages
Arrow right icon
Authors (2):
Arrow left icon
Himanshu Sharma Himanshu Sharma
Author Profile Icon Himanshu Sharma
Himanshu Sharma
Joe Marshall Joe Marshall
Author Profile Icon Joe Marshall
Joe Marshall
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Joining the Hunt FREE CHAPTER 2. Choosing Your Hunting Ground 3. Preparing for an Engagement 4. Unsanitized Data – An XSS Case Study 5. SQL, Code Injection, and Scanners 6. CSRF and Insecure Session Authentication 7. Detecting XML External Entities 8. Access Control and Security Through Obscurity 9. Framework and Application-Specific Vulnerabilities 10. Formatting Your Report 11. Other Tools 12. Other (Out of Scope) Vulnerabilities 13. Going Further 14. Assessment 15. Other Books You May Enjoy

Setting Up Your Environment – Tools To Know

All of the tools we'll use in this book will be free – you shouldn't need to purchase anything outside of this work to recreate the walk-throughs. In the survey of other security software not used directly in our engagements in Chapter 12, Other Tools, there will be a discussion of other technologies (paid and free) you can leverage for extra functionality.

Here's a brief overview of some of the technologies we will be using:

  • Burp Suite is a versatile program that can intercept web traffic (Burp Proxy), trigger application information submission (Burp Intruder), scan input against malicious code snippets (Burp Scanner), and – with the possibilities offered by extensions – a multitude of other things. We'll go over both using the native Burp functionality as well as how to incorporate simple extensions. Some of the paid functionalities, such as Burp Scan, will only receive an overview, in favor of focusing on the features available in the free version.
  • Nmap, sqlmap, wfuzz, arachnid, and other CLI programs are great for their ability to be assembled into larger workflows, feeding information into adjacent tools (Burp and others), kicking off other automation, or consistently visualizing a target's attack surface.
  • Deliberately vulnerable web applications are a different category of tooling – less for use in an actual pentesting engagement and designed more to either test out new ideas or calibrate an existing method or technology for those times when you need to return a positive result for a specific vulnerability. We'll be doing both with our use of deliberately vulnerable web apps, such as Google Gruyere, Target Range, DAMN vulnerable web app, and others. You can find a list of more DVWA in the sites section of Chapter 13, Going Further.

While we'll be going through the setup for these tools as we use them, it's still a good idea to poke around their installation and documentation pages. Because of their depth, many of these tools will have useful functionalities that we simply won't be able to completely cover in the course of our work. We'll also only skim the surface of tools not specific to security—the note—taking, logging, and other general productivity functionality represented by those apps can easily be replaced by whatever analogue you're most comfortable with.

You have been reading a chapter from
Hands-On Bug Hunting for Penetration Testers
Published in: Sep 2018
Publisher: Packt
ISBN-13: 9781789344202
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image