Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from Learn Kali Linux 2019 Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark

Product type Paperback

Published in Nov 2019

Publisher

ISBN-13 9781789611809

Length 550 pages

Edition 1st Edition

Languages

C++

Tools

Kali Linux

Concepts

Penetration Testing

Authors (2):

Glen D. Singh

Joshua Crumbaugh

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Kali Linux Basics FREE CHAPTER

2. Introduction to Hacking

3. Setting Up Kali - Part 1

4. Setting Up Kali - Part 2

5. Getting Comfortable with Kali Linux 2019

6. Section 2: Reconnaissance

7. Passive Information Gathering

8. Active Information Gathering

9. Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019

10. Working with Vulnerability Scanners

11. Understanding Network Penetration Testing

12. Network Penetration Testing - Pre-Connection Attacks

13. Network Penetration Testing - Gaining Access

14. Network Penetration Testing - Post-Connection Attacks

15. Network Penetration Testing - Detection and Security

16. Client-Side Attacks - Social Engineering

17. Performing Website Penetration Testing

18. Website Penetration Testing - Gaining Access

19. Best Practices

20. Assessments

21. Other Books You May Enjoy

Leave a review - let other readers know what you think

File upload and file inclusion vulnerabilities

In this section, we will discuss various security vulnerabilities that allow an attacker to perform file upload, code execution, and file inclusion attacks on a web server.

In the following sections, we will cover the fundamentals of the following topics:

Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Structured Query Language injection (SQLi)
Insecure deserialization
Common misconfigurations
Vulnerable components
Insecure direct object reference

Let's dive in!

XSS

XSS attacks are carried out by exploiting vulnerabilities in a dynamically created web page. This allows an attacker to inject client-side scripts into a web page being viewed by other users. When...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Joshua Crumbaugh

Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better ""human solution"" -- This led him to a passion in social engineering and better understanding ways to stop social engineering attacks

See other products by Joshua Crumbaugh

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh