Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
PowerShell for Penetration Testing

You're reading from   PowerShell for Penetration Testing Explore the capabilities of PowerShell for pentesters across multiple platforms

Arrow left icon
Product type Paperback
Published in May 2024
Publisher Packt
ISBN-13 9781835082454
Length 298 pages
Edition 1st Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Dr. Andrew Blyth Dr. Andrew Blyth
Author Profile Icon Dr. Andrew Blyth
Dr. Andrew Blyth
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Preface 1. Part 1: Introduction to Penetration Testing and PowerShell FREE CHAPTER
2. Chapter 1: Introduction to Penetration Testing 3. Chapter 2: Programming Principles in PowerShell 4. Part 2: Identification and Exploitation
5. Chapter 3: Network Services and DNS 6. Chapter 4: Network Enumeration and Port Scanning 7. Chapter 5: The WEB, REST, and SOAP 8. Chapter 6: SMB, Active Directory, LDAP and Kerberos 9. Chapter 7: Databases: MySQL, PostgreSQL, and MSSQL 10. Chapter 8: Email Services: Exchange, SMTP, IMAP, and POP 11. Chapter 9: PowerShell and FTP, SFTP, SSH, and TFTP 12. Chapter 10: Brute Forcing in PowerShell 13. Chapter 11: PowerShell and Remote Control and Administration 14. Part 3: Penetration Testing on Azure and AWS cloud Environments
15. Chapter 12: Using PowerShell in Azure 16. Chapter 13: Using PowerShell in AWS 17. Part 4: Post Exploitation and Command and Control
18. Chapter 14: Command and Control 19. Chapter 15: Post-Exploitation in Microsoft Windows 20. Chapter 16: Post-Exploitation in Linux 21. Index 22. Other Books You May Enjoy

PowerShell and REST

Using Representational State Transfer (REST) in PowerShell for penetration testing is a valuable approach to assessing the security of web applications and services. By interacting with RESTful APIs, penetration testers can identify vulnerabilities and weaknesses that could be exploited by malicious actors. Let’s explore how to use REST in PowerShell for penetration testing while aligning our analysis with the Open Web Application Security Project (OWASP) framework, a widely recognized resource for web application security.

OWASP analysis – injection

Objective: Test for injection vulnerabilities in REST APIs.

Methodology: You can use PowerShell to craft malicious input and send it as part of a request to test for injection vulnerabilities such as SQL injection, NoSQL injection, or OS command injection. We have the following SQL injection test as an example:

$uri = "http s:// api.snowcap cyber. com/resource"
$queryParam = &quot...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image