finelybook
Python Web Penetration Testing Cookbook
by 作者: Andrew Mabbitt,Benjamin May,Cameron Buchanan,Dave Mound,Terry Ip
Pages: 228 pages
Edition 版本: 1
Language 语言: English
Publisher Finelybook 出版社: Packt Publishing
Publisher Finelybook 出版日期: 2015-06-30
ISBN-10 书号: 1784392936
ISBN-13 书号: 9781784392932
Book Description
Over 60 indispensable Python recipes to ensure you always have the right code on hand for web application testing
About This Book
Get useful guidance on writing Python scripts and using libraries to put websites and web apps through their paces
Find the script you need to deal with any stage of the web testing process
Develop your Python knowledge to get ahead of the game for web testing and expand your skillset to other testing areas
Who this book is for
This book is for testers looking for quick access to powerful,modern tools and customizable scripts to kick-start the creation of their own Python web penetration testing toolbox.
What you will learn
Enumerate users on web apps through Python
Develop complicated header-based attacks through Python
Deliver multiple XSS strings and check their execution success
Handle outputs from multiple tools and create attractive reports
Create PHP pages that test scripts and tools
Identify parameters and URLs vulnerable to Directory Traversal
Replicate existing tool functionality in Python
Create basic dial-back Python scripts using reverse shells and basic Python PoC malware
In Detail
This book gives you an arsenal of Python scripts perfect to use or to customize your needs for each stage of the testing process. Each chapter takes you step by step through the methods of designing and modifying scripts to attack web apps. You will learn how to collect both open and hidden information from websites to further your attacks,identify vulnerabilities,perform SQL Injections,exploit cookies,and enumerate poorly configured systems. You will also discover how to crack encryption,create payloads to mimic malware,and create tools to output your findings into presentable formats for reporting to your employers.
Contents
Chapter 1: Gathering Open Source Intelligence
Chapter 2: Enumeration
Chapter 3: Vulnerability Identification
Chapter 4: SQL Injection
Chapter 5: Web Header Manipulation
Chapter 6: Image Analysis and Manipulation
Chapter 7: Encryption and Encoding
Chapter 8: Payloads and Shells
Chapter 9: Reporting
