Web Penetration Testing with Kali Linux - Second Edition
()
About this ebook
Related to Web Penetration Testing with Kali Linux - Second Edition
Related ebooks
Kali Linux – Assuring Security by Penetration Testing Rating: 3 out of 5 stars3/5Mastering Metasploit Rating: 0 out of 5 stars0 ratingsKali Linux 2 – Assuring Security by Penetration Testing - Third Edition Rating: 0 out of 5 stars0 ratingsLearning Penetration Testing with Python Rating: 0 out of 5 stars0 ratingsMastering Kali Linux for Advanced Penetration Testing Rating: 4 out of 5 stars4/5Mastering Modern Web Penetration Testing Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing for Highly-Secured Environments - Second Edition Rating: 0 out of 5 stars0 ratingsMastering the Nmap Scripting Engine Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsAdvanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide Rating: 5 out of 5 stars5/5Mastering Kali Linux Wireless Pentesting Rating: 3 out of 5 stars3/5Introduction to Web Hacking: Cross-site Scripting Rating: 0 out of 5 stars0 ratingsHow to Attack and Defend Your Website Rating: 0 out of 5 stars0 ratingsEffective Python Penetration Testing Rating: 0 out of 5 stars0 ratingsHacking Android Rating: 4 out of 5 stars4/5The Art of Network Penetration Testing: How to take over any company in the world Rating: 0 out of 5 stars0 ratingsUntangle Network Security Rating: 0 out of 5 stars0 ratingsHacking of Computer Networks: Full Course on Hacking of Computer Networks Rating: 0 out of 5 stars0 ratingsBuilding Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsKali Linux Network Scanning Cookbook Rating: 0 out of 5 stars0 ratingsKali Linux Web Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsKali Linux Network Scanning Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsKali Linux Wireless Penetration Testing: Beginner's Guide Rating: 0 out of 5 stars0 ratingsCoding for Penetration Testers: Building Better Tools Rating: 0 out of 5 stars0 ratingsMetasploit Penetration Testing Cookbook Rating: 0 out of 5 stars0 ratingsKali Linux 2: Windows Penetration Testing Rating: 5 out of 5 stars5/5Mastering Kali Linux for Web Penetration Testing Rating: 4 out of 5 stars4/5Metasploit Bootcamp Rating: 5 out of 5 stars5/5Kali Linux Wireless Penetration Testing Essentials Rating: 5 out of 5 stars5/5
Software Development & Engineering For You
Level Up! The Guide to Great Video Game Design Rating: 4 out of 5 stars4/5Diary of a Software Craftsman Rating: 5 out of 5 stars5/5Python For Dummies Rating: 4 out of 5 stars4/5Learn to Code. Get a Job. The Ultimate Guide to Learning and Getting Hired as a Developer. Rating: 5 out of 5 stars5/5Lua Game Development Cookbook Rating: 0 out of 5 stars0 ratingsPYTHON: Practical Python Programming For Beginners & Experts With Hands-on Project Rating: 5 out of 5 stars5/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Hand Lettering on the iPad with Procreate: Ideas and Lessons for Modern and Vintage Lettering Rating: 4 out of 5 stars4/5Android App Development For Dummies Rating: 0 out of 5 stars0 ratingsBeginning Programming For Dummies Rating: 4 out of 5 stars4/5Learning Python Rating: 5 out of 5 stars5/5How to Write Effective Emails at Work Rating: 4 out of 5 stars4/5Modern C++ for Absolute Beginners: A Friendly Introduction to C++ Programming Language and C++11 to C++20 Standards Rating: 0 out of 5 stars0 ratingsHow Do I Do That in Photoshop?: The Quickest Ways to Do the Things You Want to Do, Right Now! Rating: 4 out of 5 stars4/5The Essential Persona Lifecycle: Your Guide to Building and Using Personas Rating: 4 out of 5 stars4/5The Inmates Are Running the Asylum (Review and Analysis of Cooper's Book) Rating: 4 out of 5 stars4/5SQL For Dummies Rating: 0 out of 5 stars0 ratingsGit Essentials Rating: 4 out of 5 stars4/5Programming Problems: A Primer for The Technical Interview Rating: 4 out of 5 stars4/5Managing Humans: Biting and Humorous Tales of a Software Engineering Manager Rating: 4 out of 5 stars4/5Ry's Git Tutorial Rating: 0 out of 5 stars0 ratingsCoding All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsHow Do I Do That In InDesign? Rating: 5 out of 5 stars5/5Hacking for Beginners: Mastery Guide to Learn and Practice the Basics of Computer and Cyber Security Rating: 0 out of 5 stars0 ratingsAgile Project Management: Scrum for Beginners Rating: 4 out of 5 stars4/5Photoshop For Beginners: Learn Adobe Photoshop cs5 Basics With Tutorials Rating: 0 out of 5 stars0 ratingsDebugging: The 9 Indispensable Rules for Finding Even the Most Elusive Software and Hardware Problems Rating: 4 out of 5 stars4/5iPhone Application Development For Dummies Rating: 4 out of 5 stars4/5
Reviews for Web Penetration Testing with Kali Linux - Second Edition
0 ratings0 reviews
Book preview
Web Penetration Testing with Kali Linux - Second Edition - Ansari Juned Ahmed
Table of Contents
Web Penetration Testing with Kali Linux Second Edition
Credits
About the Author
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example code
Downloading the color images of this book
Errata
Piracy
Questions
1. Introduction to Penetration Testing and Web Applications
Proactive security testing
Who is a hacker?
Different testing methodologies
Ethical hacking
Penetration testing
Vulnerability assessment
Security audits
Rules of engagement
Black box testing or Gray box testing
Client contact details
Client IT team notifications
Sensitive data handling
Status meeting
The limitations of penetration testing
The need for testing web applications
Social engineering attacks
Training employees to defeat social engineering attacks
A web application overview for penetration testers
HTTP protocol
Request and response header
The request header
The response header
Important HTTP methods for penetration testing
The GET/POST method
The HEAD method
The TRACE method
The PUT and DELETE methods
The OPTIONS method
Session tracking using cookies
Cookie
Cookie flow between server and client
Persistent and non-persistent cookies
Cookie parameters
HTML data in HTTP response
Multi-tier web application
Summary
2. Setting up Your Lab with Kali Linux
Kali Linux
Improvements in Kali Linux 2.0
Installing Kali Linux
USB mode
VMware and ARM images of Kali Linux
Kali Linux on Amazon cloud
Installing Kali Linux on a hard drive
Kali Linux-virtualizing versus installing on physical hardware
Important tools in Kali Linux
Web application proxies
Burp proxy
Customizing client interception
Modifying requests on the fly
Burp proxy with SSL-based websites
WebScarab and Zed Attack Proxy
ProxyStrike
Web vulnerability scanner
Nikto
Skipfish
Web Crawler – Dirbuster
OpenVAS
Database exploitation
CMS identification tools
Web application fuzzers
Using Tor for penetration testing
Steps to set up Tor and connect anonymously
Visualization of a web request through Tor
Final words for Tor
Summary
3. Reconnaissance and Profiling the Web Server
Reconnaissance
Passive reconnaissance versus active reconnaissance
Reconnaissance – information gathering
Domain registration details
Whois – extracting domain information
Identifying hosts using DNS
Zone transfer using dig
Brute force DNS records using Nmap
The Recon-ng tool – a framework for information gathering
Domain enumeration using recon-ng
Sub-level and top-level domain enumeration
Reporting modules
Scanning – probing the target
Port scanning using Nmap
Different options for port scan
Evading firewalls and IPS using Nmap
Spotting a firewall using back checksum option in Nmap
Identifying the operating system using Nmap
Profiling the server
Application version fingerprinting
The Nmap version scan
The Amap version scan
Fingerprinting the web application framework
The HTTP header
The Whatweb scanner
Identifying virtual hosts
Locating virtual hosts using search engines
The virtual host lookup module in Recon-ng
Identifying load balancers
Cookie-based load balancer
Other ways of identifying load balancers
Scanning web servers for vulnerabilities and misconfigurations
Identifying HTTP methods using Nmap
Testing web servers using auxiliary modules in Metasploit
Automating scanning using the WMAP web scanner plugin
Vulnerability scanning and graphical reports – the Skipfish web application scanner
Spidering web applications
The Burp spider
Application login
Summary
4. Major Flaws in Web Applications
Information leakage
Directory browsing
Directory browsing using DirBuster
Comments in HTML code
Mitigation
Authentication issues
Authentication protocols and flaws
Basic authentication
Digest authentication
Integrated authentication
Form-based authentication
Brute forcing credentials
Hydra – a brute force password cracker
Path traversal
Attacking path traversal using Burp proxy
Mitigation
Injection-based flaws
Command injection
SQL injection
Cross-site scripting
Attack potential of cross-site scripting attacks
Cross-site request forgery
Session-based flaws
Different ways to steal tokens
Brute forcing tokens
Sniffing tokens and man-in-the-middle attacks
Stealing session tokens using XSS attack
Session token sharing between application and browser
Tools to analyze tokens
Session fixation attack
Mitigation for session fixation
File inclusion vulnerability
Remote file include
Local file include
Mitigation for file inclusion attacks
HTTP parameter pollution
Mitigation
HTTP response splitting
Mitigation
Summary
5. Attacking the Server Using Injection-based Flaws
Command injection
Identifying parameters to inject data
Error-based and blind command injection
Metacharacters for command separator
Scanning for command injection
Creating a cookie file for authentication
Executing Wapiti
Exploiting command injection using Metasploit
PHP shell and Metasploit
Exploiting shellshock
Overview of shellshock
Scanning – dirb
Exploitation – Metasploit
SQL injection
SQL statements
The UNION operator
The SQL query example
Attack potential of the SQL injection flaw
Blind SQL injection
SQL injection testing methodology
Scanning for SQL injection
Information gathering
Sqlmap – automating exploitation
BBQSQL – the blind SQL injection framework
Sqlsus – MySQL injection
Sqlninja – MS SQL injection
Summary
6. Exploiting Clients Using XSS and CSRF Flaws
The origin of cross-site scripting
Introduction to JavaScript
An overview of cross-site scripting
Types of cross-site scripting
Persistent XSS
Reflected XSS
DOM-based XSS
Defence against DOM-based XSS
XSS using the POST Method
XSS and JavaScript – a deadly combination
Cookie stealing
Key logger
Website defacing
Scanning for XSS flaws
Zed Attack Proxy
Scoping and selecting modes
Modes of operation
Scan policy and attack
Xsser
Features
W3af
Plugins
Graphical interface
Cross-site request forgery
Attack dependencies
Attack methodology
Testing for CSRF flaws
CSRF mitigation techniques
Summary
7. Attacking SSL-based Websites
Secure socket layer
SSL in web applications
SSL encryption process
Asymmetric encryption versus symmetric encryption
Asymmetric encryption algorithms
Symmetric encryption algorithm
Hashing for message integrity
Identifying weak SSL implementations
OpenSSL command-line tool
SSLScan
SSLyze
Testing SSL configuration using Nmap
SSL man-in-the-middle attack
SSL MITM tools in Kali Linux
SSLsplit
SSLstrip
SSL stripping limitations
Summary
8. Exploiting the Client Using Attack Frameworks
Social engineering attacks
Social engineering toolkit
Spear-phishing attack
Website attack
Java applet attack
Credential harvester attack
Web jacking attack
Metasploit browser exploit
Tabnabbing attack
Browser exploitation framework
Introducing BeEF
BeEF hook injection
Browser reconnaissance
Exploit modules
Host information gathering
Persistence module
Network recon
Inter-protocol exploitation and communication
Exploiting the mutillidae XSS flaw using BeEF
Injecting the BeEF hook using MITM
Summary
9. AJAX and Web Services – Security Issues
Introduction to AJAX
Building blocks of AJAX
The AJAX workflow
AJAX security issues
Increase in attack surface
Exposed programming logic of the application
Insufficient access control
Challenges of pentesting AJAX applications
Crawling AJAX applications
AJAX crawling tool
Sprajax
AJAX spider – OWASP ZAP
Analyzing client-side code – Firebug
The Script panel
The Console panel
The Network panel
Web services
Introducing SOAP and RESTful web services
Securing web services
Insecure direct object reference vulnerability
Summary
10. Fuzzing Web Applications
Fuzzing basics
Types of fuzzing techniques
Mutation fuzzing
Generation fuzzing
Applications of fuzzing
Network protocol fuzzing
File fuzzing
User interface fuzzing
Web application fuzzing
Web browser fuzzing
Fuzzer frameworks
Fuzzing steps
Testing web applications using fuzzing
Fuzzing input in web applications
Request URI
Headers
Form fields
Detecting result of fuzzing
Web application fuzzers in Kali Linux
Fuzzing using Burp intruder
PowerFuzzer tool
Summary
Index
Web Penetration Testing with Kali Linux Second Edition
Web Penetration Testing with Kali Linux Second Edition
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: November 2015
Production reference: 1201115
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78398-852-5
www.packtpub.com
Credits
Author
Juned Ahmed Ansari
Reviewers
Olivier Le Moal
Gilberto Najera-Gutierrez
Janusz Oppermann
Commissioning Editor
Kartikey Pandey
Acquisition Editor
Indrajit Das
Content Development Editor
Mamata Walkar
Technical Editor
Dhiraj Chandanshive
Copy Editor
Roshni Banerjee
Project Coordinator
Shipra Chawhan
Proofreader
Safis Editing
Indexer
Hemangini Bari
Production Coordinator
Shantanu N. Zagade
Cover Work
Shantanu N. Zagade
About the Author
Juned Ahmed Ansari (@junedlive) is a cyber security researcher based out of Mumbai. He currently leads the penetration testing and offensive security team of a large MNC. Juned has worked as a consultant for large private sector enterprises, guiding them on their cyber security program. He has also worked with start-ups, helping them make their final product secure.
Juned has conducted several training sessions on advanced penetration testing, focused on teaching students stealth, and evasion techniques in highly secure environments. His primary focus areas are penetration testing, threat intelligence, and application security research. He holds leading security certifications such as GXPN, CISSP, CCSK, and CISA. Juned enjoys contributing to public groups and forums and occasionally blogs at http://securebits.in.
I would like to dedicate this book to my parents, Abdul Rashid and Sherbano, and sisters, Tasneem and Lubna. Thank you all for your encouragement on every small step that I took forward. Thank you mom and dad for all the sacrifices and always believing in me. I would also additionally like to thank my seniors for their mentorship and friends and colleagues for supporting me over the years.
About the Reviewers
Olivier Le Moal is a young System Security Engineer, working in the French online poker industry. He is an open source enthusiast and holds OSCP certification. He also runs a French security blog (blog.olivierlemoal.fr).
Gilberto Najera-Gutierrez leads the Security Testing Team (STT) at Sm4rt Security Services, one of the top security firms in Mexico. He also is an Offensive Security Certified Professional (OSCP), an EC-Council Certified Security Administrator (ECSA) and holds a Master's degree in Computer Science with specialization in Artificial Intelligence.Working as a Penetration Tester since 2013 and being a security enthusiast since high school, he has successfully conducted penetration tests to networks and applications of some the biggest corporations in Mexico, government agencies, and financial institutions.
Janusz Oppermann is an enthusiastic and passionate security specialist and ethical hacker. He is currently working at Deloitte The Netherlands as an ethical hacker/security professional. He is experienced with security testing of (wifi-) network infrastructures, web applications, and mobile applications. Because of his broad experience with network infrastructures and security solutions in different types of organizations, he is able to find security issues, estimate risks, and give consultations on the subject. He holds several security-related certifications such as CISSP, OSCP, CCNP Security, and CEH.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
https://www2.packtpub.com/books/subscription/packtlib
Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Free access for Packt account holders
If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.
Preface
Kali Linux is a Linux distribution widely used by security professionals. It comes bundled with many tools to effectively perform a security assessment. It has tools categorized based on the different phases of a penetration test such as information gathering, vulnerability analysis, and exploitation phase to name a few. The latest version, Kali 2.0, was released at Black Hat USA 2015. Besides tools used in a network penetration test, Kali Linux also includes tools to perform web application security and database assessment.
Web applications have become an integral part of any network and they need special attention when performing a security assessment. Web penetration testing with Kali Linux is designed to be a guide for network penetration testers who want to explore web application hacking. Our goal in this book is to gain an understanding about the different security flaws that exist in web application and then use selected tools from Kali Linux to identify the vulnerabilities and exploit them.
The chapters in this book are divided based on the steps that are performed during a real-world penetration test. The book starts with describing the different building blocks of a penetration test and then moves on to setting up the lab with Kali 2.0. In subsequent chapters, we follow the steps of a professional penetration tester and identify security flaws using the tools in Kali 2.0.
What this book covers
Chapter 1, Introduction to Penetration Testing and Web Applications, covers the different testing methodologies and rules that security professionals follow when performing an assessment of a web application. We also gain an overview of the building blocks of a web applications and the HTTP protocol.
Chapter 2, Setting up Your Lab with Kali Linux, introduces the changes and improvements in Kali 2.0. We will learn about the different ways to install Kali Linux and also install it in a lab environment. Next we have a walk-through of the important tools in Kali Linux and then set up Tor to connect anonymously.
Chapter 3, Reconnaissance and Profiling the Web Server, focuses on the information gathering phase. We use different tools in Kali Linux to perform passive and active reconnaissance. Next we profile the web server identifying the OS, application version, and additional information that help us in the later stages of the penetration test.
Chapter 4, Major Flaws in Web Applications, covers the different security flaws that affect web applications at various levels. We start by describing the less serious security flaws such as information leakage and then move on to the more severe ones, such as injection flaws. The chapter briefly touches all the major flaws that exist in real-world web applications.
Chapter 5, Attacking the Server Using Injection-based Flaws, is all about command injection and SQL injection flaws. We gain a deep understanding of the command injection flaw and exploit it using Metasploit. We also learn about the attack potential of a SQL injection flaw and use different tools in Kali Linux to exploit it.
Chapter 6, Exploiting Clients Using XSS and CSRF Flaws, focuses on cross-site scripting attack. We learn about the origin of the flaw and different types of XSS. We use different tools in Kali Linux to automate the scanning of the web application for XSS flaws. In the CSRF section we cover the attack methodology and the tools to exploit the flaw.
Chapter 7, Attacking SSL-based Websites, explores the importance of SSL in web applications. We learn different techniques to identify weak SSL implementations and then use the man-in-the-middle technique to hack into an SSL connection.
Chapter 8, Exploiting the Client Using Attack Frameworks, discusses different techniques and tricks to gain control over a client computer. In this chapter we use the Social Engineering Toolkit (SET) from Kali Linux to execute a phishing attack. In the second part of the chapter, we use the Browser exploitation framework (BeEF) to gain control of a user's browser by exploiting a XSS flaw. We also explore the different modules in BeEF.
Chapter 9, AJAX and Web Services – Security Issues, covers security flaws affecting an AJAX application and the challenges faced when performing a security assessment of it. Web services are also introduced in this chapter along with the security issues it faces.
Chapter 10, Fuzzing Web Applications, introduces the different types of fuzzing techniques. We learn the different ways in which fuzzing can identify flaws in web applications. Next we explore different fuzzers in Kali Linux and use Burp intruder to fuzz a web application.
What you need for this book
Readers should have a basic understanding of web applications, networking concepts, and penetration testing methodology. This book will include detailed examples of how to execute an attack using the tools offered in Kali Linux. It is not required but beneficial to have experience using previous versions of Kali Linux.
The software requirements for building a lab environment and installing Kali Linux are covered in Chapter 2, Setting up Your Lab with Kali Linux.
Who this book is for
If you are already working as a network penetration tester and want to expand your knowledge of web application hacking, then this book tailored for you. Those who are interested in learning more about the Kali Linux 2.0 tools that are used to test web applications will find this book a thoroughly useful and interesting guide.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: The ID could be shared using the GET method or the POST method.
A block of code is set as follows:
$file = $_GET['file'];
{
include(pages/$file
);
}
When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:
$file = $_GET['file'];
{
include(pages/$file
);
}
Any command-line input or output is written as follows:
SELECT columnA FROM tableX WHERE columnE='employee' AND columnF=100;
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: Select New context to create a new scope for this URL.
Note
Warnings or important notes appear in a box like this.
Tip
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail <feedback@packtpub.com>, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the example code
You can download the example code files from your account at http://www.packtpub.com for all the Packt Publishing books you have purchased. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from http://www.packtpub.com/sites/default/files/downloads/8525OS_ColorImages.pdf.
Errata
Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.
To view the previously submitted errata, go to https://www.packtpub.com/books/content/support and enter the name of the book in the search field. The required information will appear under the Errata section.
Piracy
Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.
Please contact us at <copyright@packtpub.com> with a link to the suspected pirated material.
We appreciate your help in protecting our authors and our ability to bring you valuable content.
Questions
If you have a problem with any aspect of this book, you can contact us at <questions@packtpub.com>, and we will do our best to address the problem.
Chapter 1. Introduction to Penetration Testing and Web Applications
CISO and CTO have been spending a huge amount of money on web applications and general IT security without getting the benefits, and they are living with a false sense of security. Although IT security has been a top priority for organizations, there have been some big security breaches in the last few years. The attack on the Target Corp, one of the biggest retailers in the US, exposed around 40 million debit and credit card details and the CEO and CIO were forced to step down. The attack on the Sony PlayStation network was a result of a SQL injection attack—one of the most common web application attacks—and the network was down for 24 days. This exposed personal information of 77 million accounts. These personal details and financial records then end up in underground markets and are used for malicious activities. There have been many more attacks that have not reported in the news with much vigor. Web applications may not be the sole reason for such huge security breaches, but they have always played an assisting role that has helped the attacker to achieve their main goal of planting malware for exposing private data.
It's not only the web server or the website that is responsible for such attacks; the vulnerabilities