{"product_id":"9781784396213","title":"Mastering Kali Linux for Web Penetration Testing","description":"\u003cp\u003e\u003cb\u003eMaster the art of exploiting advanced web penetration techniques with Kali Linux 2016.2\u003c\/b\u003e\u003c\/p\u003eAbout This Book\u003cul\u003e\n\u003cli\u003eMake the most out of advanced web pen-testing techniques using Kali Linux 2016.2\u003c\/li\u003e\n\u003cli\u003eExplore how Stored (a.k.a. Persistent) XSS attacks work and how to take advantage of them\u003c\/li\u003e\n\u003cli\u003eLearn to secure your application by performing advanced web based attacks.\u003c\/li\u003e\n\u003cli\u003eBypass internet security to traverse from the web to a private network. \u003c\/li\u003e\n\u003c\/ul\u003eWho This Book Is For\u003cp\u003eThis book targets IT pen testers, security consultants, and ethical hackers who want to expand their knowledge and gain expertise on advanced web penetration techniques. Prior knowledge of penetration testing would be beneficial.\u003c\/p\u003eWhat You Will Learn\u003cul\u003e\n\u003cli\u003eEstablish a fully-featured sandbox for test rehearsal and risk-free investigation of applications\u003c\/li\u003e\n\u003cli\u003eEnlist open-source information to get a head-start on enumerating account credentials, mapping potential dependencies, and discovering unintended backdoors and exposed information\u003c\/li\u003e\n\u003cli\u003eMap, scan, and spider web applications using nmap\/zenmap, nikto, arachni, webscarab, w3af, and NetCat for more accurate characterization\u003c\/li\u003e\n\u003cli\u003eProxy web transactions through tools such as Burp Suite, OWASP's ZAP tool, and Vega to uncover application weaknesses and manipulate responses\u003c\/li\u003e\n\u003cli\u003eDeploy SQL injection, cross-site scripting, Java vulnerabilities, and overflow attacks using Burp Suite, websploit, and SQLMap to test application robustness\u003c\/li\u003e\n\u003cli\u003eEvaluate and test identity, authentication, and authorization schemes and sniff out weak cryptography before the black hats do\u003c\/li\u003e\n\u003c\/ul\u003eIn Detail\u003cp\u003eYou will start by delving into some common web application architectures in use, both in private and public cloud instances. You will also learn about the most common frameworks for testing, such as OWASP OGT version 4, and how to use them to guide your efforts. In the next section, you will be introduced to web pentesting with core tools and you will also see how to make web applications more secure through rigorous penetration tests using advanced features in open source tools. The book will then show you how to better hone your web pentesting skills in safe environments that can ensure low-risk experimentation with the powerful tools and features in Kali Linux that go beyond a typical script-kiddie approach. After establishing how to test these powerful tools safely, you will understand how to better identify vulnerabilities, position and deploy exploits, compromise authentication and authorization, and test the resilience and exposure applications possess.\u003c\/p\u003e\u003cp\u003eBy the end of this book, you will be well-versed with the web service architecture to identify and evade various protection mechanisms that are used on the Web today. You will leave this book with a greater mastery of essential test techniques needed to verify the secure design, development, and operation of your customers' web applications.\u003c\/p\u003eStyle and approach\u003cp\u003eAn advanced-level guide filled with real-world examples that will help you take your web application's security to the next level by using Kali Linux 2016.2.\u003c\/p\u003e","brand":"Packt Publishing","offers":[{"title":"Default Title","offer_id":47137036665072,"sku":"9781784396213","price":39.99,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0737\/7593\/9824\/files\/9781784396213_p0.jpg?v=1763725717","url":"https:\/\/shop-qa.barnesandnoble.com\/products\/9781784396213","provider":"Barnes \u0026 Noble (DEV)","version":"1.0","type":"link"}