售 价:¥
9.8
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Title Page
Copyright and Credits
Hands-On Application Penetration Testing with Burp Suite
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
About Packt
Why subscribe?
Packt.com
Preface
Who this book is for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Reviews
Configuring Burp Suite
Getting to know Burp Suite
Setting up proxy listeners
Managing multiple proxy listeners
Working with non-proxy-aware clients
Creating target scopes in Burp Suite
Working with target exclusions
Quick settings before beginning
Summary
Configuring the Client and Setting Up Mobile Devices
Setting up Firefox to work with Burp Suite (HTTP and HTTPS)
Setting up Chrome to work with Burp Suite (HTTP and HTTPS)
Setting up Chrome proxy options on Linux
Setting up Internet Explorer to work with Burp Suite (HTTP and HTTPS)
Additional browser add-ons that can be used to manage proxy settings
FoxyProxy for Firefox
Proxy SwitchySharp for Google Chrome
Setting system-wide proxy for non-proxy-aware clients
Linux or macOS X
Windows
Setting up Android to work with Burp Suite
Setting up iOS to work with Burp Suite
Summary
Executing an Application Penetration Test
Differences between a bug bounty and a client-initiated pentest
Initiating a penetration test
Why Burp Suite? Let's cover some groundwork!
Types and features
Crawling
Why Burp Suite Scanner?
Auditor/Scanner
Understanding the insertion points
Summary
Exploring the Stages of an Application Penetration Test
Stages of an application pentest
Planning and reconnaissance
Client-end code analysis
Manual testing
Various business logic flaws
Second-order SQL injection
Pentesting cryptographic parameters
Privilege escalation
Sensitive information disclosures
Automated testing
Exploiting discovered issues
Digging deep for data exfiltration
Taking shells
Reporting
Getting to know Burp Suite better
Features of Burp Suite
Dashboard
Target
Proxy
Intruder
Repeater
Comparer
Sequencer
Decoder
Extender
Project options
User options
Summary
Preparing for an Application Penetration Test
Setup of vulnerable web applications
Setting up Xtreme Vulnerable Web Application
Setting up OWASP Broken Web Application
Reconnaissance and file discovery
Using Burp for content and file discovery
Testing for authentication via Burp
Brute forcing login pages using Burp Intruder
Testing for authentication page for SQL injection
Summary
Identifying Vulnerabilities Using Burp Suite
Detecting SQL injection flaws
Manual detection
Scanner detection
CO2 detection
Detecting OS command injection
Manual detection
Detecting XSS vulnerabilities
Detecting XML-related issues, such as XXE
Detecting SSTI
Detecting SSRF
Summary
Detecting Vulnerabilities Using Burp Suite
Detecting CSRF
Detecting CSRF using Burp Suite
Steps for detecting CSRF using Burp Suite
Detecting Insecure Direct Object References
Detecting security misconfigurations
Unencrypted communications and clear text protocols
Default credentials
Unattended installations
Testing information
Default pages
Detecting insecure deserialization
Java Deserialization Scanner
Detecting OAuth-related issues
Detecting SSO protocols
Detecting OAuth issues using Burp Suite
Redirections
Insecure storage
Detecting broken authentication
Detecting weak storage for credentials
Detecting predictable login credentials
Session IDs exposed in the URL
Session IDs susceptible to session fixation attacks
Time out implementation
Session is not destructed after logout
Summary
Exploiting Vulnerabilities Using Burp Suite - Part 1
Data exfiltration via a blind Boolean-based SQL injection
The vulnerability
The exploitation
Performing exfiltration using Burp Suite
Executing OS commands using an SQL injection
The vulnerability
Executing an out-of-band command injection
SHELLING
Stealing session credentials using XSS
Exploiting the vulnerability
Taking control of the user's browser using XSS
Extracting server files using XXE vulnerabilities
Exploiting the vulnerability
Performing out-of-data extraction using XXE and Burp Suite collaborator
Using Burp Suite to exploit the vulnerability
Exploiting SSTI vulnerabilities to execute server commands
Using Burp Suite to exploit the vulnerability
Summary
Exploiting Vulnerabilities Using Burp Suite - Part 2
Using SSRF/XSPA to perform internal port scans
Performing an internal port scan to the backend
Using SSRF/XSPA to extract data from internal machines
Extracting data using Insecure Direct Object Reference (IDOR) flaws
Exploiting IDOR with Burp Suite
Exploiting security misconfigurations
Default pages
Directory listings
Scanning
Mapping the application
Using Intruder
Default credentials
Untrusted HTTP methods
Using insecure deserialization to execute OS commands
Exploiting the vulnerability
Exploiting crypto vulnerabilities
Brute forcing HTTP basic authentication
Brute forcing it with Burp Suite
Brute forcing forms
Automation with Burp Suite
Bypassing file upload restrictions
Bypassing type restrictions
Summary
Writing Burp Suite Extensions
Setting up the development environment
Writing a Burp Suite extension
Burp Suite's API
Modifying the user-agent using an extension
Creating the user-agents (strings)
Creating the GUI
The operation
Executing the extension
Summary
Breaking the Authentication for a Large Online Retailer
Remembering about authentication
Large online retailers
Performing information gathering
Port scanning
Discovering authentication weaknesses
Authentication method analysis
Weak storage for credentials
Predictable login credentials
Session IDs exposed in the URL
Session IDs susceptible to session fixations attacks
The session is not destructed after the logout
Sensitive information sent via unprotected channels
Summary
Exploiting and Exfiltrating Data from a Large Shipping Corporation
Discovering Blind SQL injection
Automatic scan
SQLMap detection
Looking for entry points
Using SQLMap
Intruder detection
Exploitation
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜
购物车
个人中心
