- The Burp Suite proxy is the centerpiece. This enables Burp Suite to function as an interception proxy, allowing all the tools within Burp Suite to operate.
- This scan analyzes the vulnerabilities of existing requests and responses. It does not submit any requests to the web application, therefore eliminating the amount of noise that can be detected.
- This is used to manually manipulate the reissuing of HTTP requests. You can leverage a repeater to check what the output would be if an HTTP request is modified, for example, by using a SQL injection attack.
- A cluster bomb provides the most comprehensive results, but it is also the most time-consuming, depending on the word lists that are used.
- By using the BApp Store or third-party extensions that can be loaded into Burp Suite.
Learn Penetration Testing
By :
Learn Penetration Testing
By:
Overview of this book
Sending information via the internet is not entirely private, as evidenced by the rise in hacking, malware attacks, and security threats. With the help of this book, you'll learn crucial penetration testing techniques to help you evaluate enterprise defenses.
You'll start by understanding each stage of pentesting and deploying target virtual machines, including Linux and Windows. Next, the book will guide you through performing intermediate penetration testing in a controlled environment. With the help of practical use cases, you'll also be able to implement your learning in real-world scenarios. By studying everything from setting up your lab, information gathering and password attacks, through to social engineering and post exploitation, you'll be able to successfully overcome security threats. The book will even help you leverage the best tools, such as Kali Linux, Metasploit, Burp Suite, and other open source pentesting tools to perform these techniques. Toward the later chapters, you'll focus on best practices to quickly resolve security threats.
By the end of this book, you'll be well versed with various penetration testing techniques so as to be able to tackle security threats effectively
Table of Contents (21 chapters)
Preface
Introduction to Penetration Testing
Getting Started with Kali Linux
Section 2: Exploitation
Performing Information Gathering
Mastering Social Engineering
Diving into the Metasploit Framework
Understanding Password Attacks
Working with Burp Suite
Attacking Web Applications
Getting Started with Wireless Attacks
Section 3: Post Exploitation
Moving Laterally and Escalating Your Privileges
Antivirus Evasion
Maintaining Control within the Environment
Section 4: Putting It All Together
Reporting and Acting on Your Findings
Where Do I Go from Here?
Assessments
Other Books You May Enjoy
How would like to rate this book
Customer Reviews
