Join us on a literary world trip!
Add this book to bookshelf
Grey
Write a new comment Default profile 50px
Grey
Subscribe to read the full book or read the first pages for free!
I want to read the book!
All characters reduced
Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools - cover

Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools

Dr. Hedaya Alasooly

Publisher: BookRix

  • 0
  • 0
  • 0

Summary

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal  environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues. Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:1. Installing and Configuring BurpSuite2. BurpSuite Intruder.3. Installing XMAPP and DVWA App in Windows System.4.  Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.5. Scanning Kali-Linux and Windows Using  .  6. Understanding Netcat, Reverse Shells and Bind Shells.7. Adding Burps Certificate to Browser.8. Setting up Target Scope in BurpSuite.9. Scanning Using BurpSuite.10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.13. Exploiting File Upload Vulnerability.14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.15. Exploiting File Inclusion Vulnerability.16. References.
Available since: 12/21/2023.
Print length: 66 pages.

Other books that might interest you

  • Cat The: Its Natural History Varieties and Management - cover

    Cat The: Its Natural History...

    Philip M. Rule

    • 0
    • 0
    • 0 
    The origin of the domestic cat (Felis domestica) is a subject about which there has been much conjecture and scientific discussion, but without any positive issue. Very long before the cat was kept in this country as a domesticated animal it was possessed by the ancient Egyptians in a tame state, and was, moreover, held in reverence by that remarkable and superstitious people, being regarded sacred to the goddess Pasht. As the domestic cat in different parts of the world will breed occasionally with the wild races of the locality, and as cats are conveyed from country to country, it is probable that our cats are of somewhat compound pedigree. It is considered probable that our fine English tabbies have a trace of the British wild-cat blood in their veins, although it may be obscure. - Summary by the author
    Show book
  • Human Anatomy - cover

    Human Anatomy

    Introbooks Team

    • 0
    • 0
    • 0 
    This is an introduction to the overall structure of the human body. It is meant to primarily provide a basic foundation for the advanced study in the fields related to fitness and overall health. In addition to this, the study of human anatomy can also offer a satiating sense of self-understanding. This chapter lays the foundation for the study of anatomy by considering some important aspects –what does this science encompass? What methods are used to study anatomy? How did our understanding of human anatomy develop? What aspects of human anatomy differentiate us from other animals and define us as humans? How did the human body come to be as it is? 
    Show book
  • Building Model-based Enterprise Architecture - Implementing model-based enterprise architecture with Sparx EA MDG and the TOGAF Standard - cover

    Building Model-based Enterprise...

    Mudar Bahri

    • 0
    • 0
    • 0 
    DESCRIPTION  
Building trust with your business stakeholders starts with providing them with accurate, up-to-date information. This book shows you how to create a unified enterprise architecture repository, a central database for all your diagrams, catalogs, and other artifacts. Information supporting stakeholders' decisions may be delivered through a single artifact or a combination of multiple artifacts. 
This book systematically covers the entire process, starting with a crash course in Sparx EA and mastering the principles of Model Driven Generation (MDG) to build a custom metamodel. You will then learn how to structure your repository and model key architectural artifacts, including business capabilities, projects, applications, data integrations, and technology environments like the cloud. The book also provides detailed guidance on modeling business services, organizational structures, and strategies. Finally, you will discover crucial repository management processes and learn to publish your artifacts as professional documents or web content for wider consumption. 
By the end of this book, you will be fully competent in using Sparx EA to build, manage, and publish a professional-grade EA repository. This expertise will enable you to effectively analyze, communicate, and drive strategic change within your organization, making you a vital asset in any enterprise architecture team. 
WHAT YOU WILL LEARN 
● Developing a custom metamodel using MDG. 
● Maintaining EA artifacts and diagrams. 
● Distinguishing between physical, logical, and conceptual models.  
● Learn the TOGAF 10 content metamodel through practical EA workspace examples.
    Show book
  • NeuroZoology - Minds Networks and the Evolution of Cognition Across the Tree of Life - A Comprehensive Survey of Intelligence Behavior and Consciousness of Life on Earth - cover

    NeuroZoology - Minds Networks...

    Dr. Nick Coman, I. A.I.

    • 0
    • 0
    • 0 
    A 48-Lecture Odyssey Through the Architecture of Thought in Animals, Fungi, and Swarms 
From octopus arms that think for themselves to slime molds that solve mazes without neurons, NeuroZoology takes listeners on an astonishing journey through the minds of creatures great and small—and some without brains at all. 
Spanning 48 richly narrated lectures optimized for audiobook format, this course redefines what it means to think, feel, decide, and remember in the animal kingdom. With the rigor of neuroscience and the wonder of natural history, it explores the evolutionary inventions that gave rise to cognition: mycelial signaling networks, insect mushroom bodies, echolocation in bats and whales, grid cells in birds and rats, mirror neurons in apes and parrots, and the tools and cultures of corvids, cephalopods, and primates. 
Structured as a tour through deep time and neurodiverse lifeforms, NeuroZoology challenges anthropocentric models of intelligence and introduces a radically ecological view of the mind. You’ll meet brains that regenerate themselves, brains that operate without a cortex, and collective intelligences where no individual is in charge—but the group computes nonetheless. 
Whether you’re a neuroscientist, ethologist, educator, or simply someone who wonders what it’s like to be a squid—or a bee, or a bird—this course will change how you think about thinking. 
It is not just a study of nervous systems. It’s a meditation on what minds are, where they reside, and how many ways nature has solved the problem of cognition.
    Show book
  • Silurian Period The: The History of the Prehistoric Era When Life Formed on Land - cover

    Silurian Period The: The History...

    Editors Charles River

    • 0
    • 0
    • 0 
    The early history of Earth covers such vast stretches of time that years, centuries, and even millennia become virtually meaningless. Instead, paleontologists and scientists who study geochronology divide time into periods and eras.  
The Silurian Age occurred during the mid-Paleozoic, and despite its relative brevity, the era developed some interesting features that promulgated life on Earth. Roderick J. Murchison, a British geologist, named a sequence of rocks after a group of indigenous people called the Silures living in Wales during the mid-19th century. Despite their absence in the Silurian Age, the name was bestowed to honor the tribe. 
Murchison was inspired by close friend Adam Sedgwick, who named the Cambrian Age, employing the Latin word for Wales. In 1835, the two presented a paper together entitled On the Silurian and Cambrian Systems. Their separate categorizing systems caused a serious enough disagreement over chronology that the friendship ended bitterly. The alternative name for Siluria was Gotlandia after the Baltica island of Gotland. 
What ultimately precipitated these subdivisions in the chronology was a “famous unconformity” on the River Onny in Shropshire. It indicated a natural break within “classic Silurian on its own home territory.” The timeline for beginning and end dates has remained imprecise, but the order of fossilized discoveries has proven correct. Joachim Barrande, a French paleontologist, geologist, and botanist, pursued the same issue in the Prague Basin of Bohemia. Studying the Paleozoic trilobite for a period of 10 years, his extensive work was published in his Silurian System of Central Bohemia. Altogether, he identified and analyzed over 4,000 new fossil species, producing the enormous Encyclopedia of Fossils, numbering over 6,000 pages.
    Show book
  • New York's Secret Subway - The Underground Genius of Alfred Beach and the Origins of Mass Transit - cover

    New York's Secret Subway - The...

    Matthew Algeo

    • 0
    • 0
    • 0 
    In the nineteenth century, Manhattan's streets were so choked with pedestrians, horses, vehicles, and vendors that a trip from City Hall to Central Park could take hours. Alfred Beach had the perfect solution: build a giant pneumatic tube underneath Broadway from the Battery to Harlem. Air pressure would shoot passengers up and down the island in clean, quiet carriages. But Beach was up against the operators of the horse-drawn streetcars and the politicians in their pay, most conspicuously William M. Tweed, the notorious "Boss" of Tammany Hall.New York's Secret Subway: The Underground Genius of Alfred Beach and the Origins of Mass Transit tells a classic story of good versus evil, pitting the mild-mannered Beach, a visionary inventor and entrepreneur, against the oafish tyrant Tweed, the exemplar of corruption in the Gilded Age. It also tells the story of one of the most astonishing feats of engineering in American history, the surreptitious creation of the nation's first operational subway. Unfortunately, political lethargy and greed would conspire to deny the city a subway for another thirty years. Yet Alfred Beach still proved conclusively the feasibility of underground railways in Manhattan, and paved the way for modern mass transportation systems. Although this true story took place more than a century ago, it will at times sound surprisingly familiar.
    Show book