¡Acompáñanos a viajar por el mundo de los libros!
Añadir este libro a la estantería
Grey
Escribe un nuevo comentario Default profile 50px
Grey
Suscríbete para leer el libro completo o lee las primeras páginas gratis.
¡Quiero leer el libro!
All characters reduced
Penetration Testing of Computer Networks Using Burpsuite and Various Penetration Testing Tools - cover

Penetration Testing of Computer Networks Using Burpsuite and Various Penetration Testing Tools

Dr. Hidaia Mahmood Alassouli

Editorial: Dr. Hidaia Mahmood Alassouli

  • 0
  • 0
  • 0

Sinopsis

Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.
Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:
1. Installing and Configuring BurpSuite
2. BurpSuite Intruder.
3. Installing XMAPP and DVWA App in Windows System.
4. Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.
5. Scanning Kali-Linux and Windows Using .
6. Understanding Netcat, Reverse Shells and Bind Shells.
7. Adding Burps Certificate to Browser.
8. Setting up Target Scope in BurpSuite.
9. Scanning Using BurpSuite.
10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.
11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.
12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.
13. Exploiting File Upload Vulnerability.
14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.
15. Exploiting File Inclusion Vulnerability.
16. References.
Disponible desde: 11/03/2023.
Longitud de impresión: 160 páginas.

Otros libros que te pueden interesar

  • Amendments to the United States Constitution - cover

    Amendments to the United States...

    United States Government

    • 0
    • 0
    • 0 
    "The Amendments to the Constitution of the USA are a continuously modified document that attempts to secure all basic and other rights for American citizens. The most recent amendment was made in the early 1970's during the Vietnam war; this amendment lowered the voting age to 18.    The first ten amendments (A.K.A. the Bill of Rights) was made by the founding fathers shortly after the actual constitution was made. The Bill of Rights covers all those things that the settlers found wrong with the rule of King George III of England. Such as: Quartering of soldiers, Freedom of speech, and Search and seizure. "
    Ver libro
  • Zero Harm - How to Achieve Patient and Workforce Safety in Healthcare - cover

    Zero Harm - How to Achieve...

    Craig Clapper, Carole...

    • 0
    • 0
    • 0 
    From the nation’s leading experts in healthcare safety-the first comprehensive guide to delivering care that ensures the safety of patients and staff alike. One of the primary tenets among healthcare professionals is, “First, do no harm.” Achieving this goal means ensuring the safety of both patient and caregiver. Every year in the United States alone, an estimated 4.8 million hospital patients suffer serious harm that is preventable. To address this industry-wide problem-and provide evidence-based solutions-a team of award-winning safety specialists from Press Ganey/Healthcare Performance Improvement have applied their decades of experience and research to the subject of patient and workforce safety. Their mission is to achieve zero harm in the healthcare industry, a lofty goal that some hospitals have already accomplished-which you can, too. 
 
Combining the latest advances in safety science, data technology, and high reliability solutions, this step-by-step guide shows you how to implement 6 simple principles in your workplace.  
 
1. Commit to the goal of zero harm.2. Become more patient-centric.3. Recognize the interdependency of safety, quality, and patient-centricity.4. Adopt good data and analytics.5. Transform culture and leadership.6. Focus on accountability and execution. In Zero Harm, the world’s leading safety experts share practical, day-to-day solutions that combine the latest tools and technologies in healthcare today with the best safety practices from high-risk, yet high-reliability industries, such as aviation, nuclear power, and the United States military. Using these field-tested methods, you can develop new leadership initiatives, educate workers on the universal skills that can save lives, organize and train safety action teams, implement reliability management systems, and create long-term, transformational change. You’ll read case studies and success stories from your industry colleagues-and discover the most effective ways to utilize patient data, information sharing, and other up-to-the-minute technologies. It’s a complete workplace-ready program that’s proven to reduce preventable errors and produce measurable results-by putting the patient, and safety, first.
    Ver libro
  • Python Machine Learning for Beginners - 3 in 1 Guide - cover

    Python Machine Learning for...

    Brian Murray

    • 0
    • 0
    • 0 
    "Python Machine Learning Essentials: 3 in 1 Guide" is a comprehensive guide for beginners who want to learn machine learning with Python. In this book, you will learn the foundations of machine learning, including different types of algorithms and the importance of data preprocessing. You will also learn how to build your first AI application, from collecting and preprocessing data to building and training a model, and then deploying and testing the application. 
As you progress through the book, you will explore advanced machine learning techniques such as deep learning and convolutional neural networks for image recognition. You will also learn how to apply machine learning to real-world problems, such as building a spam filter, predicting stock prices, and performing sentiment analysis. 
Throughout the book, you will learn best practices for machine learning in Python, including tips for efficient data preprocessing, strategies for selecting the right machine learning algorithm, techniques for optimizing model performance, and debugging common errors. 
By the end of the book, you will have the skills and knowledge needed to build your own machine learning applications with Python. Whether you're new to programming or have experience in other languages, "Python Machine Learning Essentials: Build Your First AI Application" will help you unlock the power of artificial intelligence and take your skills to the next level. 
 
    Ver libro
  • Hydration Hacks: Simple Secrets for a Healthier You - "Elevate your health journey! Dive into our audiobook filled with simple hydration hacks for your best self" - cover

    Hydration Hacks: Simple Secrets...

    Alaric Waverly

    • 0
    • 0
    • 0 
    Hydration Hacks: Simple Secrets for a Healthier You 
⭐⭐ A Simplified Guide with Easy Explanations ⭐⭐ 
Are you ready to enhance your well-being and transform your health through the power of hydration? 
Searching for a complete guide that will provide you with all the essential tools and insights for optimizing your hydration? 
Look no further! 
This audiobook is your ultimate resource for deepening your understanding of hydration, applying effective strategies, and embracing actionable techniques for a healthier lifestyle. You’re set for success! 
Key features of this comprehensive guide include: 
- Invaluable insights into the benefits of proper hydration 
- Thorough explanations of the principles behind hydration and wellness 
- Effective strategies for maintaining optimal hydration levels in daily life 
Our guide stands out for its extensive coverage, which is crucial for your success in achieving better hydration. Concepts are not just touched upon; they are explored in detail for your understanding. 
Crafted with a clear structure and straightforward language, our "Hydration Hacks" audiobook ensures smooth transitions between topics. Say farewell to confusing jargon and welcome clear, precise, and technically accurate information. 
So why wait? Click the BUY NOW button, secure your audiobook, and embark on your journey to discover the secrets of proper hydration for a healthier you! 
Transform your health and well-being one sip at a time with "Hydration Hacks: Simple Secrets for a Healthier You"!
    Ver libro
  • The Invisible Clash - FBI Shin Bet and the IRA's Struggle against Domestic War on Terror - cover

    The Invisible Clash - FBI Shin...

    Davis Truman

    • 0
    • 0
    • 0 
    Dive into the gripping world of intelligence agencies, covert operations, and the relentless fight against domestic terror. "The Invisible Clash" takes you on a heart-pounding journey as the FBI, Shin Bet, and the IRA unite in an extraordinary battle to preserve peace, protect lives, and expose the covert forces threatening our existence. 
Within the pages of "The Invisible Clash," you'll encounter a cast of unforgettable characters, each propelled by their unshakable belief in the righteousness of their cause. Meet the seasoned FBI agent, hardened by years of service, who embarks on a dangerous undercover mission to infiltrate a web of extremist groups. Witness the relentless pursuit of the Shin Bet agent, whose unwavering dedication to homeland security leads him into the heart of the storm. And discover the untold stories of the IRA operatives, caught between their desire for independence and the pursuit of a more peaceful future. 
Immerse yourself in a world where alliances are tested, secrets are unveiled, and the battle between good and evil unfolds in the shadows. Don't miss your chance to experience "The Invisible Clash" – a literary tour de force that will keep you on the edge of your seat until the very last page.
    Ver libro
  • Artificial Intelligence - cover

    Artificial Intelligence

    Thomas H Davenport, Harvard...

    • 0
    • 0
    • 0 
    From making faster, better decisions to automating rote work to enabling robots to respond to emotions, AI and machine learning are already reshaping business and society. What should you and your company be doing today to ensure that you're poised for success and keeping up with your competitors in the age of AI? 
 
 
 
Artificial Intelligence: The Insights You Need from Harvard Business Review brings you today's most essential thinking on AI and explains how to launch the right initiatives at your company to capitalize on the opportunity of the machine intelligence revolution. 
 
 
 
Business is changing. Will you adapt or be left behind? 
Get up to speed and deepen your understanding of the topics that are shaping your company's future with the Insights You Need from Harvard Business Review series. Featuring HBR's smartest thinking on fast-moving issues—blockchain, cybersecurity, AI, and more—each book provides the foundational introduction and practical case studies your organization needs to compete today and collects the best research, interviews, and analysis to get it ready for tomorrow. You can't afford to ignore how these issues will transform the landscape of business and society. The Insights You Need series will help you grasp these critical ideas—and prepare you and your company for the future.
    Ver libro