Python Web Penetration Testing Cookbook
- Length: 228 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2015-06-30
- ISBN-10: 1784392936
- ISBN-13: 9781784392932
- Sales Rank: #449352 (See Top 100 Books)
Over 60 indispensable Python recipes to ensure you always have the right code on hand for web application testing
About This Book
- Get useful guidance on writing Python scripts and using libraries to put websites and web apps through their paces
- Find the script you need to deal with any stage of the web testing process
- Develop your Python knowledge to get ahead of the game for web testing and expand your skillset to other testing areas
Who This Book Is For
This book is for testers looking for quick access to powerful, modern tools and customizable scripts to kick-start the creation of their own Python web penetration testing toolbox.
What You Will Learn
- Enumerate users on web apps through Python
- Develop complicated header-based attacks through Python
- Deliver multiple XSS strings and check their execution success
- Handle outputs from multiple tools and create attractive reports
- Create PHP pages that test scripts and tools
- Identify parameters and URLs vulnerable to Directory Traversal
- Replicate existing tool functionality in Python
- Create basic dial-back Python scripts using reverse shells and basic Python PoC malware
In Detail
This book gives you an arsenal of Python scripts perfect to use or to customize your needs for each stage of the testing process. Each chapter takes you step by step through the methods of designing and modifying scripts to attack web apps. You will learn how to collect both open and hidden information from websites to further your attacks, identify vulnerabilities, perform SQL Injections, exploit cookies, and enumerate poorly configured systems. You will also discover how to crack encryption, create payloads to mimic malware, and create tools to output your findings into presentable formats for reporting to your employers.
Table of Contents
Chapter 1: Gathering Open Source Intelligence
Chapter 2: Enumeration
Chapter 3: Vulnerability Identification
Chapter 4: SQL Injection
Chapter 5: Web Header Manipulation
Chapter 6: Image Analysis and Manipulation
Chapter 7: Encryption and Encoding
Chapter 8: Payloads and Shells
Chapter 9: Reporting