Articoli correlati a Hands-On Application Penetration Testing with Burp...
Hands-On Application Penetration Testing with Burp Suite: Use Burp Suite and its features to inspect, detect, and exploit security vulnerabilities in your web applications - Brossura
Sinossi
Test, fuzz, and break web applications and services using Burp Suite's powerful capabilities
Key Features
- Master the skills to perform various types of security tests on your web applications
- Get hands-on experience working with components like scanner, proxy, intruder and much more
- Discover the best-way to penetrate and test web applications
Book Description
Burp suite is a set of graphic tools focused towards penetration testing of web applications. Burp suite is widely used for web penetration testing by many security professionals for performing different web-level security tasks.
The book starts by setting up the environment to begin an application penetration test. You will be able to configure the client and apply target whitelisting. You will also learn to setup and configure Android and IOS devices to work with Burp Suite. The book will explain how various features of Burp Suite can be used to detect various vulnerabilities as part of an application penetration test. Once detection is completed and the vulnerability is confirmed, you will be able to exploit a detected vulnerability using Burp Suite. The book will also covers advanced concepts like writing extensions and macros for Burp suite. Finally, you will discover various steps that are taken to identify the target, discover weaknesses in the authentication mechanism, and finally break the authentication implementation to gain access to the administrative console of the application.
By the end of this book, you will be able to effectively perform end-to-end penetration testing with Burp Suite.
What you will learn
- Set up Burp Suite and its configurations for an application penetration test
- Proxy application traffic from browsers and mobile devices to the server
- Discover and identify application security issues in various scenarios
- Exploit discovered vulnerabilities to execute commands
- Exploit discovered vulnerabilities to gain access to data in various datastores
- Write your own Burp Suite plugin and explore the Infiltrator module
- Write macros to automate tasks in Burp Suite
Who this book is for
If you are interested in learning how to test web applications and the web part of mobile applications using Burp, then this is the book for you. It is specifically designed to meet your needs if you have basic experience in using Burp and are now aiming to become a professional Burp user.
Table of Contents
- Configuring Burp Suite
- Configuring the Client and Setting Up Mobile Devices
- Executing an Application Penetration Test
- Exploring the Stages of an Application Penetration Test
- Preparing for an Application Penetration Test
- Identifying Vulnerabilities Using Burp Suite
- Detecting Vulnerabilities Using Burp Suite
- Exploiting Vulnerabilities Using Burp Suite - Part 1
- Exploitation of Vulnerabilities using Burp Suite - Part 2
- Writing Burp Suite Extensions
- Breaking the authentication for a large online retailer
- Exploiting and exfiltrating data from a large shipping corporation
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
L'autore
Carlos A. Lozano is a security consultant with more than 15 years' experience in various security fields. He has worked as a penetration tester, but most of his experience is with security application assessments. He has assessed financial applications, ISC/SCADA systems, and even low-level applications, such as drivers and embedded components. Two years ago, he started on public and private bug bounty programs and focused on web applications, source code review, and reversing projects. Also, Carlos works as Chief Operations Officer at Global CyberSec, an information security firm based in Mexico, with operations in the USA and Chile.
Dhruv Shah holds a Masters degree in IT and has 7 years of experience as a specialist in Information Security. He started off as a trainer sensitizing staff in private sector organizations about security issues and what hackers look for when they launch attacks on networks. He, later on, switched his job to carry out penetration testing for Indian government agencies and then for banking clients in the Middle East. He now has extensive experience in penetration testing for Fortune 500 companies involving web and mobile applications, networks, Infra, and Red Team work. In his spare time, he co-authored the book Kali Linux Intrusion and Exploitation and is an active member and moderator of one of the Null chapters in India.
Riyaz Ahemed Walikar is a Web Application Pentester, security evangelist, and researcher. He has been active in the security community for the last 10 years. He is actively involved with vulnerability research in popular web applications and network aware services and has disclosed several security issues in popular software like Apache Archiva, Openfire, and so on. He has found vulnerabilities with popular web applications like Facebook, Twitter, Google, and so on for which he is on the Hall of Fame for most of these services. He has also been a speaker and trainer at several security conferences.
His technical interests lie with programming, bug bounty, malware analysis, breaking web applications, playing CTFs, and penetration testing networks.
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
Compra nuovo
Visualizza questo articolo
EUR 43,31
EUR 2,27 per la spedizione in U.S.A.
Destinazione, tempi e costiRisultati della ricerca per Hands-On Application Penetration Testing with Burp...
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite: Use Burp Suite and its features to inspect, detect, and exploit security vulnerabilities in your web applications
Da: HPB-Red, Dallas, TX, U.S.A.
Valutazione del venditore 5 su 5 stelle
Paperback. Condizione: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Codice articolo S_326171263
Quantità: 1 disponibili
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite
Da: Bookmans, Tucson, AZ, U.S.A.
Valutazione del venditore 5 su 5 stelle
paperback. Condizione: Good. . Satisfaction 100% guaranteed. Codice articolo mon0002652548
Quantità: 1 disponibili
Immagini fornite dal venditore
Hands-On Application Penetration Testing with Burp Suite
Da: GreatBookPrices, Columbia, MD, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: As New. Unread book in perfect condition. Codice articolo 35285837
Quantità: Più di 20 disponibili
Immagini fornite dal venditore
Hands-On Application Penetration Testing with Burp Suite
Da: GreatBookPrices, Columbia, MD, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo 35285837-n
Quantità: Più di 20 disponibili
Immagini fornite dal venditore
Hands-On Application Penetration Testing with Burp Suite (Paperback or Softback)
Editore:
Packt Publishing 2/28/2019, 2019
ISBN 10: 178899406X
ISBN 13: 9781788994064
Nuovo
Paperback or Softback
Da: BargainBookStores, Grand Rapids, MI, U.S.A.
Valutazione del venditore 5 su 5 stelle
Paperback or Softback. Condizione: New. Hands-On Application Penetration Testing with Burp Suite. Book. Codice articolo BBS-9781788994064
Quantità: 5 disponibili
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite: Use Burp Suite and its features to inspect, detect, and exploit security vulnerabilities in your web applications
Da: Lucky's Textbooks, Dallas, TX, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo ABLIING23Mar2912160182947
Quantità: Più di 20 disponibili
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite: Use Burp Suite and its features to inspect, detect, and exploit security vulnerabilities in your web applications
Da: California Books, Miami, FL, U.S.A.
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo I-9781788994064
Quantità: Più di 20 disponibili
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite: Use Burp Suite and its features to inspect, detect, and exploit security vulnerabilities in your web applications
Da: Ria Christie Collections, Uxbridge, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. In. Codice articolo ria9781788994064_new
Quantità: Più di 20 disponibili
Foto dell'editore
Hands-On Application Penetration Testing with Burp Suite
Print on DemandDa: Majestic Books, Hounslow, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. Print on Demand pp. 366. Codice articolo 371140672
Quantità: 4 disponibili
Immagini fornite dal venditore
Hands-On Application Penetration Testing with Burp Suite
Da: GreatBookPricesUK, Woodford Green, Regno Unito
Valutazione del venditore 5 su 5 stelle
Condizione: New. Codice articolo 35285837-n
Quantità: Più di 20 disponibili