The Basics of Web Hacking: Tools and Techniques to Attack the Web (Paperback)

Josh Pauli

  • 出版商: Syngress Media
  • 出版日期: 2013-07-22
  • 售價: $1,240
  • 貴賓價: 9.5$1,178
  • 語言: 英文
  • 頁數: 160
  • 裝訂: Paperback
  • ISBN: 0124166008
  • ISBN-13: 9780124166004
  • 相關分類: 駭客 Hack
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a "path of least resistance" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabilities.

The Basics of Web Hacking provides a simple and clean explanation of how to utilize tools such as Burp Suite, sqlmap, and Zed Attack Proxy (ZAP), as well as basic network scanning tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more. Dr. Josh Pauli teaches software security at Dakota State University and has presented on this topic to the U.S. Department of Homeland Security, the NSA, BlackHat Briefings, and Defcon. He will lead you through a focused, three-part approach to Web security, including hacking the server, hacking the Web app, and hacking the Web user.

With Dr. Pauli's approach, you will fully understand the what/where/why/how of the most widespread Web vulnerabilities and how easily they can be exploited with the correct tools. You will learn how to set up a safe environment to conduct these attacks, including an attacker Virtual Machine (VM) with all necessary tools and several known-vulnerable Web application VMs that are widely available and maintained for this very purpose. Once you complete the entire process, not only will you be prepared to test for the most damaging Web exploits, you will also be prepared to conduct more advanced Web hacks that mandate a strong base of knowledge.

  • Provides a simple and clean approach to Web hacking, including hands-on examples and exercises that are designed to teach you how to hack the server, hack the Web app, and hack the Web user
  • Covers the most significant new tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more!
  • Written by an author who works in the field as a penetration tester and who teaches Web security classes at Dakota State University

商品描述(中文翻譯)

《網路駭客基礎》介紹了一種以工具為驅動的流程,用於識別網路應用程式中最常見的漏洞。無需任何先前經驗。網路應用程式是一個「最低阻力」的途徑,可以被利用來對系統造成最大的損害,並且克服的障礙最低。這對於初學者駭客來說是一個完美的機會。本書所提出的流程不僅介紹了與這些漏洞相關的理論和實用信息,還介紹了配置和使用廣泛可用的工具以利用這些漏洞的詳細信息。

《網路駭客基礎》提供了如何使用Burp Suite、sqlmap和Zed Attack Proxy(ZAP)等工具的簡單清晰的解釋,以及基本的網路掃描工具,如nmap、Nikto、Nessus、Metasploit、John the Ripper、web shells、netcat等。Josh Pauli博士在Dakota State University教授軟體安全,並曾向美國國土安全部、NSA、BlackHat Briefings和Defcon等機構介紹過這個主題。他將帶領您進行一個專注的、分為三部分的網路安全方法,包括駭客伺服器、駭客網路應用程式和駭客網路使用者。

通過Pauli博士的方法,您將完全了解最常見的網路漏洞的「什麼/在哪裡/為什麼/如何」以及如何使用正確的工具輕鬆利用它們。您將學習如何建立一個安全的環境來進行這些攻擊,包括一個攻擊者虛擬機器(VM)和幾個已知易受攻擊的網路應用程式VM,這些VM廣泛可用並維護著,專門用於這個目的。完成整個流程後,您不僅將準備好測試最具破壞性的網路攻擊,還將準備好進行更高級的網路駭客攻擊,這需要堅實的基礎知識。

- 提供了一種簡單清晰的網路駭客方法,包括實際示例和練習,旨在教您如何駭客伺服器、駭客網路應用程式和駭客網路使用者
- 涵蓋了最重要的新工具,如nmap、Nikto、Nessus、Metasploit、John the Ripper、web shells、netcat等!
- 作者是一位從事滲透測試工作並在Dakota State University教授網路安全課程的專業人士