Initial Access

In this chapter, you will learn how to

•  Differentiate between the three major exploitation categories

•  Identify and use network scanning tools

•  Use Scapy to manipulate, send, and receive network packets

•  Apply vulnerability scanning techniques using open source and commercially available tools

•  Perform injection attacks against a vulnerable web application

•  Distinguish between XSS and CSRF attacks



Gaining initial access into a target environment is crucial to being able to pivot into a client’s internal assets. The majority of organizations rely on perimeter protection mechanisms like firewalls to provide total protection, while leaving internal assets open to attack and exploitation. Your job as a ...

Get GPEN GIAC Certified Penetration Tester All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.