In this chapter, you will learn how to
• Differentiate between the three major exploitation categories
• Identify and use network scanning tools
• Use Scapy to manipulate, send, and receive network packets
• Apply vulnerability scanning techniques using open source and commercially available tools
• Perform injection attacks against a vulnerable web application
• Distinguish between XSS and CSRF attacks
Gaining initial access into a target environment is crucial to being able to pivot into a client’s internal assets. The majority of organizations rely on perimeter protection mechanisms like firewalls to provide total protection, while leaving internal assets open to attack and exploitation. Your job as a ...