book

Practical Web Penetration Testing

by Gus Khawaja

June 2018

Intermediate to advanced

294 pages

7h 5m

English

Packt Publishing

Read now

Unlock full access

Contents

Content preview from Practical Web Penetration Testing

Elevation of privilege – authorization

Threat Description	Threat aimed at gaining privileged access to resources, for gaining unauthorized access to information or to compromise a system.
Threat Target	Network Infrastructure.
Attacker Steps	After getting authenticated into the system, an attacker can upload a remote shell to manipulate the server remotely. If there are any missing configurations or patches, the hacker can take advantage of the flaw and escalate his/her privileges.
Counter-measure	Servers are always scanned for missing patches and configurations as well Monitoring the applications for any suspicious activities
Existing Counter-measure	Intrusion Detection Systems Smart Data Loss Prevention Systems ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

You might also like

Hands-On Web Penetration Testing with Metasploit

Hands-On Web Penetration Testing with Metasploit

Harpreet Singh, Himanshu Sharma

Advanced Infrastructure Penetration Testing

Advanced Infrastructure Penetration Testing

Chiheb Chebbi

Mastering Modern Web Penetration Testing

Mastering Modern Web Penetration Testing

Prakhar Prasad

Penetration Testing

Penetration Testing

Georgia Weidman

Publisher Resources

ISBN: 9781788624039Supplemental Content