The Basics of Hacking and Penetration Testing

Chapter 5. Web-Based Exploitation

Information in This Chapter:

■ Interrogating Web Servers: Nikto

■ Websecurify: Automated Web Vulnerability Scanning

■ Spidering: Crawling Your Target’s Website

■ Intercepting Requests with WebScarab

■ Code Injection Attacks

■ Cross-Site Scripting: Browsers That Trust Sites

This chapter examines web-based exploitation. The chapter begins by reviewing techniques and tools for interrogating web servers. Specific tools to scan for vulnerabilities in web servers are discussed through the use of Nikto and Websecurify. Exploring the target website by discovering directories and files is demonstrated through the use of a spider. A method for intercepting website requests by using WebScarab is also discussed. Code injection attacks, ...

Get The Basics of Hacking and Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Basics of Hacking and Penetration Testing by Patrick Engebretson

Information in This Chapter:

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly