امن افزار رایکا

فهرست مطالب کتاب The Basics of Web Hacking:

Introduction

About This Book

A Hands-On Approach

What’s In This Book?

A Quick Disclaimer

Chapter 1. The Basics of Web Hacking

Introduction

What Is a Web Application?

What You Need to Know About Web Servers

What You Need to Know About HTTP

The Basics of Web Hacking: Our Approach

Web Apps Touch Every Part of IT

Existing Methodologies

Most Common Web Vulnerabilities

Setting Up a Test Environment

Chapter 2. Web Server Hacking

Introduction

Reconnaissance

Port Scanning

Vulnerability Scanning

Exploitation

Maintaining Access

Chapter 3. Web Application Recon and Scanning

Introduction

Web Application Recon

Web Application Scanning

Chapter 4. Web Application Exploitation with Injection

Introduction

SQL Injection Vulnerabilities

SQL Injection Attacks

Sqlmap

Operating System Command Injection Vulnerabilities

Operating System Command Injection Attacks

Web Shells

Chapter 5. Web Application Exploitation with Broken Authentication and Path Traversal

Introduction

Authentication and Session Vulnerabilities

Path Traversal Vulnerabilities

Brute Force Authentication Attacks

Session Attacks

Path Traversal Attacks

Chapter 6. Web User Hacking

Introduction

Cross-Site Scripting (XSS) Vulnerabilities

Cross-Site Request Forgery (CSRF) Vulnerabilities

Technical Social Engineering Vulnerabilities

Web User Recon

Web User Scanning

Web User Exploitation

Cross-Site Scripting (XSS) Attacks

Reflected XSS Attacks

Stored XSS Attacks

Cross-Site Request Forgery (CSRF) Attacks

User Attack Frameworks

Chapter 7. Fixes

Introduction

Web Server Fixes

Web Application Fixes

Web User Fixes

Chapter 8. Next Steps

Introduction

Security Community Groups and Events

Formal Education

Certifications

Additional Books

Index