Becoming the Hacker Table of Contents Becoming the Hacker Why subscribe? Packt.com Contributors About the author About the reviewer Packt is searching for authors like you Preface Who this book is for What this book covers To get the most out of this book Download the example code files Download the color images Conventions used Get in touch Reviews 1. Introduction to Attacking Web Applications Rules of engagement Communication Privacy considerations Cleaning up The tester's toolkit Kali Linux Kali Linux alternatives The attack proxy Burp Suite Zed Attack Proxy Cloud infrastructure Resources Exercises Summary 2. Efficient Discovery Types of assessments Target mapping Masscan WhatWeb Nikto CMS scanners Efficient brute-forcing Content discovery Burp Suite OWASP ZAP Gobuster Persistent content discovery Payload processing Polyglot payloads Same payload, different context Code obfuscation Resources Exercises Summary 3. Low-Hanging Fruit Network assessment Looking for a way in Credential guessing A better way to shell Cleaning up Resources Summary 4. Advanced Brute-forcing Password spraying LinkedIn scraping Metadata The cluster bomb Behind seven proxies Torify Proxy cannon Summary 5. File Inclusion Attacks RFI LFI File inclusion to remote code execution More file upload issues Summary 6. Out-of-Band Exploitation A common scenario Command and control Let’s Encrypt Communication INet simulation The confirmation Async data exfiltration Data inference Summary 7. Automated Testing Extending Burp Authentication and authorization abuse The Autorize flow The Swiss Army knife sqlmap helper Web shells Obfuscating code Burp Collaborator Public Collaborator server Service interaction Burp Collaborator client Private Collaborator server Summary 8. Bad Serialization Abusing deserialization Attacking custom protocols Protocol analysis Deserialization exploit Summary 9. Practical Client-Side Attacks SOP Cross-origin resource sharing XSS Reflected XSS Persistent XSS DOM-based XSS CSRF BeEF Hooking Social engineering attacks The keylogger Persistence Automatic exploitation Tunneling traffic Summary 10. Practical Server-Side Attacks Internal and external references XXE attacks A billion laughs Request forgery The port scanner Information leak Blind XXE Remote code execution Interactive shells Summary 11. Attacking APIs API communication protocols SOAP REST API authentication Basic authentication API keys Bearer authentication JWTs JWT quirks Burp JWT support Postman Installation Upstream proxy The environment Collections Collection Runner Attack considerations Summary 12. Attacking CMS Application assessment WPScan sqlmap Droopescan Arachni web scanner Backdooring the code Persistence Credential exfiltration Summary 13. Breaking Containers Vulnerable Docker scenario Foothold Situational awareness Container breakout Summary Other Books You May Enjoy Leave a review - let other readers know what you think Index Becoming the Hacker Becoming the Hacker Copyright © 2019 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. Acquisition Editors: Andrew Waldron, Frank Pohlmann, Suresh Jain Project Editor: Veronica Pais Content Development Editor: Joanne Lovell Technical Editor: Saby D'silva Proofreader: Safis Editing Indexer: Tejal Daruwale Soni Graphics: Sandip Tadge Production Coordinator: Sandip Tadge First published: January 2019 Production reference: 1310119 Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK. ISBN 978-1-78862-796-2 www.packtpub.com mapt.io Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.