Rating: 3 out of 5 stars
3/5
Ebook329 pages3 hours
The Basics of Web Hacking: Tools and Techniques to Attack the Web
By Josh Pauli
Rating: 0 out of 5 stars
()
About this ebook
The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a "path of least resistance" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabilities.
The Basics of Web Hacking provides a simple and clean explanation of how to utilize tools such as Burp Suite, sqlmap, and Zed Attack Proxy (ZAP), as well as basic network scanning tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more. Dr. Josh Pauli teaches software security at Dakota State University and has presented on this topic to the U.S. Department of Homeland Security, the NSA, BlackHat Briefings, and Defcon. He will lead you through a focused, three-part approach to Web security, including hacking the server, hacking the Web app, and hacking the Web user.
With Dr. Pauli’s approach, you will fully understand the what/where/why/how of the most widespread Web vulnerabilities and how easily they can be exploited with the correct tools. You will learn how to set up a safe environment to conduct these attacks, including an attacker Virtual Machine (VM) with all necessary tools and several known-vulnerable Web application VMs that are widely available and maintained for this very purpose. Once you complete the entire process, not only will you be prepared to test for the most damaging Web exploits, you will also be prepared to conduct more advanced Web hacks that mandate a strong base of knowledge.
- Provides a simple and clean approach to Web hacking, including hands-on examples and exercises that are designed to teach you how to hack the server, hack the Web app, and hack the Web user
- Covers the most significant new tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more!
- Written by an author who works in the field as a penetration tester and who teaches Web security classes at Dakota State University
Author
Josh Pauli
Dr. Josh Pauli received his Ph.D. in Software Engineering from North Dakota State University (NDSU) and now serves as an Associate Professor of Information Security at Dakota State University (DSU) in Madison, SD. Dr. Pauli has published nearly 30 international journal and conference papers related to software security and his work includes invited presentations from the Department of Homeland Security, National Security Agency, Black Hat Briefings, and Defcon. He teaches both undergraduate and graduate courses in software security at DSU.
Related to The Basics of Web Hacking
Related ebooks
The Basics of Web Hacking: Tools and Techniques to Attack the Web No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing Rating: 4 out of 5 stars4/5Penetration Tester's Open Source Toolkit Rating: 0 out of 5 stars0 ratingsSQL Injection Attacks and Defense Rating: 5 out of 5 stars5/5CEH Certified Ethical Hacker Study Guide Rating: 3 out of 5 stars3/5Mastering Kali Linux for Web Penetration Testing Rating: 4 out of 5 stars4/5Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Rating: 4 out of 5 stars4/5Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides Rating: 4 out of 5 stars4/5Building Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsPractical Cyber Forensics: An Incident-Based Approach to Forensic Investigations Rating: 0 out of 5 stars0 ratingsCEH v9: Certified Ethical Hacker Version 9 Study Guide Rating: 0 out of 5 stars0 ratingsWireshark & Ethereal Network Protocol Analyzer Toolkit Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar: A Step by Step Process for Breaking into a BANK Rating: 5 out of 5 stars5/5Hacked: The Ultimate Guidence Rating: 5 out of 5 stars5/5Mastering Modern Web Penetration Testing Rating: 0 out of 5 stars0 ratingsMetasploit Bootcamp Rating: 5 out of 5 stars5/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5Introduction to Web Hacking: Cross-site Scripting Rating: 0 out of 5 stars0 ratingsHow to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar: Hacking the Planet, #1 Rating: 5 out of 5 stars5/5Wireless and Mobile Hacking and Sniffing Techniques Rating: 0 out of 5 stars0 ratingsCoding for Penetration Testers: Building Better Tools Rating: 0 out of 5 stars0 ratingsHacking Essentials - The Beginner's Guide To Ethical Hacking And Penetration Testing Rating: 3 out of 5 stars3/5Hacking Android Rating: 4 out of 5 stars4/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5Gray Hat Hacking the Ethical Hacker's Rating: 5 out of 5 stars5/5Becoming an Ethical Hacker Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Mastering Kali Linux for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratings
Internet & Web For You
Podcasting For Dummies Rating: 4 out of 5 stars4/5More Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5The Designer's Web Handbook: What You Need to Know to Create for the Web Rating: 0 out of 5 stars0 ratingsThe $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5Six Figure Blogging Blueprint Rating: 5 out of 5 stars5/5Coding For Dummies Rating: 5 out of 5 stars5/5The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Stop Asking Questions: How to Lead High-Impact Interviews and Learn Anything from Anyone Rating: 5 out of 5 stars5/5Surveillance and Surveillance Detection: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratings200+ Ways to Protect Your Privacy: Simple Ways to Prevent Hacks and Protect Your Privacy--On and Offline Rating: 0 out of 5 stars0 ratingsThe Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5How To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5Six Figure Blogging In 3 Months Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How To Start A Podcast Rating: 4 out of 5 stars4/5Wordpress for Beginners: The Easy Step-by-Step Guide to Creating a Website with WordPress Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5How To Start A Profitable Authority Blog In Under One Hour Rating: 5 out of 5 stars5/5Python QuickStart Guide: The Simplified Beginner's Guide to Python Programming Using Hands-On Projects and Real-World Applications Rating: 0 out of 5 stars0 ratingsEverybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5
Related podcast episodes
RERUN: Hacking for Dollars 0% found this document usefulSocial Engineering works because we're human. 0% found this document usefulOSINT: Who's watching you? 0% found this document usefulBonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document useful69: Human Hacker: Human Hacker 0% found this document usefulIs enhanced hardware security the answer to ransomware? [CyberWire-X] 100% found this document usefulEpisode 24: To 3D Secure or Not? For Merchants That is the Question 0% found this document usefulCybersecurity and Hacking with Kevin Mitnick 0% found this document useful
Related articles
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive” PC Pro MagazineArticle
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive”
Jan 6, 2022
7 min readHacker’s Manual Maximum PCArticle
Hacker’s Manual
Mar 2, 2021
1 min readHack The System Linux FormatArticle
Hack The System
Dec 17, 2019
If you followed our handy guide on the previous pages, then you’ll already have augmented your Kali Light installation with Nmap, a port-scanning utility par excellence and a vital part of any pen-tester’s arsenal. As mentioned on the DVD page (there
4 min readThe Low-Tech Hack You're Not Prepared For EntrepreneurArticle
The Low-Tech Hack You're Not Prepared For
Sep 1, 2016
1 min readRun Kali Linux NetHunter on Android Linux FormatArticle
Run Kali Linux NetHunter on Android
Jan 14, 2020
7 min read“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker” PC Pro MagazineArticle
“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker”
Aug 12, 2021
If you’ve ever attended an infosec or cybersecurity event, you will no doubt have noticed the preponderance of “Hacking is NOT a Crime” stickers. In 2018, some 500 such stickers were handed out at the DEF CON 26 event, the following year 5,000 were d
7 min readSocial Engineering Maximum PCArticle
Social Engineering
Oct 15, 2019
5 min read‘Open Ports’ Leave a Hole in Smartphone Security FuturityArticle
‘Open Ports’ Leave a Hole in Smartphone Security
May 8, 2017
Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher
3 min readMy Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran The GuardianArticle
My Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran
Jul 24, 2018
4 min readHacker’s Manual Linux FormatArticle
Hacker’s Manual
Nov 17, 2020
1 min readKRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know MacWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know
Nov 29, 2017
5 min readHack The Planet/Parrot Linux FormatArticle
Hack The Planet/Parrot
May 31, 2022
2 min readDiscover The Secret IPhone Hack Codes iCreateArticle
Discover The Secret IPhone Hack Codes
Mar 26, 2020
Did you know that your iPhone comes with its own set of manufacturer codes that are used to access detailed information about the device? Typing these codes into the Phone app’s keypad allows you to access hidden modes, troubleshoot any issues that y
1 min readSherlock Linux FormatArticle
Sherlock
May 31, 2022
1 min readPeople Are Secretly Buying Handguns On The Dark Web FuturityArticle
People Are Secretly Buying Handguns On The Dark Web
Apr 24, 2019
2 min readEverything You May Have Wanted to Know About Ethical/Whitehat Hackers TechfastlyArticle
Everything You May Have Wanted to Know About Ethical/Whitehat Hackers
Oct 21, 2020
5 min readHacker Distributions Linux FormatArticle
Hacker Distributions
Nov 17, 2020
1 min readKRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know PCWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know
Dec 4, 2017
5 min readIntroducing Kali Maximum PCArticle
Introducing Kali
Mar 2, 2021
4 min readRunning The Linux Desktop On Android APCArticle
Running The Linux Desktop On Android
Dec 30, 2019
9 min readRevisiting Tor TechLifeArticle
Revisiting Tor
Aug 24, 2020
4 min readThe Hacker’s Pearl Harbor NewsweekArticle
The Hacker’s Pearl Harbor
Nov 11, 2016
6 min readHacker’s Toolkit 2o22 Linux FormatArticle
Hacker’s Toolkit 2o22
May 31, 2022
1 min readIntroducing Kali Linux FormatArticle
Introducing Kali
Nov 17, 2020
4 min readKali Linux 2020.3 64-bit Linux FormatArticle
Kali Linux 2020.3 64-bit
Nov 17, 2020
3 min readFrom Child Hacker To Bug Hunter How It WorksArticle
From Child Hacker To Bug Hunter
Mar 19, 2020
Why did you become a black hat hacker? At school I would finish my work in ten minutes and spend the rest of the lesson playing on the computer. I was 10 or 11 when I stumbled across a chatroom whose members taught me how to hack – I was just a bore
1 min readTurn Your Raspberry Pi Into A Cloud Server Linux FormatArticle
Turn Your Raspberry Pi Into A Cloud Server
Aug 24, 2021
6 min readRunning The Linux Desktop On Android Linux FormatArticle
Running The Linux Desktop On Android
Oct 22, 2019
9 min readIs Your VPN Secure? How To Check For Leaks PCWorldArticle
Is Your VPN Secure? How To Check For Leaks
May 1, 2018
4 min readMicrosoft Says Hackers Viewed Source Code, Didn’t Change It TechLife NewsArticle
Microsoft Says Hackers Viewed Source Code, Didn’t Change It
Jan 9, 2021
1 min read
Reviews for The Basics of Web Hacking
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
The Basics of Web Hacking - Josh Pauli
Enjoying the preview?
Page 1 of 1