Python Web Penetration Testing Cookbook

Book Description

Over 60 indispensable Python recipes to ensure you always have the right code on hand for web application testing

About This Book

• Get useful guidance on writing Python scripts and using libraries to put websites and web apps through their paces
• Find the script you need to deal with any stage of the web testing process
• Develop your Python knowledge to get ahead of the game for web testing and expand your skillset to other testing areas

Who This Book Is For

This book is for testers looking for quick access to powerful, modern tools and customizable scripts to kick-start the creation of their own Python web penetration testing toolbox.

What You Will Learn

• Enumerate users on web apps through Python
• Develop complicated header-based attacks through Python
• Deliver multiple XSS strings and check their execution success
• Handle outputs from multiple tools and create attractive reports
• Create PHP pages that test scripts and tools
• Identify parameters and URLs vulnerable to Directory Traversal
• Replicate existing tool functionality in Python
• Create basic dial-back Python scripts using reverse shells and basic Python PoC malware

In Detail

This book gives you an arsenal of Python scripts perfect to use or to customize your needs for each stage of the testing process. Each chapter takes you step by step through the methods of designing and modifying scripts to attack web apps. You will learn how to collect both open and hidden information from websites to further your attacks, identify vulnerabilities, perform SQL Injections, exploit cookies, and enumerate poorly configured systems. You will also discover how to crack encryption, create payloads to mimic malware, and create tools to output your findings into presentable formats for reporting to your employers.

Table of Contents

Chapter 1: Gathering Open Source Intelligence
Chapter 2: Enumeration
Chapter 3: Vulnerability Identification
Chapter 4: SQL Injection
Chapter 5: Web Header Manipulation
Chapter 6: Image Analysis and Manipulation
Chapter 7: Encryption and Encoding
Chapter 8: Payloads and Shells
Chapter 9: Reporting

中文：

书名：Python Web Penetration Testing Cookbook

60多个必不可少的Python食谱，确保您始终手头有用于Web应用程序测试的正确代码

关于本书

• 获取有关编写Python脚本和使用库来测试网站和Web应用程序的有用指导
• 找到处理Web测试过程的任何阶段所需的脚本
• 开发您的Python知识以领先于Web测试，并将您的技能集扩展到其他测试领域

这本书是为谁写的

这本书是为寻求快速访问强大的现代工具和可定制的脚本的测试人员提供的，以启动他们自己的PythonWeb渗透测试工具箱的创建。

你将学到什么

• 通过Python枚举Web应用程序上的用户
• 通过Python开发复杂的基于标头的攻击
• 交付多个XSS字符串并检查它们的执行成功
• 处理来自多个工具的输出并创建有吸引力的报告
• 创建测试脚本和工具的PHP页面
• 识别易受目录遍历攻击的参数和URL
• Replicate existing tool functionality in Python
• Create basic dial-back Python scripts using reverse shells and basic Python PoC malware

In Detail

这本书为您提供了一系列完美的使用或定制测试过程每个阶段的需求的Python脚本。每一章都带你一步一步地了解设计和修改脚本以攻击Web应用程序的方法。您将学习如何从网站收集公开和隐藏信息以进一步攻击、识别漏洞、执行SQL注入、利用Cookie以及列举配置不佳的系统。您还将了解如何破解加密、创建有效负载以模拟恶意软件，并创建工具将您的调查结果输出为可呈现的格式，以便向您的雇主报告。

目录表

Chapter 1: Gathering Open Source Intelligence
Chapter 2: Enumeration
第3章：漏洞识别
Chapter 4: SQL Injection
第5章：Web标题操作
第六章：图像分析和处理
Chapter 7: Encryption and Encoding
Chapter 8: Payloads and Shells
第9章：报告