Mastering Kali Linux For Web Penetration Testing The Ultimate Defense Against Complex Organized Threats And Attacks Mcphee by Mcphee, Michael 9781784395070, 9781784396213, 1784395072, 1784396214 instant download after payment.

Cover ; Copyright; Credits; About the Author; About the Reviewers; www.PacktPub.com; Customer Feedback; Table of Contents; Preface; Chapter 1: Common Web Applications and Architectures; Common architectures; Standalone models; Three-tier models; Model-View-Controller design; Web application hosting; Physical hosting; Virtual hosting; Cloud hosting; Containers -- a new trend; Application development cycles; Coordinating with development teams; Post deployment -- continued vigilance; Common weaknesses -- where to start; Web application defenses; Standard defensive elements; Additional layers.;Chapter 4: Scanning for Vulnerabilities with Arachni; Walking into spider webs; Optimal Arachni deployment tips; An encore for stacks and frameworks; The Arachni test scenario; Profiles for efficiency; Creating a new profile; Scoping and auditing options; Converting social engineering into user input and mobile platform emulation; Fingerprinting and determining platforms; Checks (please); Plugging into Arachni extensions and third-party add-ons; Browser clusters; Kicking off our custom scan; Reviewing the results; Summary; Chapter 5: Proxy Operations with OWASP ZAP and Burp Suite.;Chapter 2: Guidelines for Preparation and Testing; Picking your favorite testing framework; Frameworks through a product; Train like you play; The EC-Council approach; The GIAC/SANS approach; The Offensive Security approach; Open source methodologies and frameworks; ISECOM's OSSTMM; ISSAF; NIST publications; OWASP's OTG; Keeping it legal and ethical; What is legal?; What is ethical?; Labbing - practicing what we learn; Creating a virtualized environment; Our penetration testing host; Creating a target-rich environment; Finding gullible servers; Unwitting clients; Summary.