Penetration Testing with Perl

Douglas Berdeaux

  • 出版商: Packt Publishing
  • 出版日期: 2015-01-05
  • 售價: $1,840
  • 貴賓價: 9.5$1,748
  • 語言: 英文
  • 頁數: 332
  • 裝訂: Paperback
  • ISBN: 1783283459
  • ISBN-13: 9781783283453
  • 相關分類: Perl 程式語言Penetration-test
  • 海外代購書籍(需單獨結帳)

相關主題

商品描述

Harness the power of Perl to perform professional penetration testing

About This Book

  • Write your own custom information security tools using Perl and object-oriented Perl modules
  • Apply powerful Perl Regular Expression syntax to finely tune intelligence gathering techniques
  • Develop a clear understanding of how common attacking tools can function during a penetration test

Who This Book Is For

If you are an expert Perl programmer interested in penetration testing or information security, this guide is designed for you. However, it will also be helpful for you even if you have little or no Linux shell experience.

What You Will Learn

  • Develop your knowledge on the methodology, legality, and ethics involved in penetration testing
  • Utilize Linux OS, shell, and networking utilities using Perl
  • Manipulate and capture LAN network traffic in modern switched environments
  • Apply Perl to the Aircrack-ng suite
  • Combine external, internal, and Internet footprinting, and open source intelligence gathering
  • Perform web penetration testing and automation, including Local and Remote File Inclusion, SQL injection, cross-site scripting, and CMS vulnerability analysis
  • Stabilize your tests by using patterns such as Action Wrapper and Black Hole Proxy

In Detail

This guide will teach you the fundamentals of penetration testing with Perl, providing an understanding of the mindset of a hacker. In the first few chapters, you will study how to utilize Perl with Linux and the regular expression syntax. After that, you will learn how to use Perl for WAN target analysis, and Internet and external footprinting. You will learn to use Perl for automated web application and site penetration testing. We also cover intelligence gathering techniques from data obtained from footprinting and simple file forensics with file metadata.

By the end of this book, you will bring all of your code together into a simple graphical user interface penetration testing framework. Through this guide, you will have acquired the knowledge to apply Perl programming to any penetration testing phase and learn the importance of applying our technique in the methodology and context of the Penetration Testing Execution Standard.

商品描述(中文翻譯)

發揮 Perl 的力量,進行專業的滲透測試

關於本書
- 使用 Perl 和面向對象的 Perl 模塊編寫自己的自定義信息安全工具
- 應用強大的 Perl 正則表達式語法,精確調整情報收集技術
- 深入了解滲透測試中常見攻擊工具的運作方式

本書適合對滲透測試或信息安全感興趣的 Perl 專家程序員。即使您對 Linux shell 沒有或幾乎沒有經驗,本書也將對您有所幫助。

您將學到什麼
- 了解滲透測試中涉及的方法論、合法性和道德問題
- 使用 Perl 運用 Linux 操作系統、shell 和網絡工具
- 在現代交換環境中操作和捕獲局域網流量
- 將 Perl 應用於 Aircrack-ng 套件
- 結合外部、內部和互聯網足跡,以及開源情報收集
- 進行網絡滲透測試和自動化,包括本地和遠程文件包含、SQL 注入、跨站腳本和 CMS 漏洞分析
- 通過使用 Action Wrapper 和 Black Hole Proxy 等模式來穩定測試

詳細內容
本指南將教您使用 Perl 進行滲透測試的基礎知識,讓您了解黑客的思維方式。在最初的幾章中,您將學習如何在 Linux 中使用 Perl 和正則表達式語法。之後,您將學習如何使用 Perl 進行廣域網目標分析,以及互聯網和外部足跡。您將學習使用 Perl 進行自動化的網絡應用和站點滲透測試。我們還涵蓋了從足跡和簡單文件取證中獲得的數據的情報收集技術。

通過本書,您將把所有代碼整合到一個簡單的圖形用戶界面滲透測試框架中。通過本指南,您將獲得將 Perl 編程應用於任何滲透測試階段的知識,並了解在滲透測試執行標準的方法論和上下文中應用我們的技術的重要性。