-
Yes, there is. There's a CWE list maintained by MITRE that can be found at https://cwe.mitre.org/.
-
The OWASP Top 10 can be found at https://owasp.org/www-project-top-ten/, while the SANS Top 25 can be found at https://www.sans.org/top25-software-errors/.
-
Many of the tools that are used in a typical penetration test are open source, such as Nmap, and the Metasploit framework. However, there are some really efficient tools on the market that can be used as well, including BurpSuite Professional and Nessus Professional.
-
An OSSTMM penetration test can be one of six different types, depending on the nature and scope of the engagement. PTES-based penetration tests are categorized under very generic test types, such as white box, gray box, and black box. As PTES is the industry standard, most penetration tests use the PTES methodology.
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Introduction
- Introduction to Web Application Penetration Testing
- What is a penetration test?
- Types of penetration test
- Stages of penetration testing
- Important terminologies
- Penetration testing methodologies
- Common Weakness Enumeration (CWE)
- Summary
- Questions
- Further reading
- Metasploit Essentials
- Technical requirements
- Introduction to Metasploit Framework
- Metasploit Framework terminology
- Installing and setting up Metasploit
- Getting started with Metasploit Framework
- Interacting with Metasploit Framework using msfconsole
- MSF console commands
- Customizing global settings
- Variable manipulation in MSF
- Exploring MSF modules
- Running OS commands in MSF
- Setting up a database connection in Metasploit Framework
- Loading plugins in MSF
- Using Metasploit modules
- Searching modules in MSF
- Checking for hosts and services in MSF
- Nmap scanning with MSF
- Setting up payload handling in MSF
- MSF payload generation
- Summary
- Questions
- Further reading
- The Metasploit Web Interface
- The Pentesting Life Cycle with Metasploit
- Using Metasploit for Reconnaissance
- Web Application Enumeration Using Metasploit
- Vulnerability Scanning Using WMAP
- Vulnerability Assessment Using Metasploit (Nessus)
- Pentesting Content Management Systems (CMSes)
- Pentesting CMSes - WordPress
- Technical requirements
- Introduction to WordPress
- WordPress reconnaissance and enumeration
- Vulnerability assessment for WordPress
- WordPress exploitation part 1 – WordPress Arbitrary File Deletion
- WordPress exploitation part 2 – unauthenticated SQL injection
- WordPress exploitation part 3 – WordPress 5.0.0 Remote Code Execution
- Going the extra mile – customizing the Metasploit exploit
- Summary
- Questions
- Further reading
- Pentesting CMSes - Joomla
- Technical requirements
- An introduction to Joomla
- The Joomla architecture
- Reconnaissance and enumeration
- Enumerating Joomla plugins and modules using Metasploit
- Performing vulnerability scanning with Joomla
- Joomla exploitation using Metasploit
- Joomla shell upload
- Summary 
- Questions
- Further reading
- Pentesting CMSes - Drupal
- Performing Pentesting on Technological Platforms
- Penetration Testing on Technological Platforms - JBoss
- Technical requirements
- An introduction to JBoss
- Reconnaissance and enumeration
- Performing a vulnerability assessment on JBoss AS
- JBoss exploitation
- JBoss exploitation via the administration console
- Exploitation via the JMX console (the MainDeployer method)
- Exploitation via the JMX console using Metasploit (MainDeployer)
- Exploitation via the JMX console (BSHDeployer)
- Exploitation via the JMX console using Metasploit (BSHDeployer)
- Exploitation via the web console (Java applet)
- Exploitation via the web console (the Invoker method)
- Exploitation via JMXInvokerServlet using Metasploit
- Summary
- Questions
- Further reading
- Penetration Testing on Technological Platforms - Apache Tomcat
- Penetration Testing on Technological Platforms - Jenkins
- Logical Bug Hunting
- Web Application Fuzzing - Logical Bug Hunting
- Technical requirements
- What is fuzzing?
- Fuzzing terminology
- Fuzzing attack types
- Introduction to web app fuzzing
- Identifying web application attack vectors
- HTTP request verbs
- HTTP request URIs
- Fuzzing an HTTP request URl path using Wfuzz
-  Fuzzing an HTTP request URl path using ffuf
- Fuzzing an HTTP request URl path using Burp Suite Intruder
- Fuzzing HTTP request URl filenames and file extensions using Wfuzz
- Fuzzing HTTP request URl filenames and file extensions using ffuf
- Fuzzing HTTP request URl filenames and file extensions using Burp Suite Intruder
- Fuzzing an HTTP request URl using Wfuzz (GET parameter + value)
- Fuzzing an HTTP request URl using Burp Suite Intruder (GET parameter + value)
- HTTP request headers
- Summary
- Questions
- Further reading
- Writing Penetration Testing Reports
- Assessment
- Other Books You May Enjoy
Chapter 1
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.