Libreria| Editore| Dizionari Online| Hoepli Test| Hoepli Scuola| Servizi per le aziende| Eventi| Lavora con Noi
Accedi Cerca ordine


Chi siamo Dove siamo Help Ricerca Avanzata

home libri books Fumetti ebook dvd top ten sconti 0 Carrello


Torna Indietro
ARGOMENTO:  BOOKS > INFORMATICA > TESTI GENERALI > SICUREZZA INFORMATICA

rahalkar sagar - a complete guide to burp suite

A Complete Guide to Burp Suite Learn to Detect Application Vulnerabilities




Disponibilità: Normalmente disponibile in 15 giorni
 A causa di problematiche nell'approvvigionamento legate alla Brexit sono possibili ritardi nelle consegne.


PREZZO
48,98 €
NICEPRICE
46,53 €
SCONTO
5%
Acquista



Questo prodotto usufruisce delle SPEDIZIONI GRATIS
selezionando l'opzione Corriere Veloce in fase di ordine.


Pagabile anche con Carta della cultura giovani e del merito, 18App Bonus Cultura e Carta del Docente


Facebook Twitter Aggiungi commento


Spese Gratis

Dettagli

Genere:Libro
Lingua: Inglese
Editore:

Apress

Pubblicazione: 11/2020
Edizione: 1st ed.




Trama

Use this comprehensive guide to learn the practical aspects of Burp Suite—from the basics to more advanced topics. The book goes beyond the standard OWASP Top 10 and also covers security testing of APIs and mobile apps.

Burp Suite is a simple, yet powerful, tool used for application security testing. It is widely used for manual application security testing of web applications plus APIs and mobile apps. The book starts with the basics and shows you how to set up a testing environment. It covers basic building blocks and takes you on an in-depth tour of its various components such as intruder, repeater, decoder, comparer, and sequencer. It also takes you through other useful features such as infiltrator, collaborator, scanner, and extender. And it teaches you how to use Burp Suite for API and mobile app security testing.


What You Will Learn

  • Understand various components of Burp Suite
  • Configure the tool for the most efficient use
  • Exploit real-world web vulnerabilities using Burp Suite
  • Extend the tool with useful add-ons

Who This Book Is For

Those with a keen interest in web application security testing, API security testing, mobile application security testing, and bug bounty hunting; and quality analysis and development team members who are part of the secure Software Development Lifecycle (SDLC) and want to quickly determine application vulnerabilities using Burp Suite



Sommario

Chapter 1:  Introduction to Burp Suite
Chapter Goal: Introduce the Burp suite to the users explaining its need and a high-level overview. It would set the context for rest of the chapters.

No of pages – 6-8      

Subtopics

1.     Introduction to application security testing

2.     Some basics of application security

3.     A brief introduction to Burp Suite

4.     Need for Burp Suite

5.     Peer comparison

6.     Burp Suite features and versions

7.     High level feature overview

Chapter 2:  Setting up the environment

Chapter Goal: Help the readers to setup the testing environment for rest of the chapters

No of pages 6

Subtopics       

1. Burp Suite installation

2. Setting up vulnerable target web application

3.      Configuring the browser

4.      Using the Burp Suite CA certificate

Chapter 3: User options, project options, proxy

Chapter Goal: Introduce the readers to the user options, project options and proxy tab of Burp Suite. These are some basic building blocks to get started further.

No of pages 20-25     

Subtopics       

1.     Platform authentication, upstream proxy servers, SOCKS proxy

2.     Defining the hotkeys

3.     Automatic project backups

4.     Rest API

5.     Proxy interception, proxy history logging

6.     Performance feedback

7.     Project Options – Time outs, host name resolution, out of scope requests, redirections, TLS configuration, session handling rules, cookie jar and macros

8.     Proxy – Intercept, HTTP History, web socket history and options

Chapter 4: Dashboard, target, engagement tools

Chapter Goal: Introduce the readers to the dashboard, target tabs and the engagement tools

No of pages    10-15

Subtopics

1.Dashboard overview

2.Target Tab – introduction to various panes, filters

3.Engagement tools

Chapter 5: Intruder

Chapter Goal: Introduce the readers to the Burp Suite intruder tool.

No of pages 10          

Subtopics       

1.     Target tab

2.     Positions

3.     Payloads

4.     Options

Chapter 6: Repeater, sequencer, decoder and comparer

Chapter Goal: Introduce the readers to repeater, sequencer, decoder and comparer   

No of pages 10 - 15   

Subtopics

1.     Repeater – request and response, search filters, show response and render

2.     Sequencer – Live capture, manual load and analysis options

3.     Decoder – Encoding, Decoding and Hashing

4.     Efficiently using comparer

Chapter 7: Infiltrator, Collaborator and Clickbandit

Chapter Goal: Introduce the readers to infiltrator, collaborator and clickbandit tools

No of pages 10-15

Subtopics

1.     Infiltrator – patching the java binaries

2.     Collaborator basics for out of the band attacks

3.     Introduction to clickbandit for clickjacking POC’s.

Chapter 8: Scanner and Reporting

Chapter Goal: Introduce the readers to Burp Suite Scanner and various reporting options           

No of pages 6-8         

Subtopics

1.     Crawl, audit

2.     Scan configuration

3.     Application login

4.     Resource pools

Chapter 9: Extending Burp Suite

Chapter Goal: Introduce the readers to Burp Suite extender

No of pages 15-20     

Subtopics

1.     Burp Suite extensions

2.     Manual installation

3.     BApp store

4.     Other useful extensions

Chapter 10: Testing mobile apps and API’s with Burp Suite

Chapter Goal: Introduce the readers to techniques for performing security testing on mobile apps and API’s with Burp Suite

No of pages    15-20

Subtopics

1.     API security testing with Burp Suite

2.     Mobile App Security Testing with Burp Suite




Autore

Sagar Rahalkar is a seasoned information security professional with more than 13 years of experience in various verticals of information security. His domain expertise is mainly in AppsSec, cyber crime investigations, vulnerability assessments, penetration testing, and IT GRC. He holds a master’s degree in computer science and several industry-recognized certifications such as CISM, ISO 27001LA, and ECSA. He has been closely associated with Indian law enforcement agencies for more than three years, dealing with digital crime investigations and related training, and received awards from senior officials of the police and defense organizations in India. He also is an author and reviewer for several publications.








Altre Informazioni

ISBN:

9781484264010

Condizione: Nuovo
Dimensioni: 235 x 155 mm Ø 454 gr
Formato: Brossura
Illustration Notes:XIII, 167 p. 171 illus.
Pagine Arabe: 167
Pagine Romane: xiii


Dicono di noi



Libri · DVD e Film · Top Ten · Libri in prenotazione · Anteprime · Sconti · Lavora con noi · Eventi
METODI DI PAGAMENTO
Visa Mastercard PayPal Visa Electon Postepay American Express
SPEDIZIONI CON:
Dhl Sda Bartolini
REGISTRAZIONE Come iscriversi a HOEPLI.it Hai dimenticato la tua password? Accedi
ORDINI Come ordinare un libro Come pagare un libro Spedizioni Contattaci
NOTE LEGALI Condizioni d'uso del sito Condizioni generali di vendita Informativa sulla privacy Informativa sui cookie
HOEPLI MULTIMEDIA Servizi per le aziende hoeplieditore.it hoeplitest.it hoepliscuola.it
SEGUICI SU:

Facebook Instagram Twitter Youtube

La libreria italiana online Hoepli.it
HOEPLI S.p.A. - Sede Legale Via U. Hoepli 5, 20121 Milano - Italy
Tel. +39 02864871 - fax +39 028052886 - info@hoepli.it - P.IVA 00722360153
Iscrizione registro imprese: 00722360153 del registro delle imprese di Milano.
Capitale sociale in euro: deliberato 4.000.000,00; sottoscritto: 4.000.000,00; versato: 4.000.000,00.
Copyright © 2001-2023 - Motore di Ricerca, DataBase, Immagini by HOEPLI.it