Kali Linux Web Penetration Testing Cookbook by Gilberto Najera-Gutierrez
Author:Gilberto Najera-Gutierrez [Gilberto Najera-Gutierrez]
Language: eng
Format: epub, pdf
Publisher: Packt Publishing
Published: 2018-08-31T09:50:31+00:00
Then, we will see the WebSocket Message Editor window, where we can change all of the parameters of the message, including its direction and contents, and send it again:
Most of the attacks and security weaknesses inherent in web applications can be replicated and exploited via WebSockets if the application is vulnerable.
How it works...
WebSockets communication is initiated by the client via the WebSocket class in JavaScript. When a WebSocket instance is created, the client starts the handshake with the server. When the server responds to the handshake and the connection is established, the HTTP connection is then replaced by the WebSocket connection, and it becomes a bidirectional binary protocol not necessarily compatible with HTTP.
WebSockets is plain text, as is HTTP. The server will still require you to implement HTTPS to provide an encrypted layer. If we sniff the communication in the previous exercise with Wireshark, we can easily read the message:
Download
Kali Linux Web Penetration Testing Cookbook by Gilberto Najera-Gutierrez.pdf
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7402)
Grails in Action by Glen Smith Peter Ledbrook(7295)
Kotlin in Action by Dmitry Jemerov(4638)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4131)
The Age of Surveillance Capitalism by Shoshana Zuboff(3422)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3242)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3027)
Mastering Python for Networking and Security by José Manuel Ortega(2951)
Blockchain Basics by Daniel Drescher(2891)
TCP IP by Todd Lammle(2639)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(2609)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2483)
Hands-On Azure for Developers by Kamil Mrzyglod(2412)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(2366)
React Native - Building Mobile Apps with JavaScript by Novick Vladimir(2340)
MCSA Windows Server 2016 Study Guide: Exam 70-740 by William Panek(2313)
The Social Psychology of Inequality by Unknown(2311)
The Art Of Deception by Kevin Mitnick(2298)
Azure Containers Explained by Wesley Haakman & Richard Hooper(2256)