Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag South Africa
Country selected
country flag Thailand
Country selected
country flag Ukraine
Country selected
country flag Switzerland
Country selected
country flag Slovakia
Country selected
country flag Luxembourg
Country selected
country flag Hungary
Country selected
country flag Romania
Country selected
country flag Denmark
Country selected
country flag Ireland
Country selected
country flag Estonia
Country selected
country flag Belgium
Country selected
country flag Italy
Country selected
country flag Finland
Country selected
country flag Cyprus
Country selected
country flag Lithuania
Country selected
country flag Latvia
Country selected
country flag Malta
Country selected
country flag Netherlands
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Sweden
Country selected
country flag Argentina
Country selected
country flag Colombia
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag Mexico
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag South Korea
Country selected
country flag Taiwan
Country selected
country flag Turkey
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Greece
Country selected
country flag Isle of Man
Country selected
country flag Bulgaria
Country selected
country flag Japan
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Singapore
Country selected
country flag Egypt
Country selected
country flag Chile
Country selected
country flag Malaysia
Country selected
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Learn Ethical Hacking from Scratch

You're reading from   Learn Ethical Hacking from Scratch Your stepping stone to penetration testing

Arrow left icon
Product type Paperback
Published in Jul 2018
Publisher Packt
ISBN-13 9781788622059
Length 564 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Sabih Sabih
Author Profile Icon Sabih
Sabih
Zaid Sabih is an ethical hacker, a computer scientist, and the founder and CTO of zSecurity. He has valuable experience in ethical hacking—he started working as a pentester with iSecurity. In 2013, he started teaching his first network hacking course—which received amazing feedback—leading him to publish a number of online ethical hacking courses, each focusing on a specific topic, all of which are dominating ethical hacking. Now, Zaid has more than 300,000 students worldwide.
Read more
See other products by Sabih
Arrow right icon
View More author details
Toc

Table of Contents (29) Chapters Close

Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
1. Introduction FREE CHAPTER 2. Setting Up a Lab 3. Linux Basics 4. Network Penetration Testing 5. Pre-Connection Attacks 6. Network Penetration Testing - Gaining Access 7. Post-Connection Attacks 8. Man-in-the-Middle Attacks 9. Network Penetration Testing, Detection, and Security 10. Gaining Access to Computer Devices 11. Scanning Vulnerabilities Using Tools 12. Client-Side Attacks 13. Client-Side Attacks - Social Engineering 14. Attack and Detect Trojans with BeEF 15. Attacks Outside the Local Network 16. Post Exploitation 17. Website Penetration Testing 18. Website Pentesting - Information Gathering 19. File Upload, Code Execution, and File Inclusion Vulnerabilities 20. SQL Injection Vulnerabilities 21. Cross-Site Scripting Vulnerabilities 22. Discovering Vulnerabilities Automatically Using OWASP ZAP 1. Other Books You May Enjoy Index

Discovering SQLi

Now, let's try to discover some SQL injections. We need to browse through our target and try to break each page. Whenever we see a textbox or a parameter on the form, such as page.php, then something is equal to something; try to inject stuff there, try to use a single quote, try to use an and, or the orderby statement to break the page and make it look different. For example, we will be using the Mutillidae vulnerable website from Metasploit. We are going to go into the Login/Register page first, as we can see in the following screenshot, and it will ask us to log in. Now, the site is registered with your name so you can just click on Please register here and register:

After registering, go to the login page. At the moment, we are using the example of injecting into textboxes, so we can try to inject into the Name and into the Password textboxes. For example, suppose we put the Name as zaid and then a single quote mark (') into Password, and click Login. As you can see in...

lock icon The rest of the chapter is locked
arrow left Previous Section
Section 4 of 13
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at £13.99/month. Cancel anytime

Authors (1)

Profile icon Sabih
Sabih
Zaid Sabih is an ethical hacker, a computer scientist, and the founder and CTO of zSecurity. He has valuable experience in ethical hacking—he started working as a pentester with iSecurity. In 2013, he started teaching his first network hacking course—which received amazing feedback—leading him to publish a number of online ethical hacking courses, each focusing on a specific topic, all of which are dominating ethical hacking. Now, Zaid has more than 300,000 students worldwide.
Read more
See other products by Sabih

Other recommended products

Related to this chapter
Left arrow icon
Kali Linux Wireless Penetration Testing Beginner's Guide
Kali Linux Wireless Penetration Testing Beginner's Guide
Read more
Kali Linux Wireless Penetration Testing Beginner's Guide, Third Edition has been updated to Kali Linux 2017.3 with the latest methodologies, including full coverage of the KRACK attack and how to defend against it. The book presents wireless pentesting from the ground up, introducing all elements of penetration testing and providing detailed coverage of modern hacking methods and attacks.
Read more
Dec 2017 7h 0m
Learn Kali Linux 2019
Learn Kali Linux 2019
Read more
The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.
Read more
Nov 2019 18h 20m
Kali Linux Wireless Penetration Testing Cookbook
Kali Linux Wireless Penetration Testing Cookbook
Read more
The security of wireless networks is more important than ever before due to widespread usage of WiFi networks. This book has recipes that will enable you to maximize the success of your wireless network testing using advanced ethical hacking features of Kali Linux.
Read more
Dec 2017 7h 12m
Learn Penetration Testing
Learn Penetration Testing
Read more
A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to augment a web application firewall (WAF). This book teaches you various penetration testing techniques in order to become a proficient Penetration tester.
Read more
May 2019 14h 8m
Python Ethical Hacking from Scratch
Python Ethical Hacking from Scratch
Read more
Get hands-on with practical ethical hacking from scratch using Python. With the help of step-by-step instructions and practical exercises, you'll develop tools that provide detailed insights into the ethical hacking thought process. This book also covers aspects of network and system hacking along with defense techniques.
Read more
Jun 2021 7h 8m
Applied Network Security
Applied Network Security
Read more
Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.
Read more
Apr 2017 11h 40m
Kali Linux Cookbook
Kali Linux Cookbook
Read more
Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Kali Linux is the most widely used platform and toolkit for penetration testing. Security is currently the hottest field in technology with a projected need for millions of security professionals. This book focuses on enhancing your knowledge in Kali Linux for security by expanding your skills with toolkits and frameworks that can increase your value as a security professional.
Read more
Sep 2017 14h 36m
Kali Linux Intrusion and Exploitation Cookbook
Kali Linux Intrusion and Exploitation Cookbook
Read more
Born from it predecessor, Kali Linux 2.0 is the most popular Linux distribution designed for security professionals who build defensive strategies around their systems with an offensive mindset. This book aims at introducing you to the most common and not -so- common pre-installed penetration testing tools and create custom complex images in the form of easy to follow recipes. Right Information gathering, vulnerability assessment & penetration testing for Web, wired and wireless Network this book will help you get grips on exploiting vulnerabilities in your system and fix those security anomalies in no time.
Read more
Apr 2017 17h 4m
Metasploit Bootcamp
Metasploit Bootcamp
Read more
Metasploit Bootcamp will enable readers to gain hands-on knowledge on Penetration testing with Metasploit in various environments using a boot camp style approach. The readers will learn about Scanning, fingerprinting and exploiting different software. They will also learn about testing on services like Databases, VOIP and other known and unknown services. Attacking client side and scripting attacks would be made easy with this book. Overall the readers would learn how to test various devices and learn how to integrate Metasploit with industry's leading tools.
Read more
May 2017 7h 40m
Metasploit 5.0 for Beginners
Metasploit 5.0 for Beginners
Read more
Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.
Read more
Apr 2020 8h 12m
Wireshark 2 Quick Start Guide
Wireshark 2 Quick Start Guide
Read more
Wireshark is a powerful tool for network analysis, a combination of Kali Linux and the Metasploit framework. Wireshark is used to analyze the amount of data that flows through a network - it lets you see what's going on in your network. This book takes you from the basics of the Wireshark environment to detecting and resolving network anomalies.
Read more
Jun 2018 5h 28m
Metasploit Penetration Testing Cookbook
Metasploit Penetration Testing Cookbook
Read more
Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports.
Read more
Feb 2018 14h 12m
Right arrow icon
Visually different images

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Cloud Security Handbook
Cloud Security Handbook
Read more
This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.
Read more
Apr 2025 16h 4m
CompTIA CySA+ (CS0-003) Certification Guide
CompTIA CySA+ (CS0-003) Certification Guide
Read more
Prepare for CompTIA CySA+ (CS0-003) exam with this study guide—covering security ops, incident response, and vulnerability management in depth to level up your cybersecurity career. Includes exam-style questions, 2 practice tests, and flashcards.
Read more
Apr 2025 24h 44m
Cyber Security Kill Chain - Tactics and Strategies
Cyber Security Kill Chain - Tactics and Strategies
Read more
Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.
Read more
May 2025 10h 16m
Right arrow icon