Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Network Vulnerability Assessment

You're reading from Network Vulnerability Assessment Identify security loopholes in your network's infrastructure

Product type Paperback

Published in Aug 2018

Publisher

ISBN-13 9781788627252

Length 254 pages

Edition 1st Edition

Tools

Kali Linux

Concepts

Network Security

Author (1):

Rahalkar

View More author details

Table of Contents (20) Chapters

Title Page

Copyright and Credits

Packt Upsell

Contributors

Preface

1. Vulnerability Management Governance FREE CHAPTER

2. Setting Up the Assessment Environment

3. Security Assessment Prerequisites

4. Information Gathering

5. Enumeration and Vulnerability Assessment

6. Gaining Network Access

7. Assessing Web Application Security

8. Privilege Escalation

9. Maintaining Access and Clearing Tracks

10. Vulnerability Scoring

11. Threat Modeling

12. Patching and Security Hardening

13. Vulnerability Reporting and Metrics

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

Input validation

Improper validation of input is one of the most common and inherent flaws in most web applications.

This weakness further leads to many critical vulnerabilities in web applications, such as cross-site scripting, SQL injection, buffer overflows, and so on.

Most times when an application is developed, it blindly accepts all the data coming to it. However from the security perspective, this is a harmful practice as malicious data could also get in due to lack of proper validation.

OWASP mapping

Input validation related vulnerabilities are part of the OWASP Top 10 2017. They are covered under A1:2017 Injection, A4:2017-XML External Entities (XXE), A7:2017-Cross-Site Scripting (XSS), and A8:2017-Insecure Deserialization. Some of the vulnerabilities listed under this category are as follows:

Application not validating input both on the client side as well as the server side.
Application allowing harmful blacklisted characters (<>;’”!()).
Application vulnerable to injection...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (1)

Rahalkar

Rahalkar

Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a masters degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciations from senior officials of the police and defense organizations in India. Sagar has also been a reviewer and author for various books and online publications.

See other products by Rahalkar

Other recommended products

Related to this chapter

Metasploit for Beginners

Metasploit for Beginners

Metasploit for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. This book would help the reader absorb the essential concepts on using Metasploit framework for comprehensive penetration testing. By the end of the book, the reader would feel confident on having gained sufficient hands-on knowledge on effectively utilizing the framework in real world scenarios.

Jul 2017 6h 20m

Metasploit 5.0 for Beginners

Metasploit 5.0 for Beginners

Metasploit 5.x for Beginners will provide a good starting point to perform penetration testing and identify threats and vulnerabilities to secure your IT environment. You will be able to analyze, identify, and exploit threats and vulnerabilities to secure your IT environment.

Apr 2020 8h 12m

Hands-On Web Penetration Testing with Metasploit

Hands-On Web Penetration Testing with Metasploit

Metasploit is one of the best frameworks used for enumeration and exploitation of vulnerabilities. This book will not only give you a practical understanding of Metasploit but will also cover some less known modules and auxiliaries for pentesting Web Applications.

May 2020 18h 8m

Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

Nov 2019 18h 20m

Metasploit Bootcamp

Metasploit Bootcamp

Metasploit Bootcamp will enable readers to gain hands-on knowledge on Penetration testing with Metasploit in various environments using a boot camp style approach. The readers will learn about Scanning, fingerprinting and exploiting different software. They will also learn about testing on services like Databases, VOIP and other known and unknown services. Attacking client side and scripting attacks would be made easy with this book. Overall the readers would learn how to test various devices and learn how to integrate Metasploit with industry's leading tools.

May 2017 7h 40m

Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book will be packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) as per your requirements and move on to core functionalities.

Oct 2017 12h 32m

Kali Linux Network Scanning Cookbook

Kali Linux Network Scanning Cookbook

With the ever-increasing amount of data flowing in today's world, information security has become vital to any application. This is where Kali Linux comes in. Kali Linux focuses mainly on security auditing and penetration testing. This step-by-step cookbook on network scanning trains you in important scanning concepts based on version 2016.2. It will enable you to conquer any network environment through a range of network scanning techniques and will also equip you to script your very own tools.

May 2017 21h 8m

Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2018.4/2019) as per your requirements and help you move on to core functionalities.

Mar 2019 15h 44m

Nmap Network Exploration and Security Auditing Cookbook

Nmap Network Exploration and Security Auditing Cookbook

This book explores how Nmap is one of the most robust tools for network discovery and security auditing. You'll focus on how you can use it to perform hundreds of different tasks, from OS detection and port scanning to advanced fingerprinting and vulnerability exploitation.

Sep 2021 14h 32m

Information Security Handbook

Information Security Handbook

Having an information security mechanism is one of the most crucial factors for any organization. Important assets of organization demand a proper risk management and threat model for security, and so information security concepts are gaining a lot of traction. This book covers the concept of information security, and shows you why it's important.

Dec 2017 11h 0m

Hands-On Security in DevOps

Hands-On Security in DevOps

Hands-On Security in DevOps explores how the techniques of DevOps and Security should be applied together to make cloud services safer. By the end of this book, readers will be ready to build security controls at all layers, monitor and respond to attacks on cloud services, and add security organization-wide through risk management and training.

Jul 2018 11h 52m

Network Scanning Cookbook

Network Scanning Cookbook

Network Scanning Cookbook enables a reader to understand how to perform a Network Scan, which includes Discovery, Scanning, Enumeration, Vulnerability detection etc using scanning tools like Nessus and Nmap. If the reader is an auditor, they will be able to determine the security state of the client's network and recommend remediations accordingly.

Sep 2018 10h 8m

Personalised recommendations for you

Based on your interests and search pattern

Mastering Palo Alto Networks

Mastering Palo Alto Networks

Mastering Palo Alto Networks is a hands-on guide that helps you progress from a beginner to an expert in configuring Palo Alto firewalls. It covers setup, management, and optimization with real-world examples for both on-prem and cloud environments.

May 2025 21h 32m

Cloud Native Anti-Patterns

Cloud Native Anti-Patterns

Uncover and fix cloud native anti-patterns across strategy, culture, security, and operations. This book guides you through the practical steps to avoid common traps and shift your organization toward cloud-native best practices that drive lasting success.

Mar 2025 14h 44m

AWS for System Administrators

AWS for System Administrators

Master the art of designing, deploying, and managing AWS infrastructure with industry best practices. You'll learn to automate workflows, optimize costs, and implement robust disaster recovery strategies for scalable cloud success.

May 2025 14h 12m

Kubernetes for Generative AI Solutions

Kubernetes for Generative AI Solutions

Learn step by step how to design, optimize, and deploy Generative AI projects on Kubernetes. Covering networking, observability, security, scaling, and cost optimization strategies, this guide takes you from first deployment to production excellence.

Jun 2025 11h 8m

Azure Cloud Projects

Azure Cloud Projects

Azure Cloud Projects offers a hands-on introduction to Microsoft Azure, designed to help you build real-world cloud solutions, develop job-ready skills, and apply best practices that are widely used across the cloud computing industry.

May 2025 8h 28m

Sustainable Cloud Development

Sustainable Cloud Development

This book introduces best practices for developing and deploying high-performing, eco-friendly cloud applications, helping you meet sustainability goals while delivering efficient cloud solutions.

Mar 2025 9h 12m

SLIs and SLOs Demystified

SLIs and SLOs Demystified

This comprehensive guide to reliability engineering dives deep into SLIs, SLOs, observability, and incident management. It shows you how to optimize system reliability and make data-driven decisions to balance performance and business goals.

Apr 2025 10h 0m