1Chapter 1. Ethical Hacking
825.3 Exercise : References
21.1 Introduction
83Chapter 6. Python Language
31.1.1 Ethical hacking
846.1 What is python?
41.1.2 Types of Hacking
856.2 Design philosophy and features
51.1.3 Advantages of Hacking
866.3 Syntax and semantics
61.1.4 Disadvantages of Hacking
876.3.1 Indentation
71.2 Key – Concepts
886.3.2 Statements and control flow
81.2.1 Ethical Hacking: Legal or Illegal?
896.4 How to install and use python
91.2.2 Necessary Skills
906.4.1 Normal Installation using native Python.exe setup
101.2.3 Programming Languages
916.4.2 Install python 3 on Windows without Anaconda
111.2.4 Tools
926.4.3 Download python windows 10
121.3 How are they different from malicious
936.4.4 Python installation on Windows using Anaconda
13hackers?
946.4.5 Download Anaconda
141.4 Skills and certifications required
956.4.6 Anaconda installation for Python on Windows 10
151.5 Terminologies
966.4.7 anaconda Prompt (Anaconda3)
161.6 Exercise: References
976.5 Python in machine learning
17Chapter 2. Exploiting Application-Based Vulnerabilities
986.5.1 Lexical matters
182.1 Cross-Site Scripting
996.5.2 Comments
192.1.1 JavaScript in XSS
1006.5.3 Names and tokens
202.1.2 Working of Cross-site scripting
1016.5.4 Blocks and indentation
212.1.3 Types of Cross-site scripting attacks
1026.5.5 Docstrings
222.1.4 How to Test Against XSS?
1036.5.6 Program structure
232.2.1 How does a SQL injection work?
1046.5.7 Operators
242.3 LDAP Injection
1056.5.8 Boolean Values
252.3.1 What is LDAP injection?
1066.5.9 Comparison Operators
262.3.3 How does LDAP injection work?
1076.5.10 The Difference Between The == And = Operators
272.4 Cross-Site request forgery
1086.5.11 Boolean Operators
282.4.1 Synchronizer Token Pattern
1096.5.12 Mixing Boolean and Comparison Operators
292.4.2 Defense through Techniques
1106.5.13 Elements of Flow Control
302.5 Exercise : References
1116.5.14 Program Execution
31Chapter 3. Exploiting Injection-Based Vulnerability
1126.5.15 Flow Control Statements
323.1 XML
1136.6 Trapped In An Infinite Loop?
333.1.1 XML Entities
1146.7 Importing Modules
343.1.2 Document Types
1156.8 Aggregating and analyzing data In python
353.1.3 XML Custom Entities
1166.8.1 Pandas – Python Data Analysis Library
363.1.4 What is XML external entity injection?
1176.8.2 A Sample DataFrame
373.1.5 XXE injection
1186.8.3 Summarising Groups within the DataFrame
383.1.6 XML External Entity
1196.8.4 Groupby output format – Series or DataFrame?
393.1.7 What are the kinds of XXE attacks?
1206.9 Exercise : References
403.2 XML queries
121Chapter 7. Cryptology
413.3 OS commands injections
1227.1 Information theory
423.3.1 Executing arbitrary commands
1237.1.1 Random Variables, Entropy, and Conditional Independence
433.3.2 Linux Basic Commands
1247.1.2 Unconditional Secrecy, Authenticity, and Key
443.3.3 Windows commands
1257.2 Algorithmic run time
453.4 No-SQL Injection
1267.2.1 Counting instructions
463.4.1 NoSQL Vulnerabilities
1277.2.2 Worst-case analysis
473.4.2 NoSQL Attack Vectors
1287.2.3 Asymptotic behavior and Asymptotic Notation
483.4.3 JavaScript Object Notation Queries and Data Formats
1297.3 Symmetric encryption
493.4.4 PHP Tautology Injections
1307.3.1 DES and 3DES
503.4.5 NoSQL Union Query Injection
1317.3.2 Rijndael
513.4.6 NoSQL JavaScript Injection
1327.3.3 RC2
523.5 Exercise: References
1337.3.4 Selecting an Algorithm
53Chapter 4. Quantifying Learning Algorithms
1347.3.5 Establishing Keys and Initialization Vectors
544.1 Regularization
1357.4 Asymmetric encryption
554.1.1 Ridge Regression Equation.
1367.4.1 What Is Asymmetric Encryption? Explanation and Definition
564.1.2 Equation-Lasso Regression subgradient vector
1377.4.2 Four Main Characteristics of Asymmetric Encryption
574.1.3 Equation- Elastic Net cost function
1387.4.3 How Public Key Encryption Helps You Protect Your Business & Data
584.2 Dimensionality reduction
1397.5 Hybrid Ciphers
594.3 PCA
1407.5.1 Hybrid Ciphers
604.3.1 Preserving the Variance
1417.5.2 Man-in-the-Middle Attacks
614.3.2 Principal Components
1427.6 Exercise: References
624.3.3 Projecting Down to d Dimensions
143Chapter 8. Shellcode
634.3.4 Using Scikit-Learn
1448.1 Assembly vs. C
644.3.5 Explained Variance Ratio
1458.2 path to shellcode
654.3.6 Choosing the Right Number of Dimensions
1468.3 Shell-Spawning Shellcode
664.4 Exercise : References
1478.4 port-binding shellcode
67Chapter 5. Penetration Testing Tools
1488.5 connect-back shellcode
685.1 What is penetration testing?
1498.6 Exercise: References
695.1.1 What is Penetration Testing
150Chapter 9. Attacking Authentication
705.1.2 Need for Penetration Testing
1519.1 Authentication technologies
715.1.3 Working Functionality of Penetration Testing
1529.1.1 Securing Authentication
725.1.4 Classification of Penetration Tests
1539.1.2 Protecting FOSS systems
735.2 How to use Net Sparker?
1549.2 Design Flaws
745.2.1 How is Penetration Testing Beneficial?
1559.3 Implementation Flaws in Authentication
755.2.2 Penetration Testing - Method
1569.3.1 Prevent Bruce-Force Attacks
765.2.3 Penetration Testing Vs. Vulnerability
1579.4 Exercise : References
775.2.4 Which Option is right to Practice?
158Chapter 10. Attacking Session Managements
785.2.5 Types of Penetration Testing
15910.1 Weakness in session token generation
795.2.7 Penetration Testing - Manual & Automated
16010.2 weakness in session token handling
805.2.8 Penetration Testing - Tools
16110.3 Exercise: References
815.2.9 Penetration Testing - Infrastructure
162Glossary
