<link href="style.css" rel="stylesheet" type="text/css"/><meta content="text/html; charset=utf-8" http-equiv="Content-Type"/> <meta content="urn:uuid:e0000000-0000-0000-0000-000000740483" name="Adept.expected.resource"/></head><body><div id="B978-1-59749-627-8.10018-2-25"/><div class="ref-list" id="indexW"><div class="sec-title2" id="indsect0125">W</div><div class="index-item" id="idx3257"><div class="index-heading">WAF</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3263">Web Application Firewall (WAF)</a></div></div><div class="index-item" id="idx3258"><div class="index-heading">WAFWOOF</div><div class="index-item" id="idx3259"><div class="index-heading">web application testing</div><a href="B9781597496278100066.xhtml#s0115">234–235</a> , <a href="B9781597496278100066.xhtml#f0075">235f</a></div><div class="index-item" id="idx3260"><div class="index-heading">web server testing case study</div><a href="B9781597496278100066.xhtml#p1315">249</a></div></div><div class="index-item" id="idx3261"><div class="index-heading">“Walking the stack,” enterprise applications</div><a href="B9781597496278100054.xhtml#p0175">296</a></div><div class="index-item" id="idx3262"><div class="index-heading">WAN</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3383">Wide area network (WAN)</a></div></div><div class="index-item" id="idx3263"><div class="index-heading">Web Application Firewall (WAF)</div><div class="index-item" id="idx3264"><div class="index-heading">web application testing</div><a href="B9781597496278100066.xhtml#p0750">234</a></div><div class="index-item" id="idx3265"><div class="index-heading">web server testing case study</div><a href="B9781597496278100066.xhtml#p1315">249</a> , <a href="B9781597496278100066.xhtml#f0160">250f</a></div></div><div class="index-item" id="idx3266"><div class="index-heading">Web applications</div><div class="index-item" id="idx3267"><div class="index-heading">basic approach</div><a href="B9781597496278100066.xhtml#s0025">221–224</a></div><div class="index-item" id="idx3268"><div class="index-heading">basic assessment</div><a href="B9781597496278100066.xhtml#s0070">231–233</a></div><div class="index-item" id="idx3269"><div class="index-heading">command execution attacks</div><a href="B9781597496278100066.xhtml#s0085">231–232</a></div><div class="index-item" id="idx3270"><div class="index-heading">core technologies</div><a href="B9781597496278100066.xhtml#s0045">224–233</a></div><div class="index-item" id="idx3271"><div class="index-heading">cross-site scripting attacks</div><a href="B9781597496278100066.xhtml#s0095">233</a></div><div class="index-item" id="idx3272"><div class="index-heading">database query injection attacks</div><a href="B9781597496278100066.xhtml#s0090">232</a></div><div class="index-item" id="idx3273"><div class="index-heading">directory traversal attacks</div><a href="B9781597496278100066.xhtml#s0080">231</a></div><div class="index-item" id="idx3274"><div class="index-heading">DVWA</div><a href="B9781597496278100017.xhtml#p0965">22</a></div><div class="index-item" id="idx3275"><div class="index-heading">enterprise applications</div><a href="B9781597496278100054.xhtml#p0115">293–294</a> , <a href="B9781597496278100054.xhtml#u0055">297</a></div><div class="index-item" id="idx3276"><div class="index-heading"><i>vs.</i> enterprise applications</div><a href="B9781597496278100054.xhtml#p0065">292</a></div><div class="index-item" id="idx3277"><div class="index-heading">file system attacks</div><a href="B9781597496278100066.xhtml#s0080">231</a></div><div class="index-item" id="idx3278"><div class="index-heading">fimap</div><a href="B9781597496278100066.xhtml#s0130">241–243</a> , <a href="B9781597496278100066.xhtml#f0105">242f</a> , <a href="B9781597496278100066.xhtml#f0110">243f</a> , <a href="B9781597496278100066.xhtml#f0115">244f</a></div><div class="index-item" id="idx3279"><div class="index-heading">Grendel-Scan</div><a href="B9781597496278100066.xhtml#s0125">238–241</a> , <a href="B9781597496278100066.xhtml#f0095">240f</a> , <a href="B9781597496278100066.xhtml#f0100">241f</a></div><div class="index-item" id="idx3280"><div class="index-heading">hands-on challenge</div><a href="B9781597496278100066.xhtml#s0155">255–256</a></div><div class="index-item" id="idx3281"><div class="index-heading">impersonation attacks</div><a href="B9781597496278100066.xhtml#s0100">233</a></div><div class="index-item" id="idx3282"><div class="index-heading">information gathering attacks</div><a href="B9781597496278100066.xhtml#s0075">231</a></div><div class="index-item" id="idx3283"><div class="index-heading">isolated test lab</div><a href="B9781597496278100066.xhtml#p1370">256</a></div><div class="index-item" id="idx3284"><div class="index-heading">modern challenges</div><a href="B9781597496278100066.xhtml#s0020">221</a></div><div class="index-item" id="idx3285"><div class="index-heading">Mutillidae</div><a href="B9781597496278100017.xhtml#p0975">22</a></div><div class="index-item" id="idx3286"><div class="index-heading">Nikto</div><a href="B9781597496278100066.xhtml#s0120">236–238</a> , <a href="B9781597496278100066.xhtml#f0085">237f</a> , <a href="B9781597496278100066.xhtml#f0090">238f</a> , <a href="B9781597496278100066.xhtml#f0080">239f</a></div><div class="index-item" id="idx3287"><div class="index-heading">objective</div><a href="B9781597496278100066.xhtml#s0010">219–221</a></div><div class="index-item" id="idx3288"><div class="index-heading">parameter passing attacks</div><a href="B9781597496278100066.xhtml#s0105">233</a></div><div class="index-item" id="idx3289"><div class="index-heading">phishing</div><a href="B9781597496278100042.xhtml#s0060">147–149</a> , <a href="B9781597496278100042.xhtml#f0015">148f</a> , <a href="B9781597496278100042.xhtml#f0020">149f</a></div><div class="index-item" id="idx3290"><div class="index-heading">source code vulnerability example</div><a href="B9781597496278100066.xhtml#f0190">254f</a> , <a href="B9781597496278100066.xhtml#f0195">255f</a></div><div class="index-item" id="idx3291"><div class="index-heading">SQLix</div><a href="B9781597496278100066.xhtml#s0135">243–245</a> , <a href="B9781597496278100066.xhtml#f0120">245f</a></div><div class="index-item" id="idx3292"><div class="index-heading">sqlmap</div><a href="B9781597496278100066.xhtml#s0140">245</a> , <a href="B9781597496278100066.xhtml#f0130">246f</a></div><div class="index-item" id="idx3293"><div class="index-heading">testing approach</div><a href="B9781597496278100066.xhtml#s0040">224</a></div><div class="index-item" id="idx3294"><div class="index-heading">tools overview</div><a href="B9781597496278100066.xhtml#s0110">233–247</a></div><div class="index-item" id="idx3295"><div class="index-heading">vulnerabilities overview</div><a href="B9781597496278100066.xhtml#p0130">221–222</a></div><div class="index-item" id="idx3296"><div class="index-heading">WAFWOOF</div><a href="B9781597496278100066.xhtml#s0115">234–235</a> , <a href="B9781597496278100066.xhtml#f0075">235f</a></div></div><div class="index-item" id="idx3297"><div class="index-heading">Web forms</div><div class="index-item" id="idx3298"><div class="index-heading">basic forms</div><a href="B9781597496278100042.xhtml#s0055">147</a></div><div class="index-item" id="idx3299"><div class="index-heading">basic web applications</div><a href="B9781597496278100042.xhtml#s0060">147–149</a></div><div class="index-item" id="idx3300"><div class="index-heading">phishing</div><a href="B9781597496278100042.xhtml#s0050">146–149</a> , <a href="B9781597496278100042.xhtml#f0010">148f</a></div></div><div class="index-item" id="idx3301"><div class="index-heading">WebGoat</div><div class="index-item" id="idx3302"><div class="index-heading">configuration</div><a href="B9781597496278100017.xhtml#p0985">23</a></div><div class="index-item" id="idx3303"><div class="index-heading">penetration testing targets</div><a href="B9781597496278100017.xhtml#s0150">23</a></div></div><div class="index-item" id="idx3304"><div class="index-heading">Web servers</div><div class="index-item" id="idx3305"><div class="index-heading">basic approach</div><a href="B9781597496278100066.xhtml#s0025">221–224</a></div><div class="index-item" id="idx3306"><div class="index-heading">connection protocols</div><a href="B9781597496278100066.xhtml#p0080">219–220</a></div><div class="index-item" id="idx3307"><div class="index-heading">enterprise application hands-on challenge</div><a href="B9781597496278100054.xhtml#u0115">318</a></div><div class="index-item" id="idx3308"><div class="index-heading">enterprise applications</div><a href="B9781597496278100054.xhtml#p0190">297</a></div><div class="index-item" id="idx3309"><div class="index-heading">history of vulnerabilities</div><a href="B9781597496278100066.xhtml#s0015">220–221</a></div><div class="index-item" id="idx3310"><div class="index-heading">Httprint fingerprinting</div><a href="B9781597496278100030.xhtml#p0935">121</a></div><div class="index-item" id="idx3311"><div class="index-heading">internal penetration test case study</div><a href="B9781597496278100030.xhtml#p1370">131–132</a></div><div class="index-item" id="idx3312"><div class="index-heading">Nmap banner grabbing</div><a href="B9781597496278100030.xhtml#p0740">115–116</a></div><div class="index-item" id="idx3313"><div class="index-heading">Nmap ICMP options</div><a href="B9781597496278100030.xhtml#p0420">103</a></div><div class="index-item" id="idx3314"><div class="index-heading">objective</div><a href="B9781597496278100066.xhtml#s0010">219–221</a></div><div class="index-item" id="idx3315"><div class="index-heading">scanner results</div><a href="B9781597496278100066.xhtml#p0235">224</a></div><div class="index-item" id="idx3316"><div class="index-heading">traceroute footprinting</div><a href="B9781597496278100078.xhtml#p0330">267–268</a></div><div class="index-item" id="idx3317"><div class="index-heading">verification</div><a href="B9781597496278100029.xhtml#p2805">81</a></div><div class="index-item" id="idx3318"><div class="index-heading">vulnerabilities overview</div><a href="B9781597496278100066.xhtml#f0010">222f</a> , <a href="B9781597496278100066.xhtml#p0130">221–222</a></div></div><div class="index-item" id="idx3319"><div class="index-heading">Web server testing</div><div class="index-item" id="idx3320"><div class="index-heading">basic approach</div><a href="B9781597496278100066.xhtml#s0030">222–223</a></div><div class="index-item" id="idx3321"><div class="index-heading">case study</div><div class="index-item" id="idx3322"><div class="index-heading">home page screenshot</div><a href="B9781597496278100066.xhtml#f0155">250f</a></div><div class="index-item" id="idx3323"><div class="index-heading">login page screenshot</div><a href="B9781597496278100066.xhtml#f0175">252f</a></div><div class="index-item" id="idx3324"><div class="index-heading">Nikto scan</div><a href="B9781597496278100066.xhtml#f0165">251f</a> , <a href="B9781597496278100066.xhtml#p1320">249</a></div><div class="index-item" id="idx3325"><div class="index-heading">Nmap scan</div><a href="B9781597496278100066.xhtml#p1295">248</a> , <a href="B9781597496278100066.xhtml#f0145">248f</a></div><div class="index-item" id="idx3326"><div class="index-heading">Nmap service scan</div><a href="B9781597496278100066.xhtml#f0150">249f</a></div><div class="index-item" id="idx3327"><div class="index-heading">overview</div><a href="B9781597496278100066.xhtml#s0150">247–255</a></div><div class="index-item" id="idx3328"><div class="index-heading">phpMyAdmin screenshot</div><a href="B9781597496278100066.xhtml#f0170">251f</a></div><div class="index-item" id="idx3329"><div class="index-heading">source code vulnerability</div><a href="B9781597496278100066.xhtml#f0190">254f</a> , <a href="B9781597496278100066.xhtml#f0195">255f</a></div><div class="index-item" id="idx3330"><div class="index-heading">SQL injection check</div><a href="B9781597496278100066.xhtml#p1340">252</a> , <a href="B9781597496278100066.xhtml#f0185">253f</a></div><div class="index-item" id="idx3331"><div class="index-heading">sqlmap</div><a href="B9781597496278100066.xhtml#p1360">254–255</a></div><div class="index-item" id="idx3332"><div class="index-heading">WAFWOOF</div><a href="B9781597496278100066.xhtml#p1315">249</a> , <a href="B9781597496278100066.xhtml#f0160">250f</a></div></div><div class="index-item" id="idx3333"><div class="index-heading">CGI and default page exploitations</div><a href="B9781597496278100066.xhtml#s0065">230</a></div><div class="index-item" id="idx3334"><div class="index-heading">core technologies</div><a href="B9781597496278100066.xhtml#s0045">224–233</a></div><div class="index-item" id="idx3335"><div class="index-heading">DirBuster</div><a href="B9781597496278100066.xhtml#p1255">245</a> , <a href="B9781597496278100066.xhtml#f0135">247f</a></div><div class="index-item" id="idx3336"><div class="index-heading">exploit basics</div><a href="B9781597496278100066.xhtml#s0050">225–230</a></div><div class="index-item" id="idx3337"><div class="index-heading">heap-based overflows</div><a href="B9781597496278100066.xhtml#s0060">229–230</a> , <a href="B9781597496278100066.xhtml#f0065">230f</a></div><div class="index-item" id="idx3338"><div class="index-heading">name-based virtual hosting</div><a href="B9781597496278100066.xhtml#p1015">239</a></div><div class="index-item" id="idx3339"><div class="index-heading">Nikto</div><a href="B9781597496278100066.xhtml#s0120">236–238</a> , <a href="B9781597496278100066.xhtml#f0085">237f</a> , <a href="B9781597496278100066.xhtml#f0090">238f</a> , <a href="B9781597496278100066.xhtml#f0080">239f</a></div><div class="index-item" id="idx3340"><div class="index-heading">stack-based overflows</div><div class="index-item" id="idx3341"><div class="index-heading">basic considerations</div><a href="B9781597496278100066.xhtml#s0055">225–229</a></div><div class="index-item" id="idx3342"><div class="index-heading">buffer push</div><a href="B9781597496278100066.xhtml#f0050">228f</a></div><div class="index-item" id="idx3343"><div class="index-heading">example</div><a href="B9781597496278100066.xhtml#f0060">229f</a></div><div class="index-item" id="idx3344"><div class="index-heading">inverted stack</div><a href="B9781597496278100066.xhtml#f0040">227f</a></div><div class="index-item" id="idx3345"><div class="index-heading">POP element removal</div><a href="B9781597496278100066.xhtml#f0030">226f</a> , <a href="B9781597496278100066.xhtml#f0035">227f</a></div><div class="index-item" id="idx3346"><div class="index-heading">PUSH C</div><a href="B9781597496278100066.xhtml#f0020">226f</a></div><div class="index-item" id="idx3347"><div class="index-heading">PUSH D</div><a href="B9781597496278100066.xhtml#f0025">226f</a></div><div class="index-item" id="idx3348"><div class="index-heading">saved EIP</div><a href="B9781597496278100066.xhtml#f0045">228f</a></div><div class="index-item" id="idx3349"><div class="index-heading">simple stack</div><a href="B9781597496278100066.xhtml#f0015">225f</a></div><div class="index-item" id="idx3350"><div class="index-heading">strcpy function</div><a href="B9781597496278100066.xhtml#f0055">229f</a></div></div><div class="index-item" id="idx3351"><div class="index-heading">tools overview</div><a href="B9781597496278100066.xhtml#s0110">233–238</a></div></div><div class="index-item" id="idx3352"><div class="index-heading">Web services</div><div class="index-item" id="idx3353"><div class="index-heading">enterprise application integration</div><a href="B9781597496278100054.xhtml#s0050">296</a></div><div class="index-item" id="idx3354"><div class="index-heading">soapUI enterprise application testing</div><a href="B9781597496278100054.xhtml#p0670">308–309</a> , <a href="B9781597496278100054.xhtml#p0015">313</a></div></div><div class="index-item" id="idx3355"><div class="index-heading">Web Services Definition Language (WSDL)</div><div class="index-item" id="idx3356"><div class="index-heading">data example</div><a href="B9781597496278100054.xhtml#p0440">307</a></div><div class="index-item" id="idx3357"><div class="index-heading">soapUI enterprise application testing</div><a href="B9781597496278100054.xhtml#p0420">306</a></div></div><div class="index-item" id="idx3358"><div class="index-heading">Web Services Description Language (WSDL), enterprise application web services</div><a href="B9781597496278100054.xhtml#p0160">296</a></div><div class="index-item" id="idx3359"><div class="index-heading">Web sites</div><div class="index-item" id="idx3360"><div class="index-heading">human recon</div><a href="B9781597496278100029.xhtml#s0225">69–70</a></div><div class="index-item" id="idx3361"><div class="index-heading">individually targeted phishing</div><a href="B9781597496278100042.xhtml#p0095">143</a></div><div class="index-item" id="idx3362"><div class="index-heading">professional phishing</div><a href="B9781597496278100042.xhtml#p0150">144</a></div><div class="index-item" id="idx3363"><div class="index-heading">verification</div><a href="B9781597496278100029.xhtml#s0300">81–82</a> , <a href="B9781597496278100029.xhtml#f0135">81f</a> , <a href="B9781597496278100029.xhtml#f0140">82f</a></div></div><div class="index-item" id="idx3364"><div class="index-heading">Web User Interface (WUI), NST</div><a href="B9781597496278100017.xhtml#p0855">17</a></div><div class="index-item" id="idx3365"><div class="index-heading">WEP</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3432">Wired Equivalent Privacy (WEP)</a></div></div><div class="index-item" id="idx3366"><div class="index-heading">Whisker, CGI exploitation</div><a href="B9781597496278100066.xhtml#p0515">230</a></div><div class="index-item" id="idx3367"><div class="index-heading">WHOIS</div><div class="index-item" id="idx3368"><div class="index-heading">external penetration test</div><a href="B9781597496278100030.xhtml#p1335">129</a></div><div class="index-item" id="idx3369"><div class="index-heading">footprinting</div><a href="B9781597496278100029.xhtml#s0120">53</a> , <a href="B9781597496278100029.xhtml#s0170">59–60</a><div class="index-item" id="idx3370"><div class="index-heading">basic information</div><a href="B9781597496278100029.xhtml#f0080">60f</a></div><div class="index-item" id="idx3371"><div class="index-heading">command-line flags</div><a href="B9781597496278100029.xhtml#t0020">60t</a></div><div class="index-item" id="idx3372"><div class="index-heading">dnsenum.pl</div><a href="B9781597496278100029.xhtml#p1260">62–64</a></div><div class="index-item" id="idx3373"><div class="index-heading">sample information</div><a href="B9781597496278100029.xhtml#f0085">61f</a></div></div><div class="index-item" id="idx3374"><div class="index-heading">intelligence gathering case study</div><a href="B9781597496278100029.xhtml#p3025">86</a> , <a href="B9781597496278100029.xhtml#f0160">86f</a> , <a href="B9781597496278100029.xhtml#p3050">87</a> , <a href="B9781597496278100029.xhtml#p3130">88</a></div><div class="index-item" id="idx3375"><div class="index-heading">TLDs</div><a href="B9781597496278100029.xhtml#p0365">39</a></div><div class="index-item" id="idx3376"><div class="index-heading">verification</div><a href="B9781597496278100029.xhtml#p2595">74–75</a> , <a href="B9781597496278100029.xhtml#p2635">76</a> , <a href="B9781597496278100029.xhtml#s0285">77–78</a><div class="index-item" id="idx3377"><div class="index-heading">banners and web sites</div><a href="B9781597496278100029.xhtml#p2810">81</a></div><div class="index-item" id="idx3378"><div class="index-heading">case study</div><a href="B9781597496278100029.xhtml#p3165">90–91</a></div><div class="index-item" id="idx3379"><div class="index-heading">IP WHOIS</div><a href="B9781597496278100029.xhtml#s0320">83</a> , <a href="B9781597496278100029.xhtml#f0150">83f</a></div><div class="index-item" id="idx3380"><div class="index-heading">RIRs</div><a href="B9781597496278100029.xhtml#p2835">82</a></div></div></div><div class="index-item" id="idx3381"><div class="index-heading">WHOIS proxies, footprinting</div><a href="B9781597496278100029.xhtml#p1005">53</a> , <a href="B9781597496278100029.xhtml#s0175">60</a> , <a href="B9781597496278100029.xhtml#f0090">62f</a></div><div class="index-item" id="idx3382"><div class="index-heading">WHOIS server, footprinting</div><a href="B9781597496278100029.xhtml#p1000">53</a></div><div class="index-item" id="idx3383"><div class="index-heading">Wide area network (WAN), UDP scanning time</div><a href="B9781597496278100030.xhtml#p0480">107</a></div><div class="index-item" id="idx3384"><div class="index-heading">Wiffy</div><div class="index-item" id="idx3385"><div class="index-heading">manual WEP cracking</div><a href="B9781597496278100054.xhtml#p0015">357</a></div><div class="index-item" id="idx3386"><div class="index-heading">wireless exploitation</div><a href="B9781597496278100054.xhtml#p0100">357</a> , <a href="B9781597496278100054.xhtml#p0190">357f</a></div></div><div class="index-item" id="idx3387"><div class="index-heading">Wi-Fi Protected Access (WPA)</div><div class="index-item" id="idx3388"><div class="index-heading">Airdecap-ng</div><a href="B9781597496278100054.xhtml#p0040">347</a></div><div class="index-item" id="idx3389"><div class="index-heading">clients for attack</div><a href="B9781597496278100054.xhtml#p0020">358</a></div><div class="index-item" id="idx3390"><div class="index-heading">Kismet</div><a href="B9781597496278100054.xhtml#u0130">335</a></div><div class="index-item" id="idx3391"><div class="index-heading">WLAN attacks</div><a href="B9781597496278100054.xhtml#s0090">330</a></div><div class="index-item" id="idx3392"><div class="index-heading">WLAN encryption</div><a href="B9781597496278100054.xhtml#s0065">327–328</a></div><div class="index-item" id="idx3393"><div class="index-heading">WLAN <i>vulnerabilities</i></div><a href="B9781597496278100054.xhtml#p0110">321–322</a></div></div><div class="index-item" id="idx3394"><div class="index-heading">Wi-Fi Protected Access 2 (WPA2)</div><div class="index-item" id="idx3395"><div class="index-heading">WLAN encryption</div><a href="B9781597496278100054.xhtml#s0065">327–328</a></div><div class="index-item" id="idx3396"><div class="index-heading">WLAN <i>vulnerabilities</i></div><a href="B9781597496278100054.xhtml#p0120">322</a></div></div><div class="index-item" id="idx3397"><div class="index-heading">Wi-Fi Protected Access 2-Enterprise (WPA2), wireless penetration case study</div><a href="B9781597496278100054.xhtml#p0020">368</a></div><div class="index-item" id="idx3398"><div class="index-heading">Wi-Fi Protected Access-Pre-Shared Key (WPA-PSK)</div><div class="index-item" id="idx3399"><div class="index-heading">CoWPAtty</div><a href="B9781597496278100054.xhtml#p0015">358</a></div><div class="index-item" id="idx3400"><div class="index-heading">wireless penetration testing</div><a href="B9781597496278100054.xhtml#p0085">320</a></div><div class="index-item" id="idx3401"><div class="index-heading">WLAN <i>vulnerabilities</i></div><a href="B9781597496278100054.xhtml#p0135">322</a></div><div class="index-item" id="idx3402"><div class="index-heading">WPA/WPA2 encryption</div><a href="B9781597496278100054.xhtml#p0275">327–328</a></div></div><div class="index-item" id="idx3403"><div class="index-heading">Wi-Fi Protected Access 2-Pre-Shared Key (WPA2-PSK), wireless penetration case study</div><a href="B9781597496278100054.xhtml#p0030">368</a></div><div class="index-item" id="idx3404"><div class="index-heading">Wi-Fi Protected Access-Remote Authentication Dial-in User Service (WPA-RADIUS)</div><div class="index-item" id="idx3405"><div class="index-heading">WLAN attacks</div><a href="B9781597496278100054.xhtml#p0390">330</a></div><div class="index-item" id="idx3406"><div class="index-heading">WPA/WPA2 encryption</div><a href="B9781597496278100054.xhtml#p0275">327–328</a></div></div><div class="index-item" id="idx3407"><div class="index-heading">WiGLE.net</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3450">Wireless Geographic Logging Engine (WiGLE.net)</a></div></div><div class="index-item" id="idx3408"><div class="index-heading">Windows 7</div><div class="index-item" id="idx3409"><div class="index-heading">bootable USB drives</div><a href="B9781597496278100017.xhtml#s0050">6–7</a></div><div class="index-item" id="idx3410"><div class="index-heading">LiveCD ISO images</div><a href="B9781597496278100017.xhtml#p0270">6</a></div></div><div class="index-item" id="idx3411"><div class="index-heading">Windows 2003 Server system</div><div class="index-item" id="idx3412"><div class="index-heading">enterprise application case study</div><a href="B9781597496278100054.xhtml#p0300">314</a></div><div class="index-item" id="idx3413"><div class="index-heading">internal penetration test case study</div><a href="B9781597496278100030.xhtml#p1370">131–132</a></div></div><div class="index-item" id="idx3414"><div class="index-heading">Windows NT4 server, vulnerabilities overview</div><a href="B9781597496278100066.xhtml#p0130">221–222</a></div><div class="index-item" id="idx3415"><div class="index-heading">Windows operating systems</div><div class="index-item" id="idx3416"><div class="index-heading">bootable USB drives</div><a href="B9781597496278100017.xhtml#p0295">6</a></div><div class="index-item" id="idx3417"><div class="index-heading">dictionary/word list file format issues</div><a href="B9781597496278100054.xhtml#p0060">359</a></div><div class="index-item" id="idx3418"><div class="index-heading">LiveCD creation</div><a href="B9781597496278100017.xhtml#p0165">4</a><div class="index-item" id="idx3419"><div class="index-heading">BartPE Builder</div><a href="B9781597496278100017.xhtml#s0075">9–11</a></div><div class="index-item" id="idx3420"><div class="index-heading">UNetbootin</div><a href="B9781597496278100017.xhtml#p0555">11</a></div></div><div class="index-item" id="idx3421"><div class="index-heading">Microsoft SQL Server, users</div><a href="B9781597496278100054.xhtml#p0190">194</a></div><div class="index-item" id="idx3422"><div class="index-heading">Nbtscan</div><a href="B9781597496278100030.xhtml#p1240">127–128</a></div><div class="index-item" id="idx3423"><div class="index-heading">Netstat enterprise application testing</div><a href="B9781597496278100054.xhtml#p0340">301</a></div><div class="index-item" id="idx3424"><div class="index-heading">Nmap OS fingerprinting</div><a href="B9781597496278100030.xhtml#p0735">115</a></div><div class="index-item" id="idx3425"><div class="index-heading">pen-test lab case study</div><a href="B9781597496278100108.xhtml#p0870">397</a></div><div class="index-item" id="idx3426"><div class="index-heading">toolkit building</div><a href="B9781597496278100017.xhtml#p0080">2</a></div><div class="index-item" id="idx3427"><div class="index-heading">VirtualBox</div><a href="B9781597496278100108.xhtml#p0795">395</a></div><div class="index-item" id="idx3428"><div class="index-heading">web server testing case study</div><a href="B9781597496278100066.xhtml#p1305">248</a></div></div><div class="index-item" id="idx3429"><div class="index-heading">Windows Vista, bootable USB drives</div><a href="B9781597496278100017.xhtml#s0050">6–7</a></div><div class="index-item" id="idx3430"><div class="index-heading">Windows XP, Nmap OS fingerprinting</div><a href="B9781597496278100030.xhtml#f0050">116f</a></div><div class="index-item" id="idx3431"><div class="index-heading">Windows XPE plugin, BartPE Builder</div><a href="B9781597496278100017.xhtml#p0550">10</a></div><div class="index-item" id="idx3432"><div class="index-heading">Wired Equivalent Privacy (WEP)</div><div class="index-item" id="idx3433"><div class="index-heading">Aircrack-ng</div><a href="B9781597496278100054.xhtml#p0060">347</a> , <a href="B9781597496278100054.xhtml#p0410">355</a></div><div class="index-item" id="idx3434"><div class="index-heading">Aircrack-ng suite</div><a href="B9781597496278100054.xhtml#p0020">346</a></div><div class="index-item" id="idx3435"><div class="index-heading">Airdecap-ng</div><a href="B9781597496278100054.xhtml#p0040">347</a></div><div class="index-item" id="idx3436"><div class="index-heading">Aireplay-ng</div><a href="B9781597496278100054.xhtml#p0040">347</a></div><div class="index-item" id="idx3437"><div class="index-heading">cracking and data flow</div><a href="B9781597496278100054.xhtml#p0060">348</a></div><div class="index-item" id="idx3438"><div class="index-heading">exploitation tools, basic steps</div><a href="B9781597496278100054.xhtml#p0910">344</a></div><div class="index-item" id="idx3439"><div class="index-heading">Kismet</div><a href="B9781597496278100054.xhtml#u0130">335</a></div><div class="index-item" id="idx3440"><div class="index-heading">manual cracking</div><a href="B9781597496278100054.xhtml#p0015">357</a></div><div class="index-item" id="idx3441"><div class="index-heading">pen-test lab design</div><a href="B9781597496278100108.xhtml#p0110">373</a></div><div class="index-item" id="idx3442"><div class="index-heading">WEP cloaking definition</div><a href="B9781597496278100054.xhtml#p0160">323</a></div><div class="index-item" id="idx3443"><div class="index-heading">wireless penetration hands-on challenge</div><a href="B9781597496278100054.xhtml#p0030">369–370</a></div><div class="index-item" id="idx3444"><div class="index-heading">wireless penetration testing</div><a href="B9781597496278100054.xhtml#p0085">320</a></div><div class="index-item" id="idx3445"><div class="index-heading">WLAN attacks</div><a href="B9781597496278100054.xhtml#s0085">328–330</a></div><div class="index-item" id="idx3446"><div class="index-heading">WLAN encryption</div><a href="B9781597496278100054.xhtml#s0060">327</a></div><div class="index-item" id="idx3447"><div class="index-heading">WLAN <i>vulnerabilities</i></div><a href="B9781597496278100054.xhtml#p0130">321–322</a></div><div class="index-item" id="idx3448"><div class="index-heading"><i>vs.</i> WPA-PSK exploitation</div><a href="B9781597496278100054.xhtml#p0015">358</a></div></div><div class="index-item" id="idx3449"><div class="index-heading">Wireless card, choosing</div><a href="B9781597496278100054.xhtml#p0220">326</a></div><div class="index-item" id="idx3450"><div class="index-heading">Wireless Geographic Logging Engine (WiGLE.net)</div><div class="index-item" id="idx3451"><div class="index-heading">CoWPAtty</div><a href="B9781597496278100054.xhtml#p0040">359</a></div><div class="index-item" id="idx3452"><div class="index-heading">wireless penetration testing</div><a href="B9781597496278100054.xhtml#s0120">333</a></div></div><div class="index-item" id="idx3453"><div class="index-heading">Wireless Local Area Networks (WLANs)</div><div class="index-item" id="idx3454"><div class="index-heading">Airmon-ng</div><a href="B9781597496278100054.xhtml#p0035">341</a></div><div class="index-item" id="idx3455"><div class="index-heading">antenna choice</div><a href="B9781597496278100054.xhtml#s0045">325–326</a></div><div class="index-item" id="idx3456"><div class="index-heading">attack types</div><a href="B9781597496278100054.xhtml#s0080">328–332</a></div><div class="index-item" id="idx3457"><div class="index-heading"><i>vs.</i> Bluetooth vulnerabilities</div><a href="B9781597496278100054.xhtml#p0060">362</a></div><div class="index-item" id="idx3458"><div class="index-heading">core technologies</div><a href="B9781597496278100054.xhtml#s0020">321–332</a></div><div class="index-item" id="idx3459"><div class="index-heading">EAPOL four-way handshake</div><a href="B9781597496278100054.xhtml#f0010">331f</a></div><div class="index-item" id="idx3460"><div class="index-heading">encryption options</div><div class="index-item" id="idx3461"><div class="index-heading">EAP</div><a href="B9781597496278100054.xhtml#s0070">328</a></div><div class="index-item" id="idx3462"><div class="index-heading">no encryption</div><a href="B9781597496278100054.xhtml#s0055">327</a></div><div class="index-item" id="idx3463"><div class="index-heading">overview</div><a href="B9781597496278100054.xhtml#s0050">327–328</a></div><div class="index-item" id="idx3464"><div class="index-heading">VPN</div><a href="B9781597496278100054.xhtml#s0075">328</a></div><div class="index-item" id="idx3465"><div class="index-heading">WEP</div><a href="B9781597496278100054.xhtml#s0060">327</a></div><div class="index-item" id="idx3466"><div class="index-heading">WPA/WPA2</div><a href="B9781597496278100054.xhtml#s0065">327–328</a></div></div><div class="index-item" id="idx3467"><div class="index-heading">example map</div><a href="B9781597496278100054.xhtml#p0045">368f</a></div><div class="index-item" id="idx3468"><div class="index-heading">information-gathering tools</div><div class="index-item" id="idx3469"><div class="index-heading">Google</div><a href="B9781597496278100054.xhtml#p0440">333</a></div><div class="index-item" id="idx3470"><div class="index-heading">Kismet</div><a href="B9781597496278100054.xhtml#f0015">333–334</a> , <a href="B9781597496278100054.xhtml#p0465">334f</a></div><div class="index-item" id="idx3471"><div class="index-heading">overview</div><a href="B9781597496278100054.xhtml#p0435">332–333</a></div></div><div class="index-item" id="idx3472"><div class="index-heading">LEAP attacks</div><a href="B9781597496278100054.xhtml#s0095">330–331</a></div><div class="index-item" id="idx3473"><div class="index-heading">VPN attacks</div><a href="B9781597496278100054.xhtml#f0010">331f</a></div><div class="index-item" id="idx3474"><div class="index-heading">vulnerabilities overview</div><a href="B9781597496278100054.xhtml#s0025">321–322</a></div><div class="index-item" id="idx3475"><div class="index-heading">vulnerability assessment tool</div><a href="B9781597496278100054.xhtml#p0895">342–343</a></div><div class="index-item" id="idx3476"><div class="index-heading">vulnerability evolution</div><a href="B9781597496278100054.xhtml#s0030">322–324</a></div><div class="index-item" id="idx3477"><div class="index-heading">WEP attack</div><a href="B9781597496278100054.xhtml#s0080">328–332</a></div><div class="index-item" id="idx3478"><div class="index-heading">WPA attacks</div><a href="B9781597496278100054.xhtml#s0090">330</a></div></div><div class="index-item" id="idx3479"><div class="index-heading">Wireless networking utilities, Live Hacking CD</div><a href="B9781597496278100017.xhtml#u0335">15</a></div><div class="index-item" id="idx3480"><div class="index-heading">Wireless penetration testing</div><div class="index-item" id="idx3481"><div class="index-heading">basic approach</div><a href="B9781597496278100054.xhtml#s0015">320–321</a></div><div class="index-item" id="idx3482"><div class="index-heading">Bluetooth</div><div class="index-item" id="idx3483"><div class="index-heading">discovery</div><a href="B9781597496278100054.xhtml#p0205">362–365</a> , <a href="B9781597496278100054.xhtml#p0130">364f</a> , <a href="B9781597496278100054.xhtml#f0035">365f</a></div><div class="index-item" id="idx3484"><div class="index-heading">dongle configuration</div><a href="B9781597496278100054.xhtml#p0125">363f</a></div><div class="index-item" id="idx3485"><div class="index-heading">future development</div><a href="B9781597496278100054.xhtml#p0215">366</a></div><div class="index-item" id="idx3486"><div class="index-heading">vulnerabilities</div><a href="B9781597496278100054.xhtml#p0020">362–367</a></div></div><div class="index-item" id="idx3487"><div class="index-heading">case study</div><a href="B9781597496278100054.xhtml#p0020">367–369</a> , <a href="B9781597496278100054.xhtml#p0040">367f</a> , <a href="B9781597496278100054.xhtml#p0045">368f</a> , <a href="B9781597496278100054.xhtml#p0150">369f</a></div><div class="index-item" id="idx3488"><div class="index-heading">core technologies</div><a href="B9781597496278100054.xhtml#s0020">321–332</a></div><div class="index-item" id="idx3489"><div class="index-heading">discovery</div><a href="B9781597496278100054.xhtml#s0040">325–326</a></div><div class="index-item" id="idx3490"><div class="index-heading">EAPOL four-way handshake</div><a href="B9781597496278100054.xhtml#f0010">331f</a></div><div class="index-item" id="idx3491"><div class="index-heading">enumeration tools</div><a href="B9781597496278100054.xhtml#p0155">342</a></div><div class="index-item" id="idx3492"><div class="index-heading">exploitation tools</div><div class="index-item" id="idx3493"><div class="index-heading">Aircrack-ng suite</div><a href="B9781597496278100054.xhtml#p0185">346–348</a> , <a href="B9781597496278100054.xhtml#p0100">356f</a></div><div class="index-item" id="idx3494"><div class="index-heading">Aireplay-ng</div><a href="B9781597496278100054.xhtml#p0180">345–346</a> , <a href="B9781597496278100054.xhtml#f0060">347f</a> , <a href="B9781597496278100054.xhtml#f0070">350f</a> , <a href="B9781597496278100054.xhtml#f0075">351f</a> , <a href="B9781597496278100054.xhtml#f0085">353f</a> , <a href="B9781597496278100054.xhtml#f0090">354f</a></div><div class="index-item" id="idx3495"><div class="index-heading">Aireplay-ng chopchop attack</div><a href="B9781597496278100054.xhtml#f0075">351f</a></div><div class="index-item" id="idx3496"><div class="index-heading">Airodump-ng interactive packet replay results</div><a href="B9781597496278100054.xhtml#p0095">355f</a></div><div class="index-item" id="idx3497"><div class="index-heading">Airodump-ng packet capture</div><a href="B9781597496278100054.xhtml#f0065">349f</a></div><div class="index-item" id="idx3498"><div class="index-heading">CoWPAtty</div><a href="B9781597496278100054.xhtml#p0095">358–361</a> , <a href="B9781597496278100054.xhtml#p0110">358f</a> , <a href="B9781597496278100054.xhtml#p0115">360f</a> , <a href="B9781597496278100054.xhtml#p0120">361f</a></div><div class="index-item" id="idx3499"><div class="index-heading">ifconfig</div><a href="B9781597496278100054.xhtml#p0175">345</a></div><div class="index-item" id="idx3500"><div class="index-heading">macchanger</div><a href="B9781597496278100054.xhtml#p0170">344–345</a> , <a href="B9781597496278100054.xhtml#f0055">345f</a></div><div class="index-item" id="idx3501"><div class="index-heading">overview</div><a href="B9781597496278100054.xhtml#p0165">343–361</a></div><div class="index-item" id="idx3502"><div class="index-heading">wiffy</div><a href="B9781597496278100054.xhtml#p0190">357</a> , <a href="B9781597496278100054.xhtml#p0100">357f</a></div></div><div class="index-item" id="idx3503"><div class="index-heading">footprinting tools</div><div class="index-item" id="idx3504"><div class="index-heading">Google Earth map</div><a href="B9781597496278100054.xhtml#f0050">343f</a></div><div class="index-item" id="idx3505"><div class="index-heading">GpsDrive</div><a href="B9781597496278100054.xhtml#s0145">340–341</a></div><div class="index-item" id="idx3506"><div class="index-heading">GPSMap-Expedia</div><a href="B9781597496278100054.xhtml#s0140">339–340</a> , <a href="B9781597496278100054.xhtml#f0040">340f</a></div><div class="index-item" id="idx3507"><div class="index-heading">gpsmap/kismap</div><a href="B9781597496278100054.xhtml#s0135">338–339</a></div><div class="index-item" id="idx3508"><div class="index-heading">netxml2kml/Google Earth</div><a href="B9781597496278100054.xhtml#p0150">341–342</a> , <a href="B9781597496278100054.xhtml#f0045">342f</a></div><div class="index-item" id="idx3509"><div class="index-heading">overview</div><a href="B9781597496278100054.xhtml#s0130">338–342</a></div></div><div class="index-item" id="idx3510"><div class="index-heading">hands-on challenge</div><a href="B9781597496278100054.xhtml#p0225">369–370</a></div><div class="index-item" id="idx3511"><div class="index-heading">information-gathering tools</div><div class="index-item" id="idx3512"><div class="index-heading">Google</div><a href="B9781597496278100054.xhtml#s0115">333</a></div><div class="index-item" id="idx3513"><div class="index-heading">Kismet</div><a href="B9781597496278100054.xhtml#s0125">333–338</a> , <a href="B9781597496278100054.xhtml#f0015">334f</a> , <a href="B9781597496278100054.xhtml#f0020">335f</a> , <a href="B9781597496278100054.xhtml#f0025">336f</a> , <a href="B9781597496278100054.xhtml#f0030">337f</a> , <a href="B9781597496278100054.xhtml#f0035">338f</a></div><div class="index-item" id="idx3514"><div class="index-heading">overview</div><a href="B9781597496278100054.xhtml#s0110">333–338</a></div><div class="index-item" id="idx3515"><div class="index-heading">WiGLE.net</div><a href="B9781597496278100054.xhtml#s0120">333</a></div></div><div class="index-item" id="idx3516"><div class="index-heading">lab design</div><a href="B9781597496278100108.xhtml#f0010">374f</a></div><div class="index-item" id="idx3517"><div class="index-heading">LEAP attacks</div><a href="B9781597496278100054.xhtml#s0095">330–331</a></div><div class="index-item" id="idx3518"><div class="index-heading">objective</div><a href="B9781597496278100054.xhtml#s0010">319–320</a></div><div class="index-item" id="idx3519"><div class="index-heading">OSWA-Assistant</div><a href="B9781597496278100017.xhtml#p0835">16</a></div><div class="index-item" id="idx3520"><div class="index-heading">pen-test lab network isolation</div><a href="B9781597496278100108.xhtml#p0160">375</a></div><div class="index-item" id="idx3521"><div class="index-heading">tools</div><a href="B9781597496278100054.xhtml#s0035">324–332</a></div><div class="index-item" id="idx3522"><div class="index-heading">vulnerability assessment tool</div><a href="B9781597496278100054.xhtml#p0160">342–343</a></div><div class="index-item" id="idx3523"><div class="index-heading">WEP attack</div><a href="B9781597496278100054.xhtml#s0085">328–332</a></div><div class="index-item" id="idx3524"><div class="index-heading">WLAN</div><div class="index-item" id="idx3525"><div class="index-heading">attacks</div><a href="B9781597496278100054.xhtml#s0080">328–332</a></div><div class="index-item" id="idx3526"><div class="index-heading">encryption</div><a href="B9781597496278100054.xhtml#s0050">327–328</a></div><div class="index-item" id="idx3527"><div class="index-heading">vulnerabilities</div><a href="B9781597496278100054.xhtml#s0025">321–322</a></div><div class="index-item" id="idx3528"><div class="index-heading">vulnerability evolution</div><a href="B9781597496278100054.xhtml#s0030">322–324</a></div></div><div class="index-item" id="idx3529"><div class="index-heading">WPA attacks</div><a href="B9781597496278100054.xhtml#s0090">330</a></div></div><div class="index-item" id="idx3530"><div class="index-heading">WLANs</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3453">Wireless Local Area Networks (WLANs)</a></div></div><div class="index-item" id="idx3531"><div class="index-heading">Worms</div><div class="index-item" id="idx3532"><div class="index-heading">Blaster</div><a href="B9781597496278100108.xhtml#p0345">381</a></div><div class="index-item" id="idx3533"><div class="index-heading">first worm</div><a href="B9781597496278100108.xhtml#p0140">374</a></div><div class="index-item" id="idx3534"><div class="index-heading">Microsoft SQL Spida Worm</div><a href="B9781597496278100054.xhtml#p0200">194</a></div><div class="index-item" id="idx3535"><div class="index-heading">Nimda</div><a href="B9781597496278100030.xhtml#p1235">127</a> , <a href="B9781597496278100066.xhtml#p0105">220–221</a></div><div class="index-item" id="idx3536"><div class="index-heading">Slapper worm, web server history</div><a href="B9781597496278100066.xhtml#p0105">220–221</a></div><div class="index-item" id="idx3537"><div class="index-heading">SMB considerations</div><a href="B9781597496278100030.xhtml#p1235">127</a></div><div class="index-item" id="idx3538"><div class="index-heading">web server history</div><a href="B9781597496278100066.xhtml#p0105">220–221</a></div></div><div class="index-item" id="idx3539"><div class="index-heading">WPA</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3387">Wi-Fi Protected Access (WPA)</a></div></div><div class="index-item" id="idx3540"><div class="index-heading">WPA2</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3394">Wi-Fi Protected Access 2 (WPA2)</a></div></div><div class="index-item" id="idx3541"><div class="index-heading">WPA-PSK</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3398">Wi-Fi Protected Access-Pre-Shared Key (WPA-PSK)</a></div></div><div class="index-item" id="idx3542"><div class="index-heading">WSDL</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3358">Web Services Description Language (WSDL)</a></div></div><div class="index-item" id="idx3543"><div class="index-heading">WUI</div><div class="see-also"><i>see</i><a href="B9781597496278100182-25.xhtml#idx3364">Web User Interface (WUI)</a></div></div></div></body></html>