Set up Your Penetration Testing Lab for Web Application Security Testing

April 11, 2017 | Views: 6827

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

To excel at penetration testing, you need to have your lab for practice/research. I would suggest you to use virtual machines which are free in the market. I would go with VMware Workstation rather than Virtualbox, it’s just my personal option. You can choose any one.

Downloads

1. VMware Workstation
Click here to download VMware Workstation

2. Kali Linux iso
Click here to download Kali Linux Iso

3. Bee-box
Click here to download bee-box

Why we need Bee-Box

For web application penetration testing we often need a vulnerable application to exploit. We cannot exploit on our operating system instead we need a dummy server. So this bee-box comes in handy and it is a custom Linux VMware virtual machine pre-installed with bWAPPBee-box gives you several ways to hack and deface the bWAPP website. This helps security enthusiasts to discover and prevent the issues.There are quite many features in this virtual machine which you will see it once it’s been installed.

Installation

  1. First, you need to install VMware in your system. It’s quite easy to install VMware by clicking on ‘Next‘ buttons with default selected options.

  2. Now it’s time to install Kali Linux OS on your workstation. Just follow the steps mentioned in the article ‘set up Kali Linux

  3. Extract bee-box now. You should see a file ‘bee-box’ with (.vmx extension) as shown below. Just double click on it.

    Beebox1
    You should see your Vmware setting up your server. Isn’t it simple?
    By the way Default user and password: ‘bee‘ and ‘bug‘. And now you should see a screen just like below

002

Okay now click on the terminal icon and type ‘ifconfig‘ command to get your server address.
0003

Now open your browser in your windows machine and type the http://server IP Address/bWAPP/login.php(ex: http://192.168.0.4/bWAPP/login.php)

05

That’s it! Your lab with a vulnerable application is now ready to hack.

Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
11 Comments
  1. its a new knowledge for me thanks for sharing

  2. Thanks!!!!!!!!!!

  3. Not heard of bee-box, will take a look. Ta.

  4. That’s great information. Thanks for sharing

Page 1 of 212»
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel