Home 0P3N Blog Practical Web Application Penetration Testing Series
Ready to Start Your Career?
Create Free Account
By: Babak Esmaeili
September 16, 2016

Practical Web Application Penetration Testing Series

By: Babak Esmaeili
September 16, 2016
By: Babak Esmaeili
September 16, 2016

Hello Friends,

Today, I'm gonna start series of how to do Practical Web Application Penetration Testing  on an online website in black box mode. For pentesting a website, we need to perform the following steps:

  1. Find the technology and the programming language used. 
  2. Find all sub-domains that exist for the website and repeat number 1 for them too (very important: these sub-domains usually are less interactive with users, so programmers don’t pay much attention to their security).
  3. Test every input including the header and the body of the web pages in the site, and sub domains for possible vulnerabilities with a web vulnerability scanner like burp-suite (automation is good).
  4. If security issues were found, then try to find a proof of concept for them.
  5. Make a good documented report for the vulnerabilities.
    • "Good" means that it is a logical report that someone else could follow/understand without knowing the full context.

So, let's start with a sample vulnerable website of acunetix: http://testphp.acunetix.com/

Screenshot from 2016-09-11 12-22-14.png

Step 1: We can use the http://builtwith.com/ website as it is an online website for finding the technologies and languages used for a website. It is up to date and I like it more than whatweb script in Kali Linux; however, we could still use whatweb in Kali Linux.  I will show you both. Go to http://builtwith.com/ and put the url http://testphp.acunetix.com/ in the input box, then click the lookup button.

Screenshot from 2016-09-11 12-34-59.png

After a second, it shows many useful tidbits of info about the given website such as the kind of WebServer, the kind of Frameworks and …

What is very important for us is the webserver and framework. We can see that the web server is nginx 1.4 and the language of the website is php.

Alternatively we can use whatweb in kali:

Screenshot from 2016-09-11 12-42-09.png

We found many useful bits of information about the website. In the next chapter we will start the burp suite scanner and go further.

Thanks!
Request Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry