Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Web Application Penetration Testing
In this course, Cybrary subject matter expert, Raymond Evans, takes you on a wild and fascinating journey into the cyber security discipline of web application pentesting. This is a very hands-on and somewhat advanced course that will require that you set up your own pentesting environment. You're also expected to have a basic understanding of Linux and be comfortable working with the command line. In addition, you should have familiarity with virtualized environments such as VMWare or VirtualBox and also understand how to configure a browser's proxy settings. But don't let these requirements deter you. Rolling up your sleeves and getting down and dirty with the tools of the trade will make you a better web application pentester! Course Outline: - HTTP and HTTPS basics – these protocols are the foundation of communication for web apps and understanding the various requests, responses, and status codes are fundamental to the course. We also examine packet structure and how packets can be manipulated by attackers.
- Why sites get hacked – sites get hack for a number of reasons. The main ones are because websites provide a large attack surface and the technologies that run on them are subject to common vulnerabilities such as SQLI, XSS, LFI, and RFI. These attack vectors are discussed in greater detail later in the course.
- Hacker methodology – the steps followed by an attacker which consist of footprinting, scanning, enumeration, gaining access, maintaining access, and covering one's tracks. A host of essential tools are presented throughout the course that should be in every pentester's toolbox. Manual and automated approaches are presented for each type of process.
- SQLI – structured query language injection is a common exploit that takes advantage of improperly-filtered user input. Escape characters such as single and double quotes can then be inserted or "injected" into URL query strings to form basic SQL queries. Such queries can be used to dump a database, modify or delete individual tables or even the entire database!
- XSS – cross site scripting takes advantage of a client-side vulnerability that allows an attacker to inject code that can execute malicious scripts. Like SQLI, it exploits improperly-filtered user input. The malicious scripts can hijack session cookies and tokens as well as steal other sensitive information from a compromised site.
- LFI and RFI – local file inclusion and remote file inclusion respectively, are attacks where malicious files are installed on a vulnerable server. One (LFI) performs the exploit locally on the host and the other (RFI) uploads them remotely. Common exploits of this type are backdoors, key loggers, malware distribution, and bots.
- Reporting best practices – this is what sets straight-up hackers apart from the professionals. Presenting well-written testing plans up front to a client heads off any confusion and ill-will that may result from pentesting. A final report upon the completion of testing details what was done, what vulnerabilities were discovered, and recommendations for how to resolve any vulnerabilities that were found during testing.