Web Penetration Testing: Step-By-Step Guide
By Radhi Shatob
()
About this ebook
This Guide is considered Entry-To-Medium level in Websites and Web Applications penetration testing, it is a good starting point for those who want to start their career as a Web Applications Penetration testers or Security analysts. Also, the book would be valuable to Information Security Managers, Systems administrators, Web administrators and Web developers who would like to understand the tools and threats that hackers pose to Websites.
This book contains step-by-step guide to 32 Web Penetration tests that are tested in the latest Kali Linux version 2020.1. It includes clear screen shots and easy to follow steps to most of Websites hacking techniques such as Website information gathering, DNS hijacking attacks, HTTP and HTTPS intercepting and decrypting, Cross Site Scripting XSS . SQL injection and more.
The Book can be used as a reference guide to Websites and Web applications penetration testers.
About the Author
Radhi Shatob is a certified information security consultant, currently provide consultations and training in information security management and Penetration testing. Has over 20 years' experience in information technology and lead many information security programs in Telecom, Financial and Oil sectors.
Related to Web Penetration Testing
Related ebooks
Burp Suite Essentials Rating: 4 out of 5 stars4/5Penetration Testing with the Bash shell Rating: 0 out of 5 stars0 ratingsIntroduction to Web Hacking: Cross-site Scripting Rating: 0 out of 5 stars0 ratingsMastering Kali Linux for Advanced Penetration Testing - Second Edition Rating: 0 out of 5 stars0 ratingsHacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsKali Linux Wireless Penetration Testing Essentials Rating: 5 out of 5 stars5/5Kali Linux Network Scanning Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsHacking of Computer Networks: Full Course on Hacking of Computer Networks Rating: 0 out of 5 stars0 ratingsLearning zANTI2 for Android Pentesting Rating: 0 out of 5 stars0 ratingsHiding Web Traffic with SSH: How to Protect Your Internet Privacy against Corporate Firewall or Insecure Wireless Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Legend: Hacking the Planet, #7 Rating: 5 out of 5 stars5/5Online Hacker Survival Guide Rating: 0 out of 5 stars0 ratingsAn Ultimate Guide to Kali Linux for Beginners Rating: 3 out of 5 stars3/5Building Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsUltimate Hacking Challenge: Hacking the Planet, #3 Rating: 5 out of 5 stars5/5Cuckoo Malware Analysis Rating: 0 out of 5 stars0 ratingsHacking: 10 Easy Beginners Tutorials on How to Hack Plus Basic Security Tips Rating: 0 out of 5 stars0 ratingsHow to Attack and Defend Your Website Rating: 0 out of 5 stars0 ratingsCyber Security for Beginners: How to Become a Cybersecurity Professional Without a Technical Background (2022 Guide for Newbies) Rating: 0 out of 5 stars0 ratingsPenetration Testing with Raspberry Pi Rating: 5 out of 5 stars5/5Learning iOS Penetration Testing Rating: 0 out of 5 stars0 ratingsBug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications Rating: 0 out of 5 stars0 ratingsPenetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools Rating: 0 out of 5 stars0 ratings
Internet & Web For You
Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Coding For Dummies Rating: 5 out of 5 stars5/5More Porn - Faster!: 50 Tips & Tools for Faster and More Efficient Porn Browsing Rating: 3 out of 5 stars3/5Introduction to Internet Scams and Fraud: Credit Card Theft, Work-At-Home Scams and Lottery Scams Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5The $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5SEO For Dummies Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Beginner's Guide To Starting An Etsy Print-On-Demand Shop Rating: 0 out of 5 stars0 ratingsTor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5How To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5200+ Ways to Protect Your Privacy: Simple Ways to Prevent Hacks and Protect Your Privacy--On and Offline Rating: 0 out of 5 stars0 ratingsThe Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsSix Figure Blogging Blueprint Rating: 5 out of 5 stars5/5The Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5How To Start A Podcast Rating: 4 out of 5 stars4/5The Internet Is Not What You Think It Is: A History, a Philosophy, a Warning Rating: 4 out of 5 stars4/5Podcasting For Dummies Rating: 4 out of 5 stars4/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5
Reviews for Web Penetration Testing
0 ratings0 reviews
Book preview
Web Penetration Testing - Radhi Shatob
Chapter 1: Lab setup
All the exercises will be done in a virtual environment inside the student laptop, using Virtual box in a Windows 10 host or Mac. In order to do all exercises comfortably the laptop should have enough RAM, CPU and Disk space. Kali Linux will be the Main attacker Virtual machine, the victims machine will be normal Windows 10 and 8 pro machine, plus Metasploitable machine which is a vulnerable Linux server and OWASP virtual machine is other Linux server meant to test webserver specifically
Laptop minimum requirement
In the book all exercise and tests will be performed in user laptop, so in order to run all Labs smoothly the laptop should meet the following requirement:
CPU: Core i5 or similar
RAM: 8G RAM (16G is recommended)
Disk space 120G
Virtual box
Virtual Box is an open source virtualization platform that provided by Oracle and it works with Windows, MAC and Linux, in this training we are going to use Virtual box as our main Virtualization platform that going to host our virtual machines that we are going to practice Penetration testing on them.
Virtual Box Installation:
Go to https://www.virtualbox.org/ and download latest version of virtual box software.
From the same page also download virtual box extension pack.
Run the virtual box software
Run virtual box extension pack software
After Virtual box installation complete, create new NAT Network
Open Virtual box software and go to File Preferences Network
Add NatNetwork
Virtual Machines installation
The Lab which we are going to use will be setup inside the virtual Box software and will contain 3 VMs:
Attacker Machine which is Kali Linux
Victim machine Windows 10
Vulnerable Web sites (Metaspoliatble )
OWASP virtual machines based on Linux)
Kali Linux
Kali Linux is an open source Debian based Linux distribution that is maintained and funded by Offensive Security, a provider of world-class information security training and penetration testing services, Kali contains several hundred of tools used for information security tasks such as Penetration testing, Security research, Computer forensics and Reverse Engineering.
Download Kali Linux Virtual Box VM from
https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/
The Kali Linux Virtual box 64-bit ova file is a readymade Virtual Machine, after finishing the downloading the file:
Right click the .ova file and open with Virtual box.
Setup name for the new Kali and the CPU, RAM then click import.
Depending in your host RAM give the Kali VM RAM, for example if your host max RAM is 8G , then give Kali 4G and if your host is 16G then give Kali 8G which the recommended configuration to run Kali smoothly without problems.
Note: Those who are familiar with previous versions of Kali Linux will find Kali version 2020 is different as no more default root access and sudo command must be used to run any privileged commands.
Start the new Kali Machine and login as
User: kali
Password: kali
Update Kali machine
Open Terminal and type
#sudo apt-get update
#sudo apt-get upgrade (depending on the internet speed the upgrade may take long time to finish)
Metasploitable Linux Virtual Machine
Metasploitable is a vulnerable Linux distro made by Rapid7. This OS contains several vulnerabilities. It is designed for penetration testers to try and hack. Rapid 7 offer this software for free for the Penetration testers community. They just need to register with Rapid 7 and then download the Metasplotable virtual machine. This is going to be one of the victims machines that we will try to hack.
You can download Metasploitable from the following link: https://information.rapid7.com/metasploitable-download.html
to install Metasploitable in Virtual Box
In Virtual BOX click on New
Give it a Name, Type= Linux, Version= Ubuntu 64k
Next and give it 512 M Ram or 1 G ram then Next
Choose Use an existing virtual hard disk file
Go to the Metasploitable file location and choose .vmdk
file
OWASP Broken Web Apps virtual machine
OWASP Broken Web Applications (BWA) Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in:
Learning about web application security
Testing manual assessment techniques
Testing automated tools
Testing source code analysis tools
Observing web attacks
Testing WAFs and similar code technologies
You can download OWASP Broken Web Apps VM from the following pagehttps://sourceforge.net/projects/owaspbwa/files/1.2/
Download OWASP_Broken_Web_Apps_VM_1.2.ova
Right click the OWASP_Broken_Web_Apps_VM_1.2.ova and open with Virtual box then import the virtual machine.
Put the OWASP VM in the NAT network
Start the OWASP VM and login=root and password=owaspbwa
Go to Kali machine and open the web browser and enter the OWASP IP address in your LAB environment.
You should get the OWASP web page
Windows Virtual machines
The below procedures explain installation of different Windows virtual machine to use in penetration testing exercises. In this book we only need Windows 10 virtual machine. However, Microsoft made many of its operating systems available as virtual machines for testing purposes with 180 days license key.
We will also install a normal windows 10 machine as a victim, we will be running our attacks against this machine.
Microsoft has released several windows virtual machines that can be downloaded from the following link (make sure you select windows 10 stable and VirtualBox)
https://developer.microsoft.com/en-us/microsoft-edge/tools/vms
download Win10.0va file
right click the file and choose open with Virtual box.
Agree on import setting
For Windows Server 2012 R download 180 days evaluation copy from Microsoft Site
Chapter 2: Introduction to Penetration Testing
What is a Penetration Testing (Pen-test)?
Penetration testing is the attack simulation on an IT system with the intention of finding security weaknesses to determine how the systems react to these attacks.
Wikipedia definition of Penetration testing Pentest is an attack on computer system with the intention of finding security weaknesses, potentially gaining access to its functionality and Data
.
CISSP definition of Penetration testing "Pentest can determine how system react to an attack, whether or not systems defenses can be breached, and what information can be acquired from the system
Cyber Security Tests and Audits
In a Cyber security point of view, we can classify the cyber security tests and audits into three parts:
Security Audits: checklist of best practices.
Vulnerability Assessments: Identifying the security holes.
Penetration Tests.
Security Audits
Computer security audits is a manual or systematic measurable technical assessment and security audits that include:
Checking systems configuration for best practices.
Interviewing staff to determine the level of security awareness of the staff.
Reviewing application and operating systems access controls.
Analysis of physical access to the systems.
Security Audits should be performed with administrative privilege.
Security Audits best practice’s
Security Audits best practices can be found through the information security stranded and controls published by many organizations around the word, below a list of well-known information security organizations that published and keep updated information security best practices, controls, check lists and tools to help organizations accomplish best cyber defense.
Here is a list of some of these organization with links to their website to obtain security controls documents and tools as all these organization offer documents and tools for free except ISO which charge fee for their standard document.
Center of Internet Security CIS ( https://www.cisecurity.org/)
US National Institute of Standards and Technology (NIST) ( https://nvd.nist.gov/ncp/repository)
International Organization for Standardization (ISO/IEC 27000 Family – Information Security management systems) https://www.iso.org/isoiec-27001-information-security.html
PCI Security Standard Council which published Payment Card Industry Data Security Standards (PCI DSS) https://www.pcisecuritystandards.org/
Vulnerability Assessment
Vulnerability assessment is the process of defining, identifying and classifying security vulnerabilities in an IT system.
vulnerability types:
Authentication Vulnerability.
Authorization Vulnerability.
Input Validation Vulnerability.
The main difference between Vulnerability Assessment and Penetration testing is that in the Vulnerability Assessment no exploitation and post exploitation is done, and you don’t know whether the finding is false-positive or true-positive.
Vulnerability Assessment Steps:
Identifying assets and building asset inventory.
Categorizing assets into groups.
Scanning assets for vulnerabilities.
Ranking risks.
Patch Management.
Follow-up remediation scans
Vulnerability Assessment Tools:
Qualys
Nessus – Tenable Security (they have free