Unavailable
Unavailable
Unavailable
Ebook189 pages56 minutes
Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools
Rating: 0 out of 5 stars
()
Currently unavailable
Currently unavailable
About this ebook
Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. Burp suite is a java application that can be used to secure or crack web applications. The suite consists of different tools, like a proxy server, a web spider an intruder and a so-called repeater, with which requests can be automated. You can use Burp's automated and manual tools to obtain detailed information about your target applications.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.
Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:
1. Installing and Configuring BurpSuite
2. BurpSuite Intruder.
3. Installing XMAPP and DVWA App in Windows System.
4. Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.
5. Scanning Kali-Linux and Windows Using .
6. Understanding Netcat, Reverse Shells and Bind Shells.
7. Adding Burps Certificate to Browser.
8. Setting up Target Scope in BurpSuite.
9. Scanning Using BurpSuite.
10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.
11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.
12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.
13. Exploiting File Upload Vulnerability.
14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.
15. Exploiting File Inclusion Vulnerability.
16. References.
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. In this report I am using a combination of Burp tools to detect and exploit vulnerabilities in Damn Vulnerable Web App (DVWA) with low security. By default, Burp Scanner scans all requests and responses that pass through the proxy. Burp lists any issues that it identifies under Issue activity on the Dashboard. You can also use Burp Scanner to actively audit for vulnerabilities. Scanner sends additional requests and analyzes the application's traffic and behavior to identify issues.
Various examples are outlined in this report for different types of vulnerabilities such as: SQL injection, Cross Site Request Forgery (CSRF), Cross-site scripting, File upload, Local and Remote File Inclusion. I tested various types of penetration testing tools in order to exploit different types of vulnerabilities. The report consists from the following parts:
1. Installing and Configuring BurpSuite
2. BurpSuite Intruder.
3. Installing XMAPP and DVWA App in Windows System.
4. Installing PHP, MySQL, Apache2, Python and DVWA App in Kali Linux.
5. Scanning Kali-Linux and Windows Using .
6. Understanding Netcat, Reverse Shells and Bind Shells.
7. Adding Burps Certificate to Browser.
8. Setting up Target Scope in BurpSuite.
9. Scanning Using BurpSuite.
10. Scan results for SQL Injection Vulnerability with BurpSuite and Using SQLMAP to Exploit the SQL injection.
11. Scan Results for Operating System Command Injection Vulnerability with BurpSuite and Using Commix to Exploit the OS Command Injection.
12. Scan Results for Cross Side Scripting (XSS) Vulnerability with BurpSuite, Using Xserve to exploit XSS Injection and Stealing Web Login Session Cookies through the XSS Injection.
13. Exploiting File Upload Vulnerability.
14: Exploiting Cross Site Request Forgery (CSRF) Vulnerability.
15. Exploiting File Inclusion Vulnerability.
16. References.
Unavailable
Related to Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools
Related ebooks
Penetration Testing of Computer Networks Using Burpsuite and Various Penetration Testing Tools Rating: 0 out of 5 stars0 ratingsPenetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools Rating: 0 out of 5 stars0 ratingsWeb Penetration Testing: Step-By-Step Guide Rating: 0 out of 5 stars0 ratingsA Complete Guide to Burp Suite: Learn to Detect Application Vulnerabilities Rating: 0 out of 5 stars0 ratingsPractical ASP.NET Web API Rating: 0 out of 5 stars0 ratingsDeveloping Software Installers Rating: 0 out of 5 stars0 ratingsPIC Projects for Non-Programmers Rating: 4 out of 5 stars4/5ETHICAL HACKING GUIDE-Part 3: Comprehensive Guide to Ethical Hacking world Rating: 0 out of 5 stars0 ratingsBug Bounty Hunting for Web Security: Find and Exploit Vulnerabilities in Web sites and Applications Rating: 0 out of 5 stars0 ratingsComputer Productivity Book 3. Use AutoHotKey to License & Deploy Your Scripts to Sell: AutoHotKey productivity, #3 Rating: 0 out of 5 stars0 ratingsThe Browser Hacker's Handbook Rating: 0 out of 5 stars0 ratingsHow to Attack and Defend Your Website Rating: 0 out of 5 stars0 ratingsJavaScript Programming: 3 In 1 Security Design, Expressions And Web Development Rating: 0 out of 5 stars0 ratingsEvaluation of Some Android Emulators and Installation of Android OS on Virtualbox and VMware Rating: 0 out of 5 stars0 ratingsHacking of Computer Networks: Full Course on Hacking of Computer Networks Rating: 0 out of 5 stars0 ratingsUmbraco User's Guide Rating: 4 out of 5 stars4/5SRS - How to build a Pen Test and Hacking Platform Rating: 2 out of 5 stars2/5Footprinting, Reconnaissance, Scanning and Enumeration Techniques of Computer Networks Rating: 0 out of 5 stars0 ratingsHiding Web Traffic with SSH: How to Protect Your Internet Privacy against Corporate Firewall or Insecure Wireless Rating: 0 out of 5 stars0 ratingsHack into your Friends Computer Rating: 0 out of 5 stars0 ratingsCommon Windows, Linux and Web Server Systems Hacking Techniques Rating: 0 out of 5 stars0 ratingsJava: Tips and Tricks to Programming Code with Java Rating: 0 out of 5 stars0 ratingsJava: Tips and Tricks to Programming Code with Java: Java Computer Programming, #2 Rating: 0 out of 5 stars0 ratingsAtomic Kotlin Rating: 0 out of 5 stars0 ratingsPC Computer Security & Backup Guide: How to Secure & Backup Your PC with Antivirus & Malware Software Rating: 0 out of 5 stars0 ratingsFundamentals of Security in the Windows System Rating: 0 out of 5 stars0 ratingsBurp Suite Essentials Rating: 4 out of 5 stars4/5Wordpress Security + Multi-Backups Rating: 0 out of 5 stars0 ratings
System Administration For You
Linux Commands By Example Rating: 5 out of 5 stars5/5Learn PowerShell in a Month of Lunches, Fourth Edition: Covers Windows, Linux, and macOS Rating: 0 out of 5 stars0 ratingsLinux Bible Rating: 0 out of 5 stars0 ratingsIaC Mastery: Infrastructure As Code: Your All-In-One Guide To Terraform, AWS, Azure, And Kubernetes Rating: 0 out of 5 stars0 ratingsPractical Data Analysis Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Mastering Linux Shell Scripting Rating: 4 out of 5 stars4/5PowerShell: A Beginner's Guide to Windows PowerShell Rating: 4 out of 5 stars4/5Learning Microsoft Endpoint Manager: Unified Endpoint Management with Intune and the Enterprise Mobility + Security Suite Rating: 0 out of 5 stars0 ratingsLinux Command-Line Tips & Tricks Rating: 0 out of 5 stars0 ratingsWordpress 2023 A Beginners Guide : Design Your Own Website With WordPress 2023 Rating: 0 out of 5 stars0 ratingsLinux: Learn in 24 Hours Rating: 5 out of 5 stars5/5CompTIA A+ Complete Review Guide: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 5 out of 5 stars5/5Mastering Windows PowerShell Scripting Rating: 4 out of 5 stars4/5Ubuntu 20.04 Essentials: A Guide to Ubuntu 20.04 Desktop and Server Editions Rating: 0 out of 5 stars0 ratingsPowerShell: A Comprehensive Guide to Windows PowerShell Rating: 4 out of 5 stars4/5Learn Cisco Network Administration in a Month of Lunches Rating: 0 out of 5 stars0 ratingsLinux: A Comprehensive Guide to Linux Operating System and Command Line Rating: 0 out of 5 stars0 ratingsBash Command Line Pro Tips Rating: 5 out of 5 stars5/5ServiceNow IT Operations Management Rating: 5 out of 5 stars5/5Learn PowerShell Scripting in a Month of Lunches Rating: 0 out of 5 stars0 ratingsHow To Speed Up Computer: Your Step-By-Step Guide To Speeding Up Computer Rating: 0 out of 5 stars0 ratingsLearn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsMastering Microsoft Endpoint Manager Rating: 0 out of 5 stars0 ratingsLearning Linux Shell Scripting Rating: 4 out of 5 stars4/5Networking for System Administrators: IT Mastery, #5 Rating: 5 out of 5 stars5/5Linux for Beginners: Linux Command Line, Linux Programming and Linux Operating System Rating: 4 out of 5 stars4/5
Reviews for Penetration Testing of Computer Networks Using BurpSuite and Various Penetration Testing Tools
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews