In this article, I will be guiding you to web application penetration testing. By reading this article you will understand what web application penetration testing is, What are the different types of vulnerabilities in web applications? and how to start your web application testing journey.
Web Application Penetration Testing:
Web Application Penetration Testing consists of methods, processes, or techniques to find different types of vulnerabilities or bugs in a web application. A person who conducts web application penetration testing is called a web application penetration tester or bug hunter.
There are different types of Vulnerabilities or bugs in a website some of them are:
- Code Injection
- Cross-Site Scripting (XSS)
- Open Redirect
- HTML Injection etc
How to do a Web Application Penetration Testing?
There are different techniques used in web application penetration testing
Finding Subdomains:
In order to do web application penetration testing first we have to find a subdomain of a website.
For Example: If there is a website called example.com,example.com is the main domain of this site. xyz.example.com, abc.example.com, etc are the subdomains of this website.
Finding directories or sub-directories of a website:
After finding subdomains, Then in every subdomain, we will find subpaths or directories like admin, users, backup, dashboard, etc
Through this technique, we can find different types of critical files like configuration files and password files etc.
For Example:
example.com/admin
example.com/users
example.com/dashboard
Through Google Dorking:
You can use Google, In order to find different types of vulnerable websites by applying different types of Google Dorking techniques.
There are two types of testing on a website:
- Automated Testing
- Manual Testing
Automated Testing:
In Automated Testing, we are using different types of tools or scripts to test web applications. In automated Testing we are only providing the domain name of a website then a tool automatically
find different types of subdomains, directories, response codes, etc.
Manual Testing:
In Manual Testing mostly burp suite is used, It is a proxy tool that is used to intercept the request of a web application, like what type of request is sent by our browser to the server and what type of response is received to the browser from a server. These tools can also be used to execute different types of attacks.
OWASP TOP 10:
Open Web Application Security Project is a non-profit organization that has divided different types of vulnerabilities into the top 10 categories according to their severities or damages if exploited.
Like SQL Injection, and Code Injection these are critical bugs in the top 1.
If you are planning to know about web application penetration testing or bug bounty hunting then you should know about OWASP TOP 10. By knowing about OWASP’s TOP 10 vulnerabilities you can find different types of bugs.
There are different types of vulnerable web applications available if you want to start your web application penetration testing journey.
List of Vulnerable Web Applications:
- DVWA
- BWAPP
What Tools are required to start learning web application penetration testing?
In order to learn web application penetration testing these two things are required.
- Kali Linux
- Metasploitable
Kali Linux:
Kali is a penetration testing distribution that most penetration testers use it for different types of penetration testing purposes, It contains different types of tools and it is an open source that is maintained by Offensive Security.
Metasploitable:
Metasploitable is a vulnerable Linux distribution that contains a vulnerable app called DVWA(Damn Vulnerable Web APP). DVWA is a vulnerable application that is created for learning web application penetration testing.
How to Download Metasploitable?
Click on the below link to download Metasploitable 2
https://sourceforge.ent/projects/metasploitable/files/Metasploitable2/
How to install Metaploitable 2?
- First, you have to download Metasploitable 2 from the given link above
- When downloaded then unzip it
- After unzipping it, import it to your Virtual box or VMware
- The default username for Metasploitable is msfadmin and the default password for Metasploitable is msfadmin
More information will be shared in part 2 of this article stay tuned.
Follow me on LinkedIn: