Introduction to Web Application Attacks

• There are 3 different methods of performing a web application pentest:

White-Box

• White-box testing describes scenarios in which we have unconstrained access to the application's source code, the infrastructure it resides on, and its design documentation.

• The skills required for white-box testing include source code and application logic review, among others.

• This testing methodology might take a longer time, relative to the size of the code base being reviewed.

Grey-Box

• Grey-box testing occurs whenever we are provided with limited information on the target's scope, including authentication methods, credentials, or details about the framework.

Black-Box

• Black-box testing (also known as a zero-knowledge test) provides no information about the target application, meaning it's essential for the tester to invest significant resources into the enumeration stage.

• sudo nmap -p80 --script=http-enum <IP Address> - Basic HTTP enumeration.

• gobuster dir -u <IP Address> -w /usr/share/wordlists/dirb/common.txt - Basic directory enumeration.

• Wappalyzer is a tool that can be used to discover the technologies used in a website (Available as an extension and also as a web interface where a link can be provided)

• Once we have discovered an application running on a web server, our next step is to map all its publicly-accessible files and directories.

• Gobuster is a tool that can help us with this sort of enumeration. It uses wordlists to discover directories and files on a server through brute forcing.

• gobuster dir -u <IP Address> -w /usr/share/wordlists/dirb/common.txt - Basic Directory/File enumeration

• Burp Suite is a GUI-based integrated platform for web application security testing. It provides several different tools via the same user interface.