starter part 6

11. Email Security

12. Achieving a web penetration testing methodology

Study

Pentest methodology

OWASP Testing Guide v4 - includes a "best practice" penetration testing framework. OWASP WSTG - is a comprehensive open source guide to testing the security of web apps.

Watch

https://www.youtube.com/watch?v=ZBi8Qa9m5c0

https://www.youtube.com/watch?v=24fHLWXGS-M

Practice

Keeping notes during a pentest

Scoping a Pentest

Web Penetration Testing

Study

Read Web For Pentester 1, 2 Web Security Generic Misconceptions https://www.proofpoint.com/us/corporate-blog/post/5-common-misconceptions-about-cybersecurity-debunked Automated vulnerability analysis with owasp zap https://owasp.org/www-community/Vulnerability_Scanning_Tools https://www.zaproxy.org/getting-started/ Applications to Automate VAPT https://khannasecurity.com/blog/automated-scanning-or-vapt-engagement-what-why-and-how/

Watch

Burpsuite Course

Practice

Using Burpsuite https://portswigger.net/burp/documentation/desktop/penetration-testing Installing Burpsuite extensions https://portswigger.net/support/how-to-install-an-extension-in-burp-suite


12.1 OWASP Top 10 Attacks

o Sensitive Data Exposure o Insecure Direct Object References o SQL Injections • Authentication Bypass Injection • Blind Injections • Error Based Injection • Union Based Injection • Stacked Query Injection • Time Based Injection o Cross Site Scripting (XSS) o Broken Authentication and Session Management o CSRF o Missing Function Level Access Control o Invalidated Redirects and Forwards o Security Misconfiguration o Using components with known vulnerabilities

12.2 Common web Vulnerabilities

-Code execution https://www.netsparker.com/blog/web-security/remote-code-evaluation-execution/ https://owasp.org/www-community/attacks/Code_Injection -Local file inclusion https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/ https://www.netsparker.com/blog/web-security/local-file-inclusion-vulnerability/ -Remote file inclusion https://www.netsparker.com/blog/web-security/remote-file-inclusion-vulnerability/ https://www.imperva.com/learn/application-security/rfi-remote-file-inclusion/ -Brute Forcing Attack https://owasp.org/www-community/controls/Blocking_Brute_Force_Attacks https://owasp.org/www-community/attacks/Brute_force_attack -Heartbleed Attack https://heartbleed.com/ https://www.youtube.com/watch?v=SgJm0C6jzbo -Shell Shock / Bashbug https://owasp.org/www-pdf-archive/Shellshock_-_Tudor_Enache.pdf https://www.netsparker.com/blog/web-security/cve-2014-6271-shellshock-bash-vulnerability-scan/ -HTTP Response Splitting https://www.youtube.com/watch?v=IcsOcWLJowY https://www.netsparker.com/blog/web-security/crlf-http-header/ -Denial Of Service Attacks https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/ https://www.youtube.com/watch?v=ilhGh9CEIwM -Arbitrary File Upload https://owasp.org/www-community/vulnerabilities/Unrestricted_File_Upload https://www.go4expert.com/articles/understanding-arbitrary-file-upload-t26351/

12.3 Web Pentesting Tryhackme Rooms (@xan0er)

13.Password cracking

-Making custom wordlists https://null-byte.wonderhowto.com/how-to/create-custom-wordlists-for-password-cracking-using-mentalist-0183992/ -Rainbow tables and where to find https://project-rainbowcrack.com/table.htm https://www.geeksforgeeks.org/understanding-rainbow-table-attack/ -Make rainbow tables https://null-byte.wonderhowto.com/how-to/create-rainbow-tables-for-hashing-algorithms-like-md5-sha1-ntlm-0193022/ https://www.ionos.com/digitalguide/server/security/rainbow-tables/ -Bruteforce attacks https://www.varonis.com/blog/brute-force-attack/ https://www.youtube.com/watch?v=fHsJAei2ocM https://www.youtube.com/watch?v=j0RjKrON8yI -Password spraying https://www.youtube.com/watch?v=vdtWh1HmQsE https://www.youtube.com/watch?v=s4ID34HEaPc https://resources.infosecinstitute.com/topic/password-spraying/ -Credential stuffing https://owasp.org/www-community/attacks/Credential_stuffing -Top wordlists: https://github.com/danielmiessler/SecLists https://github.com/swisskyrepo/PayloadsAllTheThings https://github.com/fuzzdb-project/fuzzdb


13.1 Password cracking Tryhackme Rooms (@xan0er)


Revision #4
Created Fri, Dec 18, 2020 4:07 PM by Ervelon
Updated Fri, Dec 18, 2020 4:08 PM by Ervelon