Scribd
Upload
56 views7 pages

Web Application Pentesting Guide

The document provides an introduction to web application penetration testing, outlining prerequisites, learning objectives, and essential concepts such as web protocols, enumeration techniques, and common attack methods like SQL injection and XSS. It details various tools for testing and scanning web applications, including Gobuster, BurpSuite, and Nikto, along with installation instructions. Additionally, it explains the importance of understanding HTTP methods, response status codes, and the role of cookies and HTTPS in web security.

Uploaded by

Liju K Oommen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
56 views7 pages

Web Application Pentesting Guide

The document provides an introduction to web application penetration testing, outlining prerequisites, learning objectives, and essential concepts such as web protocols, enumeration techniques, and common attack methods like SQL injection and XSS. It details various tools for testing and scanning web applications, including Gobuster, BurpSuite, and Nikto, along with installation instructions. Additionally, it explains the importance of understanding HTTP methods, response status codes, and the role of cookies and HTTPS in web security.

Uploaded by

Liju K Oommen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

INE Training Notes - by Home Blog


syselement

COURSES EJPT - PTSV2 📒 3. WEB APPLICATION PENETRATION TESTING

Intro to Web App Pentesting


⚡ Prerequisites
• Basic Network and Cybersecurity Concepts
📕 Learning Objectives
• Understand Web protocols
• Perform webapps enumeration
• Perform SQL injection, XSS and brute-force attacks
🔬 Training list - PentesterAcademy/INE Labs
subscription required

• Web Application Basics


• Web Apps Tools of Trade

Web application penetration testing is a process of identifying and


exploiting vulnerabilities in web applications to assess their security posture.

Web and HTTP Protocol


🔗 📝 Some Web Applications Basics notes are already covered here
(from the PTSv1 Course)

🗒️ HTTP(HyperText Transfer Protocol) is a protocol used for


communication between web servers and clients, such as web browsers.
HTTP key features are:

1
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

• Client-Server Architecture
• Stateless Protocol
• Request Methods
• Status Codes ( 200 , 404 , 500 , etc)
• Headers (additional information about the request/response)
• Cookies (store info on the client-side)
• Encryption ( HTTPS )

📌 RFC 9110 - HTTP Semantics

Request Methods
HTTP defines a set of request methods to indicate the desired action to be
performed for a given resource. Commonly used HTTP requests are:

GET - retrieve data from the server

HEAD - retrieve metadata about a resource from the server

POST - submit data to the server

PUT - update an existing resource on the server

DELETE - delete a specified resource

CONNECT - establish a tunnel to the server identified by the target resource

OPTIONS - describe the communication options for a resource

TRACE - perform a message loop-back test along the path to the resource

PATCH - apply partial modifications to a resource

Response Status Codes

2
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

HTTP response status codes indicate whether a specific HTTP request has
been successfully completed. They are grouped in five classes:

• 100-199 - Informational responses


• 200-299 - Successful responses
• 300-399 - Redirection messages
• 400-499 - Client error responses
• 500-599 - Server error responses

Cookies
An HTTP cookie is a small piece of data that a server sends to a user's web
browser. The web browser may store the cookie and send it back to the
same server with later requests. Cookies are mainly used for these purposes:

• Session management
• Personalization
• Tracking

HTTPS
🗒️ HTTPS (HTTP Secure) is the encrypted version of that uses a HTTP
combination of Transport Layer Security ( TLS ) or Secure Sockets Layer
( SSL ) protocol and HTTP protocol to provide secure communication.

When a client connects to an HTTPS-enabled website, the server sends its


SSL / TLS certificate to the client. The client verifies the certificate to
ensure that it is issued by a trusted certificate authority and that it is valid. If
the certificate is valid, the client and the server establish a secure connection
using a unique session key.

🔬 There are many vulnerable testing web apps like:


• Juice Shop - Kali Install

3
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

• DVWA - Kali Install


• bWAPP
• Mutillidae II
📝 Check the HackerSploit's Web App Penetration Testing Tutorials
# bWAPP with Docker - by HackerSploit
sudo docker pull hackersploit/bwapp-docker

sudo docker run -d -p 80:80 hackersploit/bwapp-docker


# Open http://127.0.0.1/install.php

sudo docker container ls


sudo docker container stop <CONTAINER_NAME>
sudo docker container start <CONTAINER_NAME>

nmap -sV -p 80,443,3306 demossl.ine.local

Scanning & Enumeration


Directory Enumeration - Gobuster
Gobuster - a tool used to brute-force URIs including directories and files as
well as DNS subdomains.

# Kali Linux Install


sudo apt update && sudo apt install -y gobuster

# Go Install
go install github.com/OJ/gobuster/v3@latest

Directory Enumeration - BurpSuite


BurpSuite - an integrated platform for performing security testing of web
applications.

4
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

# Kali Linux Install


sudo apt update && sudo apt install -y burpsuite

🔬 Check HTTP Web App Enumeration lab covering HTTP Method and
Directory Enumeration Techniques

Scanning WebApp - ZAProxy


Zaproxy - OWASP Zed Attack Proxy (ZAP) is an easy to use integrated
penetration testing tool for finding vulnerabilities in web applications.

# Kali Linux Install


sudo apt update && sudo apt install -y zaproxy

Scanning WebApp - Nikto


Nikto - a pluggable web server and CGI scanner written in Perl, using rfp’s
LibWhisker to perform fast security or informational checks.

# Kali Linux Install


sudo apt update && sudo apt install -y nikto

🔬 Check HTTP Web App Scanning lab covering Web Apps scanning
techniques

Attacks
SQLMap - an open source penetration testing tool that automates the process
of detecting and exploiting SQL injection flaws and taking over of database
servers.

5
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

# Kali Linux Install


sudo apt update && sudo apt install -y sqlmap

XSSer (Cross-Site Scripter) - an automatic framework to detect, exploit and


report XSS vulnerabilities in web-based applications.

# Kali Linux Install


sudo apt update && sudo apt install -y xsser

SQLi
🗒️ SQL Injection attacks consist of insertion or “injection” of a query SQL
via the input data from the client to the application, allowing an attacker to
interfere with the database queries of the vulnerable web application.

• What is a SQLi? - PortSwigger

XSS
🗒️ Cross-Site Scripting (XSS) attacks are a type of injection, in which
malicious scripts are injected into otherwise benign and trusted websites,
allowing an attacker to compromise the interactions that users have with a
vulnerable application.

• How does XSS Work? - PortSwigger

🔬 Check Web App Attacks lab covering Web Apps Attacking techniques

Previous
📒 3. Web Application Penetration Testing
Next
🔬 HTTP Enumeration

6
27/03/2025, 16:59 Intro to Web App Pentesting | INE Training Notes - by syselement

Last updated 1 year ago Was this helpful?

You might also like